[Webkit-unassigned] [Bug 153622] New: CSP: Allow Web Workers initiated from an isolated world to bypass the main world Content Security Policy

Thu Jan 28 16:09:59 PST 2016

https://bugs.webkit.org/show_bug.cgi?id=153622

            Bug ID: 153622
           Summary: CSP: Allow Web Workers initiated from an isolated
                    world to bypass the main world Content Security Policy
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Local Build
          Hardware: All
                OS: All
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: dbates at webkit.org
                CC: aestes at apple.com, ap at webkit.org, bfulgham at webkit.org,
                    sam at webkit.org

We should allow code that runs in a Web Worker that was initiated from an isolated world to bypass the main world Content Security Policy. Currently such code is subject to the main world CSP even though code that executes in an isolated world is allowed to bypass the main world Content Security Policy.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160129/f9e448a4/attachment.html>