[desktop] Bugs logged by Desktop Release QA in the last 7 days
Hello, Here's the list of new issues found and filed by the Desktop Release QA team last two weeks. Additional details on the team's priorities last week, as well as the plans for the current week are available at: https://tinyurl.com/yb6h28ba Bugs logged by Desktop Release QA in the last 7 days: Firefox: Tours NEW - https://bugzil.la/1518419 - Content blocking causes list elements form [Go back/forward one page] context menu to flicker on hover Firefox: Toolbars and Customization NEW - https://bugzil.la/1518500 - The 'Flexible Space' item disappears from the customization pallette after adding it to the right side of the bookmark toolbar Firefox: Bookmarks & History NEW - https://bugzil.la/1518518 - Bookmark position mark misplaced when moving bookmarks in bookmark toolbar Firefox: Bookmarks & History NEW - https://bugzil.la/1518529 - Bookmarks saved for non-secure sites (http) don't show for secure (https) sites Firefox: Security NEW - https://bugzil.la/1519095 - Wrong pop-up message is displayed when running while(true) {window.open(...);} Firefox: Tracking Protection VERIFIED FIXED - https://bugzil.la/1519137 - [Content Blocking] Cookies' labels are no longer displayed in the Control center after a restart/opening and closing the browser Core: Layout: Scrolling and Overflow NEW - https://bugzil.la/1518781 - [twitch] The edit button for comments is hard to click because it's covered by the scrollbar, if your OS uses overlay scrollbars (and your browser lacks ::-webkit-scrollbar support) Core: Security: PSM NEW - https://bugzil.la/1518786 - Add Security Exception window sizing issues Core: Document Navigation NEW - https://bugzil.la/1518788 - The Back button is active in a newly opened tab if the tab is opened by default Core: Audio/Video: Playback NEW - https://bugzil.la/1519317 - Shaka Player demo shows MEDIA.VIDEO_ERROR on loop enabled Core: DOM: Animation NEW - https://bugzil.la/1518816 - Flicker when transitioning on Tumblr landing page Toolkit: Performance Monitoring NEW - https://bugzil.la/1518790 - [Win] Worker and tracker icons are not displayed in about performance while in High Contrast themes Toolkit: Performance Monitoring NEW - https://bugzil.la/1519108 - Closed tabs will not disappear immediately from about:performance list DevTools: about:debugging NEW - https://bugzil.la/1518095 - Swapping between about:newtab and about:debugging kills devTools DevTools: CSS Rules Inspector NEW - https://bugzil.la/1518135 - DevTools rules scrolls on settings toggle DevTools: Inspector NEW - https://bugzil.la/1518147 - [Track changes] - The changes are not properly picked up for html:not(.style-scope) inline selectors DevTools: Inspector NEW - https://bugzil.la/1518187 - [Tack changes] - disabling and editing a property is tracked for each action instead of last one only DevTools: General NEW - https://bugzil.la/1518485 - Sub-Section headers for 3pane inspector and Network sections are not marked as active when tab-focused DevTools: CSS Rules Inspector NEW - https://bugzil.la/1518831 - Some declarations are removed if their property names are invalid DevTools: General NEW - https://bugzil.la/1519087 - [Ubuntu] - DevTools Settings cannot be cancelled if searchbox is active DevTools: Inspector NEW - https://bugzil.la/1519132 - [Track changes] - Declaration values containing quotes are not properly picked up by the changes tab DevTools: Inspector NEW - https://bugzil.la/1519383 - [Track changes] Changing values for multiple properties in different iframes not reflected in changes tab for all Tech Evangelism: Desktop NEW - https://bugzil.la/1518825 - Scroll bar obstructs the Bing map when the traffic view is selected This is available as a Bugzilla bug list as well: https://tinyurl.com/ybctglnh Regards, Mihai Boldan QC Engineer Softvision The content of this communication is classified as Softvision Confidential and Proprietary Information. ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: Intent to implement: report-to header as part of Reporting API
> > > Sorry for my laziness not having scanned through the links below to find > the answer to this question, but how does this interact with the > same-origin policy, if at all? And if it does, is enabling it in sandbox > iframes without the allow-same-origin token the right thing to do? > It's possible to have cross-origin endpoints. And yes, we should not send report in such sandboxed iframes. I'll file a spec issue if there is not one yet. I assume it is possible for foo.example to use this API to send a report to > thirdparty.example (let's imagine thirdparty.example isn't on the > Disconnect tracking proptection list.) What data is leaked to > thirdparty.example as part of those reports? Do we send > credentials/referrer? > A report contains the origin and the credentials, plus the body of course. This doesn't seem different than a . In general, I agree with your concern, and I would like more people to take a close look at how Reporting API can be abused. As I said, ReportingObserver seems fine. Report-to needs a better integration with url-classifier and content blocking before being shipped. ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform