Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-11 20:35:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 679772 - Send cookies and HTTP auth with CSP report requests, r=dveditz

Browse Source
This commit is contained in:
Brandon Sterne 2011-08-24 09:53:56 -07:00
parent 872f549d6a
commit 6966c670a3
1 changed files with 0 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
content/base/src/contentSecurityPolicy.js
View File

@ -312,12 +312,6 @@ ContentSecurityPolicy.prototype = {
req.upload.addEventListener("error", failure, false);
req.upload.addEventListener("abort", failure, false);
// make request anonymous
// This prevents sending cookies with the request,
// in case the policy URI is injected, it can't be
// abused for CSRF.
req.channel.loadFlags |= Ci.nsIChannel.LOAD_ANONYMOUS;
req.send(JSON.stringify(report));
CSPdebug("Sent violation report to " + uris[i]);
} catch(e) {