Closed Bug 1806080 Opened 2 years ago Closed 2 years ago

Mixed content level 2 makes csp directive: "block-all-mixed-content" obsolete

Categories

(Core :: DOM: Security, task, P3)

Product:
Core
Component:
DOM: Security
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
112 Branch
Tracking Flags:
Tracking Status
firefox112 --- fixed

People

(Reporter: t.yavor, Assigned: freddy)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file)

Bug 1806080 - Mixed content level 2 makes csp directive: block-all-mixed-content obsolete. r=freddyb
(deleted), text/x-phabricator-request
Details

If mixed content level 2 is enabled we should disabled the "block-all-mixed-content" CSP directive according to the standard (W3C)

Assignee: nobody → lyavor
Depends on: 1806114
No longer depends on: 1806114
Severity: -- → S3
Priority: -- → P3
Whiteboard: [domsecurity-active]
Attachment #9308675 - Attachment description: WIP: Bug 1806080 - Mixed content level 2 makes csp directive: block-all-mixed-content obsolete. r=freddyb → Bug 1806080 - Mixed content level 2 makes csp directive: block-all-mixed-content obsolete. r=freddyb
Blocks: 1817214
Pushed by fbraun@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/b98fe323e6b2 Mixed content level 2 makes csp directive: block-all-mixed-content obsolete. r=freddyb

Stealing. This should be simple enough to drag over the finish line.

Assignee: t.yavor → fbraun
Flags: needinfo?(t.yavor)
Pushed by fbraun@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/8f908328348e Mixed content level 2 makes csp directive: block-all-mixed-content obsolete. r=freddyb

https://hg.mozilla.org/mozilla-central/rev/8f908328348e

Status: NEW → RESOLVED
Closed: 2 years ago
status-firefox112: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 112 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: