[webkit-reviews] review granted: [Bug 231751] CSP: Implement src-elem and src-attr directives : [Attachment 441240] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 14 11:45:55 PDT 2021
Brent Fulgham <bfulgham at webkit.org> has granted Kate Cheney
<katherine_cheney at apple.com>'s request for review:
Bug 231751: CSP: Implement src-elem and src-attr directives
https://bugs.webkit.org/show_bug.cgi?id=231751
Attachment 441240: Patch
https://bugs.webkit.org/attachment.cgi?id=441240&action=review
--- Comment #3 from Brent Fulgham <bfulgham at webkit.org> ---
Comment on attachment 441240
--> https://bugs.webkit.org/attachment.cgi?id=441240
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=441240&action=review
r=me
> LayoutTests/TestExpectations:-911
> -imported/w3c/web-platform-tests/content-security-policy/style-src-attr-elem/
[ Skip ]
Nice!
>
LayoutTests/http/tests/security/contentSecurityPolicy/report-uri-scheme-relativ
e-expected.txt:9
>
+{"csp-report":{"document-uri":"http://127.0.0.1:8000/security/contentSecurityP
olicy/report-uri-scheme-relative.py","referrer":"","violated-directive":"script
-src-elem","effective-directive":"script-src","original-policy":"script-src
'self'; report-uri
//127.0.0.1:8080/security/contentSecurityPolicy/resources/save-report.py","bloc
ked-uri":"inline","status-code":200}}
I wonder if we could consider removing any of these WebKit-specific tests now
that we pass the official WPT tests?
>
LayoutTests/imported/w3c/web-platform-tests/content-security-policy/script-src-
attr-elem/script-src-attr-allowed-src-blocked-expected.txt:3
> +PASS Should not fire a security policy violation event
So good to see these timeouts go away. This will help speed up our WPT runs,
too.
More information about the webkit-reviews
mailing list