Google Git
Sign in
webkit / WebKit / ac7a9e92dbef742201093c276b090273f3256d07
commitac7a9e92dbef742201093c276b090273f3256d07[log] [tgz]
authordbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Mon Feb 15 18:54:30 2016 +0000
committerdbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Mon Feb 15 18:54:30 2016 +0000
treec5509d870246b2c1ea1e2dd48253c85c392a7a49
parent65fe076178f1a9a73ef9f19321629a5c6146507c [diff]
CSP: 'sandbox' should be ignored in report-only mode
https://bugs.webkit.org/show_bug.cgi?id=153167
<rdar://problem/22708669>

Reviewed by Brent Fulgham.

Source/WebCore:

Merged from Blink (patch by Mike West):
<https://src.chromium.org/viewvc/blink?revision=165322&view=revision>

* page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::reportInvalidDirectiveInReportOnlyMode): Added. Logs a
console message to the console to explain that the specified directive is invalid in
report-only mode.
* page/csp/ContentSecurityPolicy.h:
* page/csp/ContentSecurityPolicyDirectiveList.cpp:
(WebCore::ContentSecurityPolicyDirectiveList::applySandboxPolicy): Do not apply sandbox
policy when in report-only mode and call ContentSecurityPolicy::reportInvalidDirectiveInReportOnlyMode()
to log a message to the console.

LayoutTests:

Remove the entry from the TestExpectations file for the test
http/tests/security/contentSecurityPolicy/sandbox-report-only.html as it now passes.

* TestExpectations:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@196582 268f45cc-cd09-0410-ab3c-d52691b4dbfc
6 files changed
tree: c5509d870246b2c1ea1e2dd48253c85c392a7a49
  1. Examples/
  2. LayoutTests/
  3. ManualTests/
  4. PerformanceTests/
  5. Source/
  6. Tools/
  7. WebKit.xcworkspace/
  8. WebKitLibraries/
  9. Websites/
  10. .dir-locals.el
  11. .gitattributes
  12. .gitignore
  13. ChangeLog
  14. ChangeLog-2012-05-22
  15. CMakeLists.txt
  16. Makefile
  17. Makefile.shared