Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

تلاش سپورٹ

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

مزید سیکھیں

اس تھریڈ کو آرکائیوکیا گیا تھا۔ اگر آپ کو مدد کی ضرورت ہو تو براہ مہربانی نیا سوال پوچھیں۔

Trouble with Content Security Policy (CSP)

  • 1 جواب دیں
  • 3 میں یہ مسئلہ ہے
  • 14 دیکھیں
  • آخری جواب بذریعہ guigs

staalux
staalux
more options

In the latest Firefox 33 there seem to be an issue with Content Security Policy (CSP) and how it handles url that are url encoded. For instance when some CSP directive is set to like https://mywebsite.com/application/do;jsessiond=1234 - it will get URL encoded so the ; gets replaced by %3B. In Firefox 32 and earlier this worked, but not in this new solution.

In the latest Firefox 33 there seem to be an issue with Content Security Policy (CSP) and how it handles url that are url encoded. For instance when some CSP directive is set to like https://mywebsite.com/application/do;jsessiond=1234 - it will get URL encoded so the ; gets replaced by %3B. In Firefox 32 and earlier this worked, but not in this new solution.

تمام جوابات (1)

guigs
guigs
more options

It may be that it needs a header application/x-www-form-urlencoded is this included in your url request as well as charset UTF-8?

If you select a different encoding via web dev https://developer.mozilla.org/en-US/d.../encodeURI

This sounds like what it did before? http://www.justarrangingbits.org/fire.../index.html