User Agent: Mozilla/5.0 (X11; Linux i686; rv:16.0) Gecko/20100101 Firefox/16.0 Build ID: 20120911232325 Steps to reproduce: In Firefox Nightly 17a2, opening a local phpMyAdmin session. Actual results: In Firefox Nightly 17a1, the phpMyAdmin frameset does not load. Instead, each subframe shows an error message stating: "Blocked by Content Security Policy This page has a content security policy that prevents it from being embedded in this way. Nightly prevented this page from loading in this way because the page has a content security policy that disallows it." Expected results: Opening a local phpMyAdmin session. In Firefox Aurora 16a2, the frameset displays properly.

The previous bug about this issue was bug 784315.

and as far as I can tell bug 784315 is only foxed for FF18

My problem was appearing on ONE of two identical servers using ff-17a2 and phpmyadmin-3.5.2.2, on a 3 virtual servers apache configuration. After reading all the stories and use of Content-Security-Policy, the faulty server was routing "localhost/phpmyadmin" iso "psrcom.localhost/phpmyadmin" ...which is not accepted by CSP on ff-17 but is accepted on ff-16. I am far from gurus of this field, so, could somebody tell me where is the fault: phpmyadmin X-Content-Security-Policy or CSP interpretation in ff-16 or ff-17. The problem is solved for me by routing with a dot server name iso localhost, BUT is it NORMAL ? !

Why have you reopend this bug report ? The fault is not in your configuration, it's a bug in Gecko/Firefox that is already fixed on trunk but not in FF17 The symptoms of your report and bug 784315 are matching (single token host). Please do not reopen this report unless you still get the issue with a build that contains the fix of bug 784315