26 Sep
2011
26 Sep
'11
1:23 a.m.
Le 2011-09-25 11:37, Piotr Przybylski a écrit :
2011/9/25 Marc Delisle <marc(a)infomarc.info>fo>:
Good fix, thanks.
--
Marc Delisle
http://infomarc.info
Le 2011-09-25 06:18, Marc Delisle a écrit :
Looks like it's caused by CSP specs change:
https://bugzilla.mozilla.org/show_bug.cgi?id=631040
Instead of changing our security policy I removed all remaining
"javascript:" links in QA_3_4.
Le 2011-09-24 14:30, Rouslan Placella a écrit :
Piotr,
any idea about this issue?
(see commit 612598fe7fbc6c6cf6305a798e9b48b435ea7a91)
On Sat, 2011-09-24 at 10:54 -0400, Marc Delisle
wrote:
> Hi,
>
> In the 3.4 family (QA_3_4) running on my test server, when testing the
> Designer and clicking on "Show/hide left menu", nothing happens except
> that my Firefox 6 console complains about a Content Security Policy
> violation.
>
> On the same server, trying version 3.5 (master) works fine. Both version
> have in libraries/header_http.inc.php the line that emits a
> X-Content-Security-Policy header.
>
> In 3.4, if I remove this line, all works fine.
Yes, I can reproduce this, exactly as you have described it.
[PHP 5.3.5, Firefox 6.0.2, Ubuntu 11.04]
Rouslan
Thanks. I just noticed that it has been reported in the bug tracker:
https://sourceforge.net/tracker/index.php?func=detail&aid=3324161&g…
A remark in the artifact made me test this bug under IE 8 and there is
no problem; it probably does not care about this header.