Last modified: 2013-10-03 08:16:22 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T55087, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 53087 - Extension:OpenID is not yet CSP compliant because it still uses of inline CSS
Extension:OpenID is not yet CSP compliant because it still uses of inline CSS
Status: ASSIGNED
Product: MediaWiki extensions
Classification: Unclassified
OpenID (Other open bugs)
unspecified
All All
: Normal normal (vote)
: ---
Assigned To: T. Gries
:
Depends on:
Blocks: 9604
  Show dependency treegraph
 
Reported: 2013-08-20 05:59 UTC by T. Gries
Modified: 2013-10-03 08:16 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description T. Gries 2013-08-20 05:59:38 UTC
see comments by Parent5446 on PatchSet 61 
https://gerrit.wikimedia.org/r/#/c/55287/61/OpenID.hooks.php

"You're gonna want to avoid inline CSS at all costs. Rather than putting an inline style, instead have a CSS file for each provider. That way when MediaWiki eventually becomes CSP-compatible E:OpenID can work with it."

E:OpenID still uses a few lines of inline CSS. This should be fixed,
Comment 1 T. Gries 2013-08-20 06:00:13 UTC
CSP reference: https://en.wikipedia.org/wiki/Content_Security_Policy

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links