Bug 233911

Summary: CSP: Allow external scripts with SRI hashes matching CSP
Product: WebKit Reporter: Patrick Griffis <pgriffis>
Component: WebCore Misc.Assignee: Patrick Griffis <pgriffis>
Status: RESOLVED FIXED    
Severity: Normal CC: cdumez, ews-watchlist, japhet, katherine_cheney, mkwst, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch
none
Patch
none
Patch
none
Patch
none
Patch
none
Patch for landing none

Description Patrick Griffis 2021-12-06 19:51:57 PST 
CSP: Allow external scripts with SRI hashes matching CSP
Comment 1 Patrick Griffis 2021-12-06 19:53:35 PST 
*** Bug 233912 has been marked as a duplicate of this bug. ***
Comment 2 Patrick Griffis 2021-12-06 20:17:41 PST 
Created attachment 446115 [details]
Patch
Comment 3 Patrick Griffis 2021-12-06 20:40:13 PST 
Created attachment 446116 [details]
Patch
Comment 4 Patrick Griffis 2021-12-06 21:49:48 PST 
Created attachment 446119 [details]
Patch
Comment 5 Patrick Griffis 2021-12-06 22:17:57 PST 
Created attachment 446124 [details]
Patch
Comment 6 Patrick Griffis 2021-12-07 09:57:22 PST 
Created attachment 446193 [details]
Patch
Comment 7 Patrick Griffis 2021-12-07 18:39:10 PST 
Created attachment 446274 [details]
Patch
Comment 8 Kate Cheney 2021-12-09 07:05:17 PST 
Comment on attachment 446274 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=446274&action=review

> Source/WebCore/loader/ResourceCryptographicDigest.cpp:74
> +    if (auto digest = base64Decode(hashValue))

A bit strange that some hash digests in wpt tests don't have correct padding.
Comment 9 EWS 2021-12-09 20:53:54 PST 
Tools/Scripts/svn-apply failed to apply attachment 446274 [details] to trunk.
Please resolve the conflicts and upload a new patch.
Comment 10 Patrick Griffis 2021-12-10 08:09:43 PST 
Created attachment 446732 [details]
Patch for landing
Comment 11 Patrick Griffis 2021-12-10 08:13:23 PST 
(In reply to Kate Cheney from comment #8)
> Comment on attachment 446274 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=446274&action=review
> 
> > Source/WebCore/loader/ResourceCryptographicDigest.cpp:74
> > +    if (auto digest = base64Decode(hashValue))
> 
> A bit strange that some hash digests in wpt tests don't have correct padding.

Yeah, I'm not sure if it was on purpose to test this or what.
Comment 12 EWS 2021-12-10 08:58:10 PST 
Committed r286853 (245086@main): <https://commits.webkit.org/245086@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 446732 [details].
Comment 13 Radar WebKit Bug Importer 2021-12-10 08:59:19 PST 
<rdar://problem/86324086>