mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-27 06:43:32 +00:00
da762ea8c3
Updated Content Security Policy reporting to align with current W3C reporting standards. Reporting now supports the usage of the report-to directive, which utilizes a client's response header field to determine where a report should be sent upon a content security policy violation occurring. Unlike the previous report-uri directive, which parsed endpoint URIs directly from the response header, report-to utilizes endpoint groups to store the URIs that will receive the report. This patch handles the reception of a CSP violation, creation of a report from said violation, and report delivery, while the parsing of the endpoint URIs are handled by D193461. While the deprecated report-uri directive remains supported, it is now only used for reporting if a client does not specify a report- to header. Differential Revision: https://phabricator.services.mozilla.com/D197480 |
||
---|---|---|
.. | ||
gtest | ||
browser_cleanup.js | ||
browser.toml | ||
common_deprecated.js | ||
delivering.sjs | ||
empty.html | ||
iframe_delivering.html | ||
mochitest.toml | ||
test_delivering.html | ||
test_deprecated.html | ||
test_memoryPressure.html | ||
worker_delivering.js | ||
worker_deprecated.js |