[Webkit-unassigned] [Bug 136452] Enable of X-Content-Type-Options: nosniff header, and remove #if guards
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Sep 4 01:55:19 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=136452
--- Comment #7 from Csaba Osztrogonác <ossy at webkit.org> 2014-09-04 01:55:20 PST ---
We already have tests for nosniff in http/tests/security/contentTypeOptions directory, but they are skipped in TestExpectations of gtk/mac/win/wincairo/wk2 .
All of these tests pass on EFL and Mac too with applying the patch.
I haven't checked if the implementation and the test fulfil the spec.
Google implemented this feature in WebKit era:
- added compile time flag - bug109029 - http://trac.webkit.org/changeset/141985
- added implementation and tests - bug71851 - http://trac.webkit.org/changeset/142683
- removed the ifdefs after the Blink fork - https://codereview.chromium.org/13724004
I found only one patch after the fork: https://codereview.chromium.org/185593011
Probably we should merge it to WebKit before enabling.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list