[Webkit-unassigned] [Bug 97241] New: csp-report wrapper missing
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Sep 20 11:33:32 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=97241
Summary: csp-report wrapper missing
Product: WebKit
Version: 528+ (Nightly build)
Platform: Macintosh Intel
OS/Version: Mac OS X 10.8
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: WebCore Misc.
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: baldwin at andyet.net
On Safari Version 6.0.1 (8536.26.14) the outer 'csp-report' wrapper does not exist when csp violation report is sent.
Example:
{ 'document-url': 'http://localhost:3000/violation',
'violated-directive': 'default-src \'self\'' }
Should be like the following to match the spec
{ 'csp-report': { 'document-url': 'http://localhost:3000/violation',
'violated-directive': 'default-src \'self\'' } }
The policy header that was set was
X-WebKit-CSP: default-src 'self';report-uri http://localhost:3000/csp;
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list