Summary: | CSP: 'frame-src' should block redirects to invalid sources. | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Mike West <mkwst> | ||||
Component: | WebCore Misc. | Assignee: | Mike West <mkwst> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | CC: | abarth, japhet, mkwst+watchlist, webkit.review.bot | ||||
Priority: | P2 | ||||||
Version: | 528+ (Nightly build) | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Bug Depends on: | |||||||
Bug Blocks: | 103582 | ||||||
Attachments: |
|
Description
Mike West
2013-01-04 04:35:18 PST
Created attachment 181289 [details]
Patch
Hi Adam! This patch moves the CSP check for 'frame-src' out of SubframeLoader and into PolicyChecker, which allows us to validate the whole redirect chain, and also seems like a better location semantically. FrameLoader is pretty complex, however, so I'm not actually sure I'm doing the right thing here. Would you mind taking a look? Thanks! Comment on attachment 181289 [details]
Patch
Yeah, putting this in policy checker is much better.
Comment on attachment 181289 [details]
Patch
Glad I interpreted things correctly. Thanks for the review!
Comment on attachment 181289 [details] Patch Clearing flags on attachment: 181289 Committed r138818: <http://trac.webkit.org/changeset/138818> All reviewed patches have been landed. Closing bug. |