Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(247)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1907663003: Bypass CSP checks for plugin-loaded requests (Closed)

Created:
4 years, 8 months ago by estark
Modified:
4 years, 8 months ago
Reviewers:
CC:
chromium-reviews
Base URL:
https://chromium.googlesource.com/chromium/src.git@2704
Target Ref:
refs/pending/branch-heads/2704
Project:
chromium
Visibility:
Public.

Description

Bypass CSP checks for plugin-loaded requests A recent refactor of how CSP gets applied to requests accidentally started applying object-src directives to subresources that are loaded by plugins. This CL skips CSP checks for RequestContextPlugin. BUG=603952 Review URL: https://codereview.chromium.org/1894593003 Cr-Commit-Position: refs/heads/master@{#388043} (cherry picked from commit 1055ddd2281c6d0ae450477968ceeb63f210a2fa) Committed: https://chromium.googlesource.com/chromium/src/+/5c9b6eb6926bb03da6a95a4e7f30aacdf79889f0

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+14 lines, -1 line) Patch
M third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp View 2 chunks +1 line, -1 line 0 comments Download
M third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicyTest.cpp View 1 chunk +13 lines, -0 lines 0 comments Download

Messages

Total messages: 2 (1 generated)
estark
4 years, 8 months ago (2016-04-21 03:44:37 UTC) #2
Message was sent while issue was closed. 
Committed patchset #1 (id:1) manually as
5c9b6eb6926bb03da6a95a4e7f30aacdf79889f0.

Powered by Google App Engine
This is Rietveld 408576698