DescriptionExplicitly whitelist 'blob:' and 'filesystem:' in extensions' default CSP.
'blob:' and 'filesystem:' should not match 'self' in CSP source
expressions, but they currently do. In order to avoid breakage, this
patch whitelists them explicitly (which is a no-op at the moment) so that
we can change Blink's behavior without breaking extensions.
Perhaps we can re-evaluate this in v3. :)
BUG=473904
Committed: https://crrev.com/04a6c801d52357e7ad14ecaf8c528a97a3451fd5
Cr-Commit-Position: refs/heads/master@{#334599}
Patch Set 1 #
Total comments: 3
Patch Set 2 : Nit. #Patch Set 3 : Test. #
Messages
Total messages: 12 (4 generated)
|