[Webkit-unassigned] [Bug 155432] REGRESSION (r197724): [GTK] Web Inspector: Images being blocked by CSP 2.0
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Mar 15 08:55:39 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=155432
--- Comment #7 from Carlos Garcia Campos <cgarcia at igalia.com> ---
(In reply to comment #6)
> Comment on attachment 273962 [details]
> Patch
>
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=273962&action=review
>
> > Source/WebCore/ChangeLog:8
> > + The GTK+ port Web Inspector uses GResources for all internal
>
> Is this only necessary for the Web Inspector? If so, how did you come to the
> decision to allow the interpretation of source * for resource URLs for
> images and audio/video sub resources on all web pages as opposed to
> modifying the img-src and media-src directives in the Web Inspector's CSP
> policy to allow GResources.
Because GResources are like a data URL in practice, so if we allow data URLs I don't see why not allowing GResources. They are always safe, so I don't think they should be blocked in any case.
> > Source/WebCore/ChangeLog:9
> > + resources (images, fonts, scripts, etc.) that are now blocked by
>
> Does this issue affect JavaScripts scripts? I mean, the proposed change only
> affects the interpretation of source * for images and audio/video
> subresources.
No, scripts were not affected.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160315/f0f827f2/attachment.html>
More information about the webkit-unassigned
mailing list