MozillaWiki

SecurityEngineering/CSP Radar: Difference between revisions

Page Discussion

SecurityEngineering/CSP Radar (view source)

Revision as of 01:30, 29 June 2013

168 bytes removed ,  29 June 2013
→‎ACTIONS
 
Line 39: Line 39:
* figure out if W3C test suite failures are legit - file bugs for the failures that are  
* figure out if W3C test suite failures are legit - file bugs for the failures that are  
** Brad Hill test suite: http://webappsec-test.info/web-platform-tests/CSP/
** Brad Hill test suite: http://webappsec-test.info/web-platform-tests/CSP/
* needs confirmation - Bug in Content Security Policy for setInterval and setTimeout when argument is a function - https://bugzilla.mozilla.org/show_bug.cgi?id=699586
* needs confirmation - Verify that content added by XSLT stylesheet is subject to document's CSP - https://bugzilla.mozilla.org/show_bug.cgi?id=663567
* needs confirmation - Verify that content added by XSLT stylesheet is subject to document's CSP - https://bugzilla.mozilla.org/show_bug.cgi?id=663567
* needs confirmation - EventSource needs to be restricted using connect-src directive https://bugzilla.mozilla.org/show_bug.cgi?id=802872 - test to make sure it isn't already
* needs confirmation - EventSource needs to be restricted using connect-src directive https://bugzilla.mozilla.org/show_bug.cgi?id=802872 - test to make sure it isn't already
Imelven
Confirmed users
197

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/671496"