content/base/test/csp/file_multi_policy_injection_bypass.html@129ffea94266 (annotated)
content/base/test/csp/file_multi_policy_injection_bypass.html
Sat, 03 Jan 2015 20:18:00 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Sat, 03 Jan 2015 20:18:00 +0100
- branch
- TOR_BUG_3246
- changeset 7
- 129ffea94266
- permissions
- -rw-r--r--
Conditionally enable double key logic according to:
private browsing mode or privacy.thirdparty.isolate preference and
implement in GetCookieStringCommon and FindCookie where it counts...
With some reservations of how to convince FindCookie users to test
condition and pass a nullptr when disabling double key logic.
| michael@0 | 1 | <html> |
| michael@0 | 2 | <!-- |
| michael@0 | 3 | https://bugzilla.mozilla.org/show_bug.cgi?id=717511 |
| michael@0 | 4 | --> |
| michael@0 | 5 | <body> |
| michael@0 | 6 | <!-- these should be stopped by CSP after fixing bug 717511. :) --> |
| michael@0 | 7 | <img src="http://example.org/tests/content/base/test/file_CSP.sjs?testid=img_bad&type=img/png"> </img> |
| michael@0 | 8 | <script src='http://example.org/tests/content/base/test/file_CSP.sjs?testid=script_bad&type=text/javascript'></script> |
| michael@0 | 9 | |
| michael@0 | 10 | <!-- these should load ok after fixing bug 717511. :) --> |
| michael@0 | 11 | <img src="file_CSP.sjs?testid=img_good&type=img/png" /> |
| michael@0 | 12 | <script src='file_CSP.sjs?testid=script_good&type=text/javascript'></script> |
| michael@0 | 13 | |
| michael@0 | 14 | </body> |
| michael@0 | 15 | </html> |
