Summary: | CSP: object-src directive should prohibit creation of nested browsing context | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Daniel Bates <dbates> | ||||
Component: | WebCore Misc. | Assignee: | Daniel Bates <dbates> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | CC: | bfulgham, cdumez, commit-queue, dbates, japhet, mkwst, webkit-bug-importer | ||||
Priority: | P2 | Keywords: | BlinkMergeCandidate, InRadar | ||||
Version: | WebKit Local Build | ||||||
Hardware: | All | ||||||
OS: | All | ||||||
Attachments: |
|
Description
Daniel Bates
2016-01-15 15:01:10 PST
Created attachment 273059 [details]
Patch and Layout Tests
Comment on attachment 273059 [details] Patch and Layout Tests View in context: https://bugs.webkit.org/attachment.cgi?id=273059&action=review Very nice! r=me. > LayoutTests/TestExpectations:-851 > -webkit.org/b/153153 http/tests/security/contentSecurityPolicy/object-src-param-url-blocked.html Hooray! Committed r197697: <http://trac.webkit.org/changeset/197697> |