CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1923273002/1 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1923273002/1
4 years, 7 months ago
(2016-04-28 16:31:06 UTC)
#5
Description was changed from ========== CSP: Allow hashed inline event handlers only with 'unsafe-hashed-attributes' The ...
4 years, 7 months ago
(2016-04-30 17:56:27 UTC)
#8
Message was sent while issue was closed.
Description was changed from
==========
CSP: Allow hashed inline event handlers only with 'unsafe-hashed-attributes'
The original implementation didn't gate this on any particular signal in
the policy. Based on the discussion at
https://github.com/w3c/webappsec-csp/issues/13,
we should be a bit more cautious. So, 'unsafe-hashed-attributes' it is.
BUG=546106
==========
to
==========
CSP: Allow hashed inline event handlers only with 'unsafe-hashed-attributes'
The original implementation didn't gate this on any particular signal in
the policy. Based on the discussion at
https://github.com/w3c/webappsec-csp/issues/13,
we should be a bit more cautious. So, 'unsafe-hashed-attributes' it is.
BUG=546106
Committed: https://crrev.com/fb02ae61a30adf416bdb3f8fabcf1581bcf0b12f
Cr-Commit-Position: refs/heads/master@{#390418}
==========
Issue 1923273002: CSP: Allow hashed inline event handlers only with 'unsafe-hashed-attributes'
(Closed)
Created 4 years, 7 months ago by Mike West
Modified 4 years, 7 months ago
Reviewers: jochen (gone - plz use gerrit)
Base URL: https://chromium.googlesource.com/chromium/src.git@master
Comments: 0