SummerOfCode/2012/UserCSP/WeeklyUpdates/2012-06-18: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(Created page with "{{subst:WeeklyUpdates}}")
 
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
<small>[[WeeklyUpdates/{{#time:Y-m-d|{{SUBPAGENAME}} -1 week}}|« previous week]] | [[WeeklyUpdates|index]] | [[WeeklyUpdates/{{#time:Y-m-d|{{SUBPAGENAME}} +1 week}}|next week »]]</small>
<small>[[WeeklyUpdates/{{#time:Y-m-d|{{SUBPAGENAME}} -1 week}}|« previous week]] | [[WeeklyUpdates|index]] | [[WeeklyUpdates/{{#time:Y-m-d|{{SUBPAGENAME}} +1 week}}|next week »]]</small>


{{conf|8600}}


__TOC__
__TOC__


= All-hands Status Meeting Agenda =
Items in this section will be shared during the live all-hand status meeting.
== Friends of the Tree [[Image:Tree.gif|Friends of the Tree]] ==
== Upcoming Events ==


=== This Week ===
=== This Week ===


=== Monday, {{#time:d F|{{SUBPAGENAME}}}} ===
=== Monday, {{#time:d F|{{SUBPAGENAME}}}} ===
* Tested "X-Content-Security-Policy" header injection
** Use google.co.in for testing and block images from google by setting img-src directive in CSP rules. I observed that userCSP add-on successfully injected "X-Content-Security-Policy" header in Google response web page and images from google were blocked.
** I also created two websites in virtual machine for testing purpose namely "a.com" and "b.com". A webpage from "a.com" loads scripts and images from both "a.com" as well as "b.com".  Using userCSP add-on, I set img-src and script-src to "a.com" for webpages from "a.com". Thus userCSP add-on sucessfully block resources from "b.com" to be loaded.


=== Tuesday, {{#time:d F|{{SUBPAGENAME}} +1 day}} ===
=== Tuesday, {{#time:d F|{{SUBPAGENAME}} +1 day}} ===
* Google search on mozilla idl's to implement combine strict and combine loose functionality when two csp policies are available.


=== Wednesday, {{#time:d F|{{SUBPAGENAME}} +2 days}} ===
=== Wednesday, {{#time:d F|{{SUBPAGENAME}} +2 days}} ===
* Reading "ContentSecurityPolicy" idl
**http://mxr.mozilla.org/mozilla-central/source/content/base/public/nsIContentSecurityPolicy.idl#99


=== Thursday, {{#time:d F|{{SUBPAGENAME}} +3 days}} ===
=== Thursday, {{#time:d F|{{SUBPAGENAME}} +3 days}} ===


=== Friday, {{#time:d F|{{SUBPAGENAME}} +4 days}} ===
=== Friday, {{#time:d F|{{SUBPAGENAME}} +4 days}} ===
 
* Created a global table to store complete csp policy for website defined CSP and user specified CSP.
=== Next Week ===
 
== Product Status Updates (voice updates) ==
 
=== Firefox Desktop ===
''Speaker Location:''
 
=== Firefox Mobile ===
''Speaker Location:''
 
=== Thunderbird ===
''Speaker Location:''
 
=== Older Branch Work ===
''Speaker Location:''
 
=== Webmaker ===
''Speaker Location:''
 
=== Identity ===
''Speaker Location:''
 
=== Services ===
''Speaker Location:''
 
== Speakers ==
 
The limit is 3 minutes per speaker.  It's like a lightning talk, but don't feel that you have to have slides in order to make a presentation.
 
{| class="fullwidth-table"
|-
!  Title
!  Presenter
!  Topic
!  Media
!  More Details
|-
| Your Title Here
| Your Name Here
| What are you going to talk about?
| Links to slides or images you want displayed on screen
| Link to where audience can find out more information
|-
|}
 
== Introducing New Hires ==
{| class="fullwidth-table"
|-
!  New Hire
!  Introduced by
!  Speaker location
!  Will be working on
|-
| ''Who is the new hire?''
| ''Who will be introducing that person?''
| ''From which office will that introduction be transmitted?''
| ''What will the new person be working on?''
|-
<!-- Insert new rows here -->
|-
|}
 
== Introducing New Interns ==
{| class="fullwidth-table"
|-
!  New Intern
!  Introduced by
!  Speaker location
!  Will be working on
|-
| ''Who is the new intern?''
| ''Who will be introducing that person?''
| ''From which office will that introduction be transmitted?''
| ''What will the new person be working on?''
|-
<!-- Insert new rows here -->
|-
|}
 
== Roundtable ==
 
= &lt;meta&gt; =
 
Notes and non-voice status updates that aren't part of the live meeting go here.
 
== Status Updates By Team (*non-voice* updates) ==
 
=== Firefox ===
 
=== Platform ===
 
=== Services ===
 
=== Messaging ===
 
=== Mobile ===
 
=== IT ===
 
=== Release Engineering ===
 
=== QA ===
 
==== Test Execution ====
 
==== WebQA ====
 
==== QA Community ====
 
=== Automation & Tools ===
 
=== Security ===
 
=== Engagement ===
 
==== PR ====
 
==== Events ====
 
==== Creative Team ====
 
==== Community Marketing ====
 
=== Support ===
 
=== Metrics ===
 
=== Evangelism ===
 
=== Labs ===
 
=== Apps ===
 
=== Developer Tools ===
 
=== Add-ons ===
 
=== Webdev ===
 
=== L10n ===
 
=== People Team ===
 
=== WebFWD ===
 
== Foundation Updates ==

Latest revision as of 05:37, 26 June 2012

« previous week | index | next week »



This Week

Monday, 18 June

  • Tested "X-Content-Security-Policy" header injection
    • Use google.co.in for testing and block images from google by setting img-src directive in CSP rules. I observed that userCSP add-on successfully injected "X-Content-Security-Policy" header in Google response web page and images from google were blocked.
    • I also created two websites in virtual machine for testing purpose namely "a.com" and "b.com". A webpage from "a.com" loads scripts and images from both "a.com" as well as "b.com". Using userCSP add-on, I set img-src and script-src to "a.com" for webpages from "a.com". Thus userCSP add-on sucessfully block resources from "b.com" to be loaded.

Tuesday, 19 June

  • Google search on mozilla idl's to implement combine strict and combine loose functionality when two csp policies are available.

Wednesday, 20 June

Thursday, 21 June

Friday, 22 June

  • Created a global table to store complete csp policy for website defined CSP and user specified CSP.
Retrieved from "https://wiki.allizom.org/index.php?title=SummerOfCode/2012/UserCSP/WeeklyUpdates/2012-06-18&oldid=445511"