[Webkit-unassigned] [Bug 167810] New: [Mac][WK2] Add SPI to override the Content Security Policy of a page
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 3 12:16:42 PST 2017
https://bugs.webkit.org/show_bug.cgi?id=167810
Bug ID: 167810
Summary: [Mac][WK2] Add SPI to override the Content Security
Policy of a page
Classification: Unclassified
Product: WebKit
Version: WebKit Nightly Build
Hardware: Macintosh
OS: macOS 10.12
Status: NEW
Keywords: PlatformOnly
Severity: Normal
Priority: P2
Component: WebKit2
Assignee: webkit-unassigned at lists.webkit.org
Reporter: dbates at webkit.org
CC: andersca at apple.com, jer.noble at apple.com,
sam at webkit.org
An embedding client may want to impose content restrictions when loading third-party web pages to prevent content injections and ensure a consistent user experience regardless of how the third party content was produced.
One way to do this is to make use of a Content Security Policy to impose content restrictions. An embedding client could use API/SPI to define a Content Security Policy to be applied to all subsequently loaded pages that takes precedence over the Content Security Policy delivered with a page.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170203/f99e0ddb/attachment.html>
More information about the webkit-unassigned
mailing list