Summary: | CSP: Allow external scripts with SRI hashes matching CSP | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Patrick Griffis <pgriffis> | ||||||||||||||||
Component: | WebCore Misc. | Assignee: | Patrick Griffis <pgriffis> | ||||||||||||||||
Status: | RESOLVED FIXED | ||||||||||||||||||
Severity: | Normal | CC: | cdumez, ews-watchlist, japhet, katherine_cheney, mkwst, webkit-bug-importer | ||||||||||||||||
Priority: | P2 | Keywords: | InRadar | ||||||||||||||||
Version: | WebKit Nightly Build | ||||||||||||||||||
Hardware: | Unspecified | ||||||||||||||||||
OS: | Unspecified | ||||||||||||||||||
Attachments: |
|
Description
Patrick Griffis
2021-12-06 19:51:57 PST
*** Bug 233912 has been marked as a duplicate of this bug. *** Created attachment 446115 [details]
Patch
Created attachment 446116 [details]
Patch
Created attachment 446119 [details]
Patch
Created attachment 446124 [details]
Patch
Created attachment 446193 [details]
Patch
Created attachment 446274 [details]
Patch
Comment on attachment 446274 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=446274&action=review > Source/WebCore/loader/ResourceCryptographicDigest.cpp:74 > + if (auto digest = base64Decode(hashValue)) A bit strange that some hash digests in wpt tests don't have correct padding. Tools/Scripts/svn-apply failed to apply attachment 446274 [details] to trunk.
Please resolve the conflicts and upload a new patch.
Created attachment 446732 [details]
Patch for landing
(In reply to Kate Cheney from comment #8) > Comment on attachment 446274 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=446274&action=review > > > Source/WebCore/loader/ResourceCryptographicDigest.cpp:74 > > + if (auto digest = base64Decode(hashValue)) > > A bit strange that some hash digests in wpt tests don't have correct padding. Yeah, I'm not sure if it was on purpose to test this or what. Committed r286853 (245086@main): <https://commits.webkit.org/245086@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 446732 [details]. |