Re: Intent to ship: CSP Violation DOM Events

2018-07-19 Thread amarchesini
I'm going to enable CSP Violation Events by default in Firefox 63. Bug 1432523. I and ckerschb have done a good job to make our code compliant with the latest CSP3 spec and we pass (almost) all the related WPT tests. The only remaining bit is related to (bug 1473630) but we decided to work on

Re: Intent to ship: CSP Violation DOM Events

2017-11-17 Thread Daniel Veditz
On Fri, Nov 17, 2017 at 9:25 AM, James Graham wrote: > On 17/11/17 16:06, Daniel Veditz wrote: > >> We fail many of the existing CSP web platform tests, despite having >> implemented most of the features, because they were written to use the >> violation events to check the results.​ >> >> Is tha

Re: Intent to ship: CSP Violation DOM Events

2017-11-17 Thread James Graham
On 17/11/17 16:06, Daniel Veditz wrote: On Fri, Nov 17, 2017 at 2:01 AM, James Graham > wrote: Do we have cross-browser (i.e. web-platform) tests covering this feature? We fail many of the existing CSP web platform tests, despite having implemented most

Re: Intent to ship: CSP Violation DOM Events

2017-11-17 Thread smaug
On 11/17/2017 12:55 AM, Chung-Sheng Fu wrote: Content Security Policy suggests Security Policy Violation DOM Events [1]. In case any of the directives within a policy are violated, such a SecurityPolicyViolationEvent is generated and sent out to a reporting endpoint associated with the policy. We

Re: Intent to ship: CSP Violation DOM Events

2017-11-17 Thread Daniel Veditz
On Fri, Nov 17, 2017 at 2:01 AM, James Graham wrote: > Do we have cross-browser (i.e. web-platform) tests covering this feature? We fail many of the existing CSP web platform tests, despite having implemented most of the features, because they were written to use the violation events to check t

Re: Intent to ship: CSP Violation DOM Events

2017-11-17 Thread Ethan Tseng
On Fri, Nov 17, 2017 at 6:01 PM, James Graham wrote: > On 17/11/17 05:55, Chung-Sheng Fu wrote: > >> Content Security Policy suggests Security Policy Violation DOM Events [1]. >> In case any of the directives within a policy are violated, such a >> SecurityPolicyViolationEvent is generated and se

Re: Intent to ship: CSP Violation DOM Events

2017-11-17 Thread James Graham
On 17/11/17 05:55, Chung-Sheng Fu wrote: Content Security Policy suggests Security Policy Violation DOM Events [1]. In case any of the directives within a policy are violated, such a SecurityPolicyViolationEvent is generated and sent out to a reporting endpoint associated with the policy. We are

Intent to ship: CSP Violation DOM Events

2017-11-16 Thread Chung-Sheng Fu
Content Security Policy suggests Security Policy Violation DOM Events [1]. In case any of the directives within a policy are violated, such a SecurityPolicyViolationEvent is generated and sent out to a reporting endpoint associated with the policy. We are working on implementing those violation eve