Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1689)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/resources/options/options.html

Issue 7038046: Insert meta tag turning on content-security-protection for chrome://settings, history, downloads ... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 9 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/resources/history.js ('k') | chrome/test/data/webui/test_api.js » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/resources/options/options.html
===================================================================
--- chrome/browser/resources/options/options.html (revision 86705)
+++ chrome/browser/resources/options/options.html (working copy)
@@ -2,6 +2,11 @@
<html id="t" i18n-values="dir:textdirection">
<head>
<meta charset="utf-8">
+<!-- X-WebKit-CSP is our development name for Content-Security-Policy.
+ TODO(tsepez) rename when Content-security-policy is done.
+ TODO(tsepez) remove unsafe-eval when bidichecker_packaged.js fixed.
+-->
+<meta http-equiv="X-WebKit-CSP" content="object-src 'none'; script-src chrome://resources 'self' 'unsafe-eval'">
<!-- Set the title to that of the default page so that the title doesn't flash
on load (for the most common case). -->
<title i18n-content="browserPageTabTitle"></title>
« no previous file with comments | « chrome/browser/resources/history.js ('k') | chrome/test/data/webui/test_api.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698