- 21dfe61 Report the initiating url instead of the redirected one by commit-queue@webkit.org · 3 years, 3 months ago
- b5af993 Form action with a redirect should report correct blocked URI by katherine_cheney@apple.com · 3 years, 4 months ago
- f72c00e Javascript URLs do not run in the right context when using frame targeting by cdumez@apple.com · 3 years, 4 months ago
- dff1daf [WebInspector][CORS] Show HTTP status code in CORS messages. by commit-queue@webkit.org · 3 years, 4 months ago
- a6865e2 Disable NETSCAPE_PLUGIN_API at build time on macOS and Windows by achristensen@apple.com · 3 years, 4 months ago
- a17bf75 Regression (r284610): [ iOS BigSur wk2 ] http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html is failing by cdumez@apple.com · 3 years, 4 months ago
- 160e2e3 document.open() and friends use incorrect document as a source for reseted document's URL by shvaikalesh@gmail.com · 3 years, 4 months ago
- acd9533 Regression (r284610): [ iOS BigSur wk2 ] http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html is failing by cdumez@apple.com · 3 years, 4 months ago
- 250d7dd [GLIB][GStreamer] test http/tests/security/webaudio-render-remote-audio-allowed-crossorigin-redirect.html is a flaky timeout since r278004 by eocanha@igalia.com · 3 years, 4 months ago
- 893a144 CSP: Implement src-elem and src-attr directives by katherine_cheney@apple.com · 3 years, 4 months ago
- ea59827 CSP: Implement unsafe-hashes by katherine_cheney@apple.com · 3 years, 4 months ago
- f2b6a6c Disable new incumbent-window until it is fully implemented by ysuzuki@apple.com · 3 years, 5 months ago
- 8211eb3 Send CSP violation reports to the DOM window by katherine_cheney@apple.com · 3 years, 5 months ago
- 8c6a48f Remove XSS Auditor: Part 2 (Remove engine support) by bfulgham@apple.com · 3 years, 5 months ago
- 689c3db Allow layout tests to open popups by default by cdumez@apple.com · 3 years, 5 months ago
- d7daed1 Unreviewed, reverting r282025. https://bugs.webkit.org/show_bug.cgi?id=229970 by commit-queue@webkit.org · 3 years, 5 months ago
- b744c3e [Web App Manifest] Always fetch the first manifest if provided by drousso@apple.com · 3 years, 6 months ago
- 0f3f68f Allow layout tests to open popups by default by cdumez@apple.com · 3 years, 6 months ago
- 5317be0 Drop calls to testRunner.setCloseRemainingWindowsWhenComplete() from layout tests by cdumez@apple.com · 3 years, 6 months ago
- eacc138 Regression(r272607) Removal of alert()/confirm() in third-party iframes breaks Salesforce by cdumez@apple.com · 3 years, 6 months ago
- 7a9d522 Add onsecuritypolicyviolation on GlobalEventHandlers by commit-queue@webkit.org · 3 years, 6 months ago
- 3ebfbd5 Report correct blocked URI in CSP violation report by katherine_cheney@apple.com · 3 years, 6 months ago
- 20a0a03 Overly verbose catchable fetch error messages lead to cross-origin leaks by youenn@apple.com · 3 years, 6 months ago
- d8c8ec1 Partially revert r280256 behavior change since it broke Facetime by ysuzuki@apple.com · 3 years, 6 months ago
- 821ca42 Document's fallback base URL should be deduced from its creator when URL is about:blank by cdumez@apple.com · 3 years, 7 months ago
- 1f68c95 [JSC] Call custom accessors / values with their holder's global object by shvaikalesh@gmail.com · 3 years, 7 months ago
- 666259f Change referrer-policy default to strict-origin-when-cross-origin by gsnedders@apple.com · 3 years, 7 months ago
- f063a46 LayoutTests: Use os.path.dirname() instead of split('/') for Windows Python by Hironori.Fujii@sony.com · 3 years, 8 months ago
- 94cd687 Unreviewed, reland r276592 with a fix for put() override in prototype chain of a JSProxy by shvaikalesh@gmail.com · 3 years, 9 months ago
- a926ef3 Window should behave like a legacy platform object without indexed setter by shvaikalesh@gmail.com · 3 years, 9 months ago
- b889ce3 CSP does not apply to AudioWorklets by cdumez@apple.com · 3 years, 9 months ago
- 1918603 SecurityPolicyViolationEvent.constructor do not throw any exception as expected when eventInitDict param do not include all the members required by cdumez@apple.com · 3 years, 9 months ago
- f9f5fff [LayoutTests] Remove straggling PHP references by cgambrell@apple.com · 3 years, 9 months ago
