Closed
Bug 1345238
Opened 7 years ago
Closed 7 years ago
CSP: Please avoid using deprecated X-* headers.
Categories
(bugzilla.mozilla.org :: General, enhancement)
Tracking
()
VERIFIED
FIXED
People
(Reporter: dylan, Assigned: seban)
Details
Attachments
(1 file)
"Note: It is known that having both Content-Security-Policy and X-Content-Security-Policy or X-Webkit-CSP causes unexpected behaviours on certain versions of browsers. Please avoid using deprecated X-* headers." https://content-security-policy.com/ We send all three. Should we fix this?
Flags: needinfo?(april)
Comment 1•7 years ago
|
||
There's no reason to use anything but just Content-Security-Policy at this point.
Flags: needinfo?(april)
Reporter | ||
Updated•7 years ago
|
Severity: normal → enhancement
Status: UNCONFIRMED → NEW
Ever confirmed: true
Reporter | ||
Updated•7 years ago
|
Assignee: nobody → sebastinssanty
Reporter | ||
Comment 2•7 years ago
|
||
Attachment #8845642 -
Flags: review+
Reporter | ||
Comment 3•7 years ago
|
||
To git@github.com:mozilla-bteam/bmo.git a312a33e3..f25ef8dde master -> master
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Comment 5•7 years ago
|
||
(In reply to April King [:April] from comment #1) > There's no reason to use anything but just Content-Security-Policy at this > point. I've filed: https://github.com/mozilla/http-observatory/issues/223
You need to log in
before you can comment on or make changes to this bug.
Description
•