[Webkit-unassigned] [Bug 154555] New: REGRESSION (r196892): No longer emit error message when CSP form-action directive is used as a source expression

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=154555

            Bug ID: 154555
           Summary: REGRESSION (r196892): No longer emit error message
                    when CSP form-action directive is used as a source
                    expression
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Local Build
          Hardware: All
               URL: data:text/html,<!DOCTYPE html><html><head><meta
                    http-equiv="Content-Security-Policy"
                    content="script-src 'self' form-action
                    'self'"></head></html>
                OS: All
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: dbates at webkit.org
                CC: webkit-bug-importer at group.apple.com
        Depends on: 154520

Suppose a page has the following HTML meta element with malformed Content Security Policy:

<meta http-equiv="Content-Security-Policy" content="script-src 'self' form-action 'self'">

Then we show a console error of the form:

[Error] The Content Security Policy directive 'script-src' contains 'form-action' as a source expression. Did you mean 'script-src ...; form-action...' (note the semicolon)?

But we no longer emit this console error following <http://trac.webkit.org/changeset/196892> (bug #154520).

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160222/95556550/attachment-0001.html>