[Webkit-unassigned] [Bug 238019] New: CSP: report upon attempting to consume a forbidden preloaded resource

Thu Mar 17 06:06:13 PDT 2022

https://bugs.webkit.org/show_bug.cgi?id=238019

            Bug ID: 238019
           Summary: CSP: report upon attempting to consume a forbidden
                    preloaded resource
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Page Loading
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: noam at webkit.org
                CC: beidson at apple.com

See https://github.com/whatwg/fetch/pull/1411 for spec
and https://github.com/web-platform-tests/wpt/pull/33205 for failing test

1. Open a page with CSP forbidding images
2. Load an image with a <link rel=preload as=image />
2. Consume the same image with <img />

The expected (newly spec'ed) behavior:
- the forbidden attempt to request the image should be reported twice

The actual result:
- One report

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220317/dac66522/attachment.htm>