W3C home > Mailing lists > Public > public-web-security@w3.org > January 2011

Re: More on XSS mitigation (was Re: XSS mitigation in browsers)

From: Brandon Sterne <bsterne@mozilla.com>
Date: Mon, 24 Jan 2011 13:13:46 -0800
Message-ID: <4D3DEB8A.3020404@mozilla.com>
To: Gervase Markham <gerv@mozilla.org>
CC: Devdatta Akhawe <dev.akhawe@gmail.com>, John Wilander <john.wilander@owasp.org>, Michal Zalewski <lcamtuf@coredump.cx>, gaz Heyes <gazheyes@gmail.com>, Adam Barth <w3c@adambarth.com>, public-web-security@w3.org
On 01/24/2011 10:29 AM, Gervase Markham wrote:
> Did you communicate with the Bugzilla development team while doing this?
> I didn't see anything cross the mailing list... Getting Bugzilla in a
> state where it can have a CSP policy would be a great thing. Why not
> file a bug about it?

The bug exists, but is not moving as quickly as some of us would like:
https://bugzilla.mozilla.org/show_bug.cgi?id=600692

-Brandon
Received on Monday, 24 January 2011 21:15:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 24 January 2011 21:15:54 GMT