[Webkit-unassigned] [Bug 140736] Add support for registering url schemes to bypass Content Security Policy
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jan 21 21:27:38 PST 2015
https://bugs.webkit.org/show_bug.cgi?id=140736
--- Comment #4 from Zhuo Li <zachli at apple.com> ---
I am not entirely familiar with network security in general, but if we ignore CSP for script in non-main worlds, would it be possible for someone to inject malicious code in non-main worlds, bypass CSP, and exploit?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150122/7bac36f4/attachment-0002.html>
More information about the webkit-unassigned
mailing list