[webkit-changes] [WebKit/WebKit] e0bf40: Block loading remote content in console message st...
Ryan Reno
noreply at github.com
Fri Nov 18 10:10:55 PST 2022
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: e0bf4081c1a0c961d923a9c894bd2c7c3d24a759
https://github.com/WebKit/WebKit/commit/e0bf4081c1a0c961d923a9c894bd2c7c3d24a759
Author: Ryan Reno <rreno at apple.com>
Date: 2022-11-18 (Fri, 18 Nov 2022)
Changed paths:
M Source/WebInspectorUI/UserInterface/Views/ConsoleMessageView.js
Log Message:
-----------
Block loading remote content in console message style formatter.
https://bugs.webkit.org/show_bug.cgi?id=248066
rdar://101434152
Reviewed by Brent Fulgham and Patrick Angle.
This blocks loading remote resources in the %c console formatter by disallowing
CSS values using the `url` or `src` CSS functions.
* Source/WebInspectorUI/UserInterface/Views/ConsoleMessageView.js:
(WI.ConsoleMessageView.prototype._formatWithSubstitutionString.styleFormatter):
(WI.ConsoleMessageView.prototype._formatWithSubstitutionString.isAllowedValue):
Canonical link: https://commits.webkit.org/256840@main
More information about the webkit-changes
mailing list