[Webkit-unassigned] [Bug 181846] New: CSP: object-src is propagated to iframed HTML documents without CSP meta-refreshing to a PDF URI
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jan 19 04:02:26 PST 2018
https://bugs.webkit.org/show_bug.cgi?id=181846
Bug ID: 181846
Summary: CSP: object-src is propagated to iframed HTML
documents without CSP meta-refreshing to a PDF URI
Product: WebKit
Version: WebKit Local Build
Hardware: All
OS: All
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: mikispag at gmail.com
The object-src directive of an embedding HTML document is propagated to iframed HTML documents without CSP meta-refreshing to a PDF URI.
PoC: https://poc.miki.it/CSP/safari_object_src_iframe/
The third case should not be blocked according to the CSP specification (cross-test with Chromium), because the intermediate HTML page does not have a CSP.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180119/dcfd4703/attachment-0001.html>
More information about the webkit-unassigned
mailing list