- 471f064 [ wk2 ] http/tests/security/contentSecurityPolicy/report-only-connect-src-xmlhttprequest-redirect-to-blocked.py is a constant text failure by katherine_cheney@apple.com · 3 years, 9 months ago
- a929b19 [LayoutTests] Delete unused LayoutTests/http resources by jbedard@apple.com · 3 years, 9 months ago
- 4683ba2 [WebIDL] Remove [ImplicitThis] and [CustomProxyToJSObject] extended attributes by shvaikalesh@gmail.com · 3 years, 9 months ago
- b4c709b Temporarily revert r276592 as it breaks some native apps by keith_miller@apple.com · 3 years, 9 months ago
- 5c3863a [LayoutTests] Convert http/tests/resources convert PHP to Python by cgambrell@apple.com · 3 years, 10 months ago
- 6f2d1a5 [JSC] OrdinarySet should invoke custom [[Set]] methods by shvaikalesh@gmail.com · 3 years, 10 months ago
- cf9ca13 http/tests/security/referrer-policy-header.html is slow by cdumez@apple.com · 3 years, 10 months ago
- 678a042 Perform port blocking earlier in the load by bfulgham@apple.com · 3 years, 10 months ago
- f3242b7 REGRESSION(Safari 14): iframe with blob url does not work with sandboxing by youenn@apple.com · 3 years, 10 months ago
- 20d3ae1 [LayoutTests] Convert http/tests/security convert PHP to Python by cgambrell@apple.com · 3 years, 10 months ago
- 7a748df http/.../contentSecurityPolicy/report-document-uri-after-blocked-redirect.html is a flaky failure by katherine_cheney@apple.com · 3 years, 10 months ago
- 3d1488f Unreviewed, reverting r275849. https://bugs.webkit.org/show_bug.cgi?id=224476 by commit-queue@webkit.org · 3 years, 10 months ago
- 6e70f2d [LayoutTests] Convert http/tests/security convert PHP to Python by cgambrell@apple.com · 3 years, 10 months ago
- 0874da6 [LayoutTests] Convert http/tests/navigation convert PHP to Python by cgambrell@apple.com · 3 years, 11 months ago
- 47a6613 Disable WebSQL in WebKitTestRunner by rniwa@webkit.org · 3 years, 11 months ago
- bb67eed [LayoutTests] Convert http/tests/referrer-policy convert PHP to Python by cgambrell@apple.com · 3 years, 11 months ago
- 8d7d05e [LayoutTests] Convert http/tests/contentextensions convert PHP to Python by cgambrell@apple.com · 3 years, 11 months ago
- 163f484 Apply permission policy to geolocation by youenn@apple.com · 3 years, 11 months ago
- 5c2cb93 REGRESSION(r274244): [GTK][WPE] Two http/tests/security/contentSecurityPolicy tests crash by clopez@igalia.com · 3 years, 11 months ago
- e7c1c607 Remove unused JS and CSS files of media controls by drousso@apple.com · 4 years ago
- bf2bfa7 [ macOS Wk2 ] http/tests/security/contentSecurityPolicy/report-only-connect-src-xmlhttprequest-redirect-to-blocked.php is constantly text failing by cgambrell@apple.com · 4 years ago
- 33d6207 Geolocation API does not work in WKWebView with custom URL scheme handler by youenn@apple.com · 4 years ago
- 34ef895 Make fast/images/missing-content-image-crash.html results consistent with internal build by commit-queue@webkit.org · 4 years ago
- 33a814f [ macOS Wk2 ] http/tests/security/contentSecurityPolicy/report-only-connect-src-xmlhttprequest-redirect-to-blocked.php is constantly text failing by cgambrell@apple.com · 4 years ago
- 2d36e60 [LayoutTests] Convert http/tests/security convert PHP to Python by cgambrell@apple.com · 4 years ago
- 29a8b1c REGRESSION: [iOS] http/tests/security/strip-referrer-to-origin-for-third-party-redirects-in-private-mode.html is failing by cgambrell@apple.com · 4 years ago
- f1a8b00 Report the correct document uri in the case of a ContentSecurityPolicyClient by katherine_cheney@apple.com · 4 years ago
- 8c1c24c JS Modules in Workers https://bugs.webkit.org/show_bug.cgi?id=164860 by ysuzuki@apple.com · 4 years ago
- a93db0d [LayoutTests] Convert http/tests/resources/redirect.php to Python by commit-queue@webkit.org · 4 years ago
- 02562e3 Disallow alert/confirm/prompt in cross-origin-domain subframes by cdumez@apple.com · 4 years ago
- ec4ceec Non-special URLs should have an opaque origin by commit-queue@webkit.org · 4 years ago
- 823a9f0 REGRESSION (Big Sur): Some tests in http/tests/security/http-0.9 flakily fail by commit-queue@webkit.org · 4 years, 1 month ago
- 119d728 Add logs to HTTP/0.9 test https://bugs.webkit.org/show_bug.cgi?id=220776 by achristensen@apple.com · 4 years, 1 month ago
