[Webkit-unassigned] [Bug 173498] New: Skip Content Security Policy check for media request for blob: and other external schemes initiated from an element in user agent shadow tree
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jun 16 15:51:25 PDT 2017
https://bugs.webkit.org/show_bug.cgi?id=173498
Bug ID: 173498
Summary: Skip Content Security Policy check for media request
for blob: and other external schemes initiated from an
element in user agent shadow tree
Product: WebKit
Version: WebKit Local Build
Hardware: All
OS: All
Status: NEW
Severity: Normal
Priority: P2
Component: WebCore Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: dbates at webkit.org
CC: webkit-bug-importer at group.apple.com
Splitting off from <https://bugs.webkit.org/show_bug.cgi?id=155505>, we should skip enforcing the Content Security Policy (CSP) of the page for media loads to blob URLs and other external schemes that are initiated by an element in a user-agent shadow tree because such elements are considered an implementation detail and should not be exposed to web developers.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170616/40d53a65/attachment.html>
More information about the webkit-unassigned
mailing list