Summary: | CSP: Clean up effective-violation handling in reports | ||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Patrick Griffis <pgriffis> | ||||||||||||||||||
Component: | WebCore Misc. | Assignee: | Patrick Griffis <pgriffis> | ||||||||||||||||||
Status: | RESOLVED FIXED | ||||||||||||||||||||
Severity: | Normal | CC: | ews-watchlist, katherine_cheney, mkwst, webkit-bug-importer | ||||||||||||||||||
Priority: | P2 | Keywords: | InRadar | ||||||||||||||||||
Version: | WebKit Nightly Build | ||||||||||||||||||||
Hardware: | Unspecified | ||||||||||||||||||||
OS: | Unspecified | ||||||||||||||||||||
Attachments: |
|
Description
Patrick Griffis
2022-01-25 12:31:38 PST
Created attachment 449953 [details]
Patch
Created attachment 449959 [details]
Patch
Created attachment 450024 [details]
Patch
Created attachment 450133 [details]
Patch
Created attachment 450135 [details]
Patch
Created attachment 450136 [details]
Patch
Comment on attachment 450136 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=450136&action=review r=me once EWS is happy. > Source/WebCore/page/csp/ContentSecurityPolicy.cpp:74 > + // Normalize script-src and style-src for logs as its generally what developers use nit: missing a period at the end of this comment. > Source/WebCore/page/csp/ContentSecurityPolicy.cpp:75 > + if (violatedDirective.nameForReporting().startsWith(ContentSecurityPolicyDirectiveNames::scriptSrc)) you could remove the else statements and have fewer lines of code if you do something like: String name = violatedDirective.nameForReporting(); if (violatedDirective.nameForReporting().startsWith(ContentSecurityPolicyDirectiveNames::scriptSrc)) name = ContentSecurityPolicyDirectiveNames::scriptSrc; if (violatedDirective.nameForReporting().startsWith(ContentSecurityPolicyDirectiveNames::styleSrc)) name = ContentSecurityPolicyDirectiveNames::styleSrc; > Source/WebCore/page/csp/ContentSecurityPolicy.cpp:809 > + violationEventInit.violatedDirective = effectiveViolatedDirective; // Historical alias to effectiveDirective: https://www.w3.org/TR/CSP3/#violation-events nit: comment is missing a period. Created attachment 450145 [details]
Patch
Created attachment 450146 [details]
Patch for landing
Committed r288678 (246484@main): <https://commits.webkit.org/246484@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 450146 [details]. |