[Webkit-unassigned] [Bug 208662] New: [ iOS wk2 ] http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star.html is flaky failing.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Mar 5 12:56:07 PST 2020 

https://bugs.webkit.org/show_bug.cgi?id=208662

            Bug ID: 208662
           Summary: [ iOS wk2 ]
                    http/tests/security/contentSecurityPolicy/javascript-u
                    rl-blocked-by-default-src-star.html  is flaky failing.
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: iPhone / iPad
                OS: iOS 13
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Tools / Tests
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: Lawrence.j at apple.com

http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star.html 


Description:
This test is flaky failing on iOS wk2. The failures seem to have become more frequent around r257740, but it is failing back to r251695.

History:
https://results.webkit.org/?suite=layout-tests&test=http%2Ftests%2Fsecurity%2FcontentSecurityPolicy%2Fjavascript-url-blocked-by-default-src-star.html&platform=ios

Diff:
@@ -1,4 +1,6 @@
 CONSOLE MESSAGE: Refused to load javascript:alert('FAIL'); because it appears in neither the object-src directive nor the default-src directive of the Content Security Policy.
 CONSOLE MESSAGE: Refused to load javascript:alert('FAIL'); because it appears in neither the object-src directive nor the default-src directive of the Content Security Policy.
 CONSOLE MESSAGE: line 1: Refused to execute a script because its hash, its nonce, or 'unsafe-inline' appears in neither the script-src directive nor the default-src directive of the Content Security Policy.
+CONSOLE MESSAGE: Refused to load javascript:alert('FAIL'); because it appears in neither the object-src directive nor the default-src directive of the Content Security Policy.
+CONSOLE MESSAGE: Refused to load javascript:alert('FAIL'); because it appears in neither the object-src directive nor the default-src directive of the Content Security Policy.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200305/fdd5f783/attachment.htm>

More information about the webkit-unassigned mailing list