Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(115)

Issue 1730123002: CSP3: Disable host-based whitelists in the presence of 'unsafe-dynamic'. (Closed)

Created:
4 years, 10 months ago by Mike West
Modified:
4 years, 10 months ago
CC:
blink-reviews, chromium-reviews, mkwst+watchlist-csp_chromium.org
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

CSP3: Disable host-based whitelists in the presence of 'unsafe-dynamic'. This patch makes `http://host1 nonce-abc 'unsafe-dynamic'` have the same behavior as `nonce-abc 'unsafe-dynamic'`. Still locked behind the experimental web platform features flag. BUG=589380 R=jochen@chromium.org Committed: https://crrev.com/bae07c0c3affe8b06d0c29944c54452776add1aa Cr-Commit-Position: refs/heads/master@{#377262}

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+58 lines, -2 lines) Patch
A third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-unsafe-dynamic-whitelist.html View 1 chunk +48 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp View 3 chunks +10 lines, -2 lines 0 comments Download

Messages

Total messages: 7 (2 generated)
Mike West
WDYT, Jochen?
4 years, 10 months ago (2016-02-24 08:15:26 UTC) #1
jochen (gone - plz use gerrit)
lgtm
4 years, 10 months ago (2016-02-24 08:29:07 UTC) #2
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1730123002/1 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1730123002/1
4 years, 10 months ago (2016-02-24 09:33:27 UTC) #4
commit-bot: I haz the power
Committed patchset #1 (id:1)
4 years, 10 months ago (2016-02-24 10:40:59 UTC) #5
commit-bot: I haz the power
4 years, 10 months ago (2016-02-24 10:42:40 UTC) #7
Message was sent while issue was closed.
Patchset 1 (id:??) landed as
https://crrev.com/bae07c0c3affe8b06d0c29944c54452776add1aa
Cr-Commit-Position: refs/heads/master@{#377262}

Powered by Google App Engine
This is Rietveld 408576698