[webkit-reviews] review granted: [Bug 230728] Send CSP violation reports to the DOM window : [Attachment 439294] Patch

[bugzilla-daemon at webkit.org]

Brent Fulgham <bfulgham at webkit.org> has granted  review:
Bug 230728: Send CSP violation reports to the DOM window
https://bugs.webkit.org/show_bug.cgi?id=230728

Attachment 439294: Patch

https://bugs.webkit.org/attachment.cgi?id=439294&action=review




--- Comment #14 from Brent Fulgham <bfulgham at webkit.org> ---
Comment on attachment 439294
  --> https://bugs.webkit.org/attachment.cgi?id=439294
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=439294&action=review

R=me

> LayoutTests/TestExpectations:-938
>
-imported/w3c/web-platform-tests/content-security-policy/reporting/report-origi
nal-url.sub.html [ Skip ]

This makes me so happy!

>
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/repor
t-frame-ancestors-cross-origin-expected.txt:8
>
+{"csp-report":{"document-uri":"http://localhost:8000/security/contentSecurityP
olicy/resources/echo-intertag.pl?header=Content-Security-Policy%3A+frame-ancest
ors+%27none%27%3B+report-uri+save-report.py%3Ftest%3D/security/contentSecurityP
olicy/1.1/report-frame-ancestors-cross-origin.html&q=FAIL","referrer":"http://1
27.0.0.1:8000/","violated-directive":"frame-ancestors","effective-directive":"f
rame-ancestors","original-policy":"frame-ancestors 'none'; report-uri
save-report.py?test=/security/contentSecurityPolicy/1.1/report-frame-ancestors-
cross-origin.html","blocked-uri":"http://localhost:8000/security/contentSecurit
yPolicy/resources/echo-intertag.pl?header=Content-Security-Policy%3A+frame-ance
stors+%27none%27%3B+report-uri+save-report.py%3Ftest%3D/security/contentSecurit
yPolicy/1.1/report-frame-ancestors-cross-origin.html&q=FAIL","status-code":200}
}

Out of curiosity: Does this revised format with only the name now match the
spec? Seems silly that we failed some tests just for that small fix (wish I had
looked at it before)!

So great to see all of these I skipped tests.