Bug 154420

Summary: CSP: Enable plugin-types directive by default
Product: WebKit Reporter: Daniel Bates <dbates>
Component: WebCore Misc.Assignee: Daniel Bates <dbates>
Status: RESOLVED FIXED    
Severity: Normal CC: aestes, bfulgham, webkit-bug-importer
Priority: P2 Keywords: InRadar, WebExposed
Version: WebKit Local Build   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 154652    
Attachments:
Description Flags
Patch none

Daniel Bates
Reported 2016-02-18 15:30:31 PST
Currently the Content Security Policy plugin-types directive is guarded by ENABLE(CSP_NEXT) and a runtime flag, both are disabled by default. This directive has been part of the Content Security Policy spec. since version 1.1 and other browsers, Google Chrome, have enabled it by default for some time. We should enable it by default.
Attachments
Patch (24.83 KB, patch)
2016-02-23 17:41 PST, Daniel Bates 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2016-02-18 15:31:16 PST
<rdar://problem/24730322>
Daniel Bates
Comment 2 2016-02-23 17:41:56 PST
Created attachment 272070 [details] Patch
Brent Fulgham
Comment 3 2016-02-24 09:17:57 PST
Comment on attachment 272070 [details] Patch r=me
Daniel Bates
Comment 4 2016-02-24 10:51:52 PST
Comment on attachment 272070 [details] Patch Clearing flags on attachment: 272070 Committed r197038: <http://trac.webkit.org/changeset/197038>
Daniel Bates
Comment 5 2016-02-24 10:51:56 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.