SummerOfCode/2012/UserCSP/WeeklyUpdates/2012-06-11

From MozillaWiki

< SummerOfCode‎ | 2012‎ | UserCSP

Jump to: navigation, search

« previous week | index | next week »

Contents

1 This Week
2 Monday, 11 June
3 Tuesday, 12 June
4 Wednesday, 13 June
5 Thursday, 14 June
6 Friday, 15 June

This Week

Monday, 11 June

Register Content Policy to hook into shouldLoad and shouldProcess methods.

Tuesday, 12 June

Successfully register Content Policy in XUL extension of Firefox. However, I was not able to register it in Jetpack.

Did a google search to find a way to inject "X-Content-Security-Policy" header when "shouldProcess" event for Content Policy fires. However, I didn't find any way to achieve this.

Wednesday, 13 June

Get The document URI when an HTTP response is received to retrieve user specified CSP policy.

I noticed that this way is not correct, because document URI is not ready when first response is received for a page load.

Thursday, 14 June

Register for "http-on-examine-response" observer notification.

Friday, 15 June

Retrieved user specified CSP values from sqlite database for the host name in an HTTP response header.
Injected "X-Content-Security-Policy" header into an HTTP response using "setResponseHeader" method of nsIHttpChannel interface.

Retrieved from "https://wiki.mozilla.org/index.php?title=SummerOfCode/2012/UserCSP/WeeklyUpdates/2012-06-11&oldid=442055"