[webkit-reviews] review granted: [Bug 89577] Implement the script-nonce Content Security Policy directive. : [Attachment 150869] Tiny fixes.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jul 4 21:07:25 PDT 2012
Adam Barth <abarth at webkit.org> has granted Mike West <mkwst at chromium.org>'s
request for review:
Bug 89577: Implement the script-nonce Content Security Policy directive.
https://bugs.webkit.org/show_bug.cgi?id=89577
Attachment 150869: Tiny fixes.
https://bugs.webkit.org/attachment.cgi?id=150869&action=review
------- Additional Comments from Adam Barth <abarth at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=150869&action=review
This came out very well.
> Source/WebCore/page/ContentSecurityPolicy.cpp:726
> + if (m_scriptNonce.isEmpty() || (!nonce.isEmpty() &&
nonce.stripWhiteSpace() == m_scriptNonce))
> + return true;
Is the nonce.isEmpty() check needed here? Given that m_scriptNonce is not
empty, nonce wouldn't be empty if it matches m_scriptNonce
More information about the webkit-reviews
mailing list