[Webkit-unassigned] [Bug 136452] Enable of X-Content-Type-Options: nosniff header, and remove #if guards

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Sep 4 01:55:19 PDT 2014


--- Comment #7 from Csaba Osztrogon√°c <ossy at webkit.org>  2014-09-04 01:55:20 PST ---
We already have tests for nosniff in http/tests/security/contentTypeOptions directory, but they are skipped in TestExpectations of gtk/mac/win/wincairo/wk2 .

All of these tests pass on EFL and Mac too with applying the patch. 
I haven't checked if the implementation and the test fulfil the spec.

Google implemented this feature in WebKit era:
- added compile time flag - bug109029 - http://trac.webkit.org/changeset/141985
- added implementation and tests - bug71851 - http://trac.webkit.org/changeset/142683
- removed the ifdefs after the Blink fork - https://codereview.chromium.org/13724004

I found only one patch after the fork: https://codereview.chromium.org/185593011
Probably we should merge it to WebKit before enabling.

Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list