<html>
<head>
<base href="https://bugs.webkit.org/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - CSP: Allow Web Workers initiated from an isolated world to bypass the main world Content Security Policy"
href="https://bugs.webkit.org/show_bug.cgi?id=153622">153622</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>CSP: Allow Web Workers initiated from an isolated world to bypass the main world Content Security Policy
</td>
</tr>
<tr>
<th>Classification</th>
<td>Unclassified
</td>
</tr>
<tr>
<th>Product</th>
<td>WebKit
</td>
</tr>
<tr>
<th>Version</th>
<td>WebKit Local Build
</td>
</tr>
<tr>
<th>Hardware</th>
<td>All
</td>
</tr>
<tr>
<th>OS</th>
<td>All
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>Normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P2
</td>
</tr>
<tr>
<th>Component</th>
<td>WebCore Misc.
</td>
</tr>
<tr>
<th>Assignee</th>
<td>webkit-unassigned@lists.webkit.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>dbates@webkit.org
</td>
</tr>
<tr>
<th>CC</th>
<td>aestes@apple.com, ap@webkit.org, bfulgham@webkit.org, sam@webkit.org
</td>
</tr></table>
<p>
<div>
<pre>We should allow code that runs in a Web Worker that was initiated from an isolated world to bypass the main world Content Security Policy. Currently such code is subject to the main world CSP even though code that executes in an isolated world is allowed to bypass the main world Content Security Policy.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>