SummerOfCode/2012/UserCSP/WeeklyUpdates/2012-06-11

From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »

This Week

Monday, 11 June

  • Register Content Policy to hook into shouldLoad and shouldProcess methods.

Tuesday, 12 June

  • Successfully register Content Policy in XUL extension of Firefox. However, I was not able to register it in Jetpack.
  • Did a google search to find a way to inject "X-Content-Security-Policy" header when "shouldProcess" event for Content Policy fires. However, I didn't find any way to achieve this.

Wednesday, 13 June

  • Get The document URI when an HTTP response is received to retrieve user specified CSP policy.
  • I noticed that this way is not correct, because document URI is not ready when first response is received for a page load.

Thursday, 14 June

  • Register for "http-on-examine-response" observer notification.

Friday, 15 June

  • Retrieved user specified CSP values from sqlite database for the host name in an HTTP response header.
  • Injected "X-Content-Security-Policy" header into an HTTP response using "setResponseHeader" method of nsIHttpChannel interface.