On 02/07/2014 02:33 PM, Gavin Sharp wrote: > Safe Browsing has typically been considered its own toolkit > sub-module, and isn't a "content security policy" the same way CSP/MCB > are. I don't really have any objection to grouping it with the others > in a new module, though.
True. gcp liked the idea and offered to be an owner, and it seemed to align with who's doing most of the work on it these days. I am open to taking it out and leaving it as a submodule in toolkit if there are any serious objections. > The "DOM" in your proposed Bugzilla component name seems misleading - > this stuff doesn't seem particularly DOM-related. Most of this stuff lives under content/, but it's my understanding that content/ will be merged into dom/ eventually and that it's the way of the future. Hence the suggested location and component. If there's another, better criteria for naming the component, I am happy to change it. > Are there other upcoming/proposed code areas/features that you would > see as also fitting under this module? There has been talk of rewriting nsIContentPolicy into a new Content Policy API, in order to fix numerous problems with performance, the difficulty in handling redirects, and interactions with add-ons. This was first proposed by Jonas Sicking [0], and was resurrected at the DOM workweek last week. That would certainly fit under this module. [0] https://groups.google.com/forum/#!msg/mozilla.dev.platform/veLFoy09ydg/2XcWUXSiVbEJ > Gavin > > On Fri, Feb 7, 2014 at 11:10 AM, Garrett Robinson <[email protected]> > wrote: >> There are several "content security policies" that live in DOM >> or toolkit, but the owners/peers of those modules are not the people who >> do the majority of the work writing or editing code for these >> components. I propose we create a new "Content Security" module to house >> these related features. The features in question are: >> >> * Content Security Policy (CSP) >> * Mixed Content Blocker >> * Safe Browsing >> >> Name: "Content Security" >> Description: Security-related content policies >> Location: dom/security >> Owners: Sid Stamm, Gian-Carlo Pascutto >> Peers: Garrett Robinson, Tanvi Vayas, Dan Veditz >> Bugzilla Component: Core::DOM: Security (needs to be created) >> >> Source dirs/files: >> >> * toolkit/components/url-classifier >> * content/base/+ >> ** test/csp >> ** src/CSPUtils.jsm >> ** src/contentSecurityPolicy.js >> ** src/CSPService.cpp/h >> ** public/nsIContentSecurityPolicy.idl >> ** src/nsMixedContentBlocker.cpp/h >> ** test/{test,file}_mixed_content_* >> _______________________________________________ >> governance mailing list >> [email protected] >> https://lists.mozilla.org/listinfo/governance _______________________________________________ governance mailing list [email protected] https://lists.mozilla.org/listinfo/governance
