Skip to content
  1. Mar 08, 2017
    • Arthur Edelstein's avatar
      fixup! Bug 13900: Remove 3rd party HTTP auth tokens. · 340377b8
      Arthur Edelstein authored and Georg Koppen's avatar Georg Koppen committed
      The HostPartIsTheSame() is too strict about deciding what is first party.
      Instead we use IsThirdPartyURI() to check if the request is from
      the first party. Specifically, it considers an XHR to api.twitter.com
      from a twitter.com top-level page to be first-party.
      
      This fixes bug 21555 and 16450.
      340377b8
  2. Mar 03, 2017