- 60ce1a8 REGRESSION (Big Sur): Some tests in http/tests/security/http-0.9 flakily fail by commit-queue@webkit.org · 4 years, 1 month ago
- 0472d39 Remove non-inclusive language from layout tests by bdakin@apple.com · 4 years, 2 months ago
- 6c29852 Reflect.preventExtensions should not throw if called on WindowProxy or Location by shvaikalesh@gmail.com · 4 years, 2 months ago
- 3e50433 iframe with `sandbox=allow-top-navigation-by-user-activation` can navigate top frame when the user interacts with an iframe from another origin by cdumez@apple.com · 4 years, 3 months ago
- 66a9be7 Block suspicious top level navigations by iframes even if sandbox=allow-top-navigation is specified by cdumez@apple.com · 4 years, 3 months ago
- 25e1f4c CSSStyleSheet.cssRules and rules should throw in case of opaque stylesheets by youenn@apple.com · 4 years, 3 months ago
- d87c035 Unexpose obsolete HTMLAppletElement interface by cdumez@apple.com · 4 years, 3 months ago
- bf4f5e2 [LFC][Integration] Enable inline image support by zalan@apple.com · 4 years, 3 months ago
- 308ea8d Remove remaining alternative preference setting mechanisms from LayoutTests by weinig@apple.com · 4 years, 4 months ago
- 2886860 Remove all remaining testRunner.overridePreference calls by weinig@apple.com · 4 years, 4 months ago
- e6adf60 [Testing] Rename test header commands to match names in WebPreferences*.yaml by weinig@apple.com · 4 years, 4 months ago
- cf48fb5 WebKit doesn't parse "#" as delimiter for fragment identifier in data URIs by achristensen@apple.com · 4 years, 5 months ago
- 53cb283 Remove IndexedDBWorkers runtime setting now since it is always true by weinig@apple.com · 4 years, 5 months ago
- 7e0d0b9 Remove trailing spaces from expected.txt files (excluding WPT for now since that contains too many) by darin@apple.com · 4 years, 5 months ago
- 3455a31 web audio api outputs silence for 302 redirected resource in safari by cdumez@apple.com · 4 years, 5 months ago
- afda27d Unreviewed, reverting r267507. https://bugs.webkit.org/show_bug.cgi?id=216923 by commit-queue@webkit.org · 4 years, 5 months ago
- b74a395 web audio api outputs silence for 302 redirected resource in safari by cdumez@apple.com · 4 years, 5 months ago
- 30567fc Turn off the legacy prefixed WebAudio API by cdumez@apple.com · 4 years, 5 months ago
- 9e7fc04 Selection API: Update some more tests so they don't accidentally rely on flaws in WebKit's old implementation by darin@apple.com · 4 years, 5 months ago
- 86030f5 REGRESSION(r254031): Captions fail to load on jw.org by jer.noble@apple.com · 4 years, 5 months ago
- 60dc361 AnalyserNode.getFloatFrequencyData() should fill array with -Infinity when input is silent by cdumez@apple.com · 4 years, 5 months ago
- 1863672 Update URL fragment percent encode set by commit-queue@webkit.org · 4 years, 6 months ago
- d0e4c24 Console object's @@toStringTag should be "console" instead of "Console" by ysuzuki@apple.com · 4 years, 6 months ago
- e5f46ed Remove several unnecessary timeouts in layout tests by wenson_hsieh@apple.com · 4 years, 6 months ago
- 7983bd8 Use more inclusive terminology in Tools by commit-queue@webkit.org · 4 years, 7 months ago
- 2a55383 Allow IndexedDB in third-party frames by commit-queue@webkit.org · 4 years, 7 months ago
- bf71828 Add referrerpolicy attribute support for <link> by commit-queue@webkit.org · 4 years, 8 months ago
- 2187dd5 Improve CSP compliance under PSON by bfulgham@apple.com · 4 years, 8 months ago
- 4ffd3cf Incorrect location.origin in blob workers by youenn@apple.com · 4 years, 9 months ago
- 4589717 Disable support for BeforeLoadEvent by cdumez@apple.com · 4 years, 9 months ago
- 514219a XML external entity resources should only be loaded from XML MIME types by ddkilzer@apple.com · 4 years, 9 months ago
- 51f29bd Allow credentials for same-origin css mask images by commit-queue@webkit.org · 4 years, 10 months ago
- 7f09949 module's default cross-origin value should be "anonymous" by ysuzuki@apple.com · 4 years, 10 months ago
- eb6052d Unreviewed, reverting r260003. https://bugs.webkit.org/show_bug.cgi?id=210441 by commit-queue@webkit.org · 4 years, 10 months ago