Bug 154555

Summary: REGRESSION (r196892): No longer emit error message when CSP form-action directive is used as a source expression
Product: WebKit Reporter: Daniel Bates <dbates>
Component: WebCore Misc.Assignee: Daniel Bates <dbates>
Status: RESOLVED FIXED    
Severity: Normal CC: aestes, bfulgham, commit-queue, mkwst, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: All   
OS: All   
URL: data:text/html,<!DOCTYPE html><html><head><meta http-equiv="Content-Security-Policy" content="script-src 'self' form-action 'self'"></head></html>
Bug Depends on: 154520    
Bug Blocks:    
Attachments:
Description Flags
Patch and Layout Test none

Daniel Bates
Reported 2016-02-22 13:44:31 PST
Suppose a page has the following HTML meta element with malformed Content Security Policy: <meta http-equiv="Content-Security-Policy" content="script-src 'self' form-action 'self'"> Then we show a console error of the form: [Error] The Content Security Policy directive 'script-src' contains 'form-action' as a source expression. Did you mean 'script-src ...; form-action...' (note the semicolon)? But we no longer emit this console error following <http://trac.webkit.org/changeset/196892> (bug #154520).
Attachments
Patch and Layout Test (5.54 KB, patch)
2016-02-22 13:54 PST, Daniel Bates 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2016-02-22 13:45:00 PST
<rdar://problem/24776777>
Daniel Bates
Comment 2 2016-02-22 13:54:35 PST
Created attachment 271953 [details] Patch and Layout Test
Daniel Bates
Comment 3 2016-02-23 13:32:49 PST
Comment on attachment 271953 [details] Patch and Layout Test Clearing flags on attachment: 271953 Committed r196992: <http://trac.webkit.org/changeset/196992>
Daniel Bates
Comment 4 2016-02-23 13:32:52 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.