Confirmed users
26
edits
Platform/2014-05-20: Difference between revisions
→Seceng (mmc)
| Line 255: | Line 255: | ||
===Seceng (mmc)=== | ===Seceng (mmc)=== | ||
<!-- Read only update this week? Uncomment the following line--> | <!-- Read only update this week? Uncomment the following line--> | ||
<-- {{readonly}} --> | <!-- {{readonly}} --> | ||
* Ability to test testing public key pins landed last night. We want testers to set "security.cert_pinning.enforcement_level" to 3 and see what breaks, telemetry says errors are less than 10^-4 so we are feeling good about | * Ability to test testing public key pins landed last night. We want testers to set "security.cert_pinning.enforcement_level" to 3 and see what breaks, telemetry says errors are less than 10^-4 so we are feeling good about going to production soon. | ||
* {{bug|973837}} has landed and been uplifted to Beta. It blocks view-source URI's in the data attribute on <object>, which prevents a variant of the same security hole that necessitated blocking the URI on iframes a few months ago. | * {{bug|973837}} has landed and been uplifted to Beta. It blocks view-source URI's in the data attribute on <object>, which prevents a variant of the same security hole that necessitated blocking the URI on iframes a few months ago. | ||