DescriptionContent-Security-Policy: Add tests when source scheme is empty.
The current behavior is that when a CSP source expression doesn't have a
scheme, the url scheme must be equal to the 'self' scheme. Alternatively
when the 'self' scheme is 'http', every scheme in the HTTP familly are
allowed.
This CL adds tests for documenting this behavior.
BUG=None.
Review-Url: https://codereview.chromium.org/2694233002
Cr-Commit-Position: refs/heads/master@{#450680}
Committed: https://chromium.googlesource.com/chromium/src/+/6e9b7247c80de98888c1d90ed61457538f51931a
Patch Set 1 #
Total comments: 6
Patch Set 2 : Add TODO and BUG id. #Messages
Total messages: 10 (5 generated)
|