[Webkit-unassigned] [Bug 159761] CSP: object-src and plugin-types directives are not respected for plugin replacements
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jul 19 17:02:46 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=159761
Daniel Bates <dbates at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|CSP: Neither `object-src` |CSP: object-src and
|nor `frame-src` blocks |plugin-types directives are
|YouTube videos on iOS. |not respected for plugin
| |replacements
--- Comment #3 from Daniel Bates <dbates at webkit.org> ---
This issue effects plugin replacement content in general. We neither respect the object-src directive nor the plugin-types directive for plugin replacements. At the time of writing we have plugin replacements for YouTube flash videos and the QuickTime plugin.
Currently we apply these directives to an HTML object/element that either loads an actual plugin or creates a nested browsing context (acts like an <iframe>). We also need to apply these directives when we make use of a plugin replacement.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160720/bd099055/attachment.html>
More information about the webkit-unassigned
mailing list