Bug 235837

Summary: CSP: Properly block image content in object elements
Product: WebKit Reporter: Patrick Griffis <pgriffis>
Component: WebCore Misc.Assignee: Patrick Griffis <pgriffis>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, cdumez, ews-watchlist, japhet, katherine_cheney, mikispag, mkwst, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch for landing
none
Patch for landing ews-feeder: commit-queue-

Patrick Griffis
Reported 2022-01-28 15:00:09 PST
CSP: Properly block image content in object elements
Attachments
Patch (16.53 KB, patch)
2022-01-28 15:01 PST, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
Patch for landing (16.42 KB, patch)
2022-01-29 10:35 PST, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
Patch for landing (16.41 KB, patch)
2022-01-29 10:39 PST, Patrick Griffis 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Patrick Griffis
Comment 1 2022-01-28 15:01:52 PST
Created attachment 450280 [details] Patch
Kate Cheney
Comment 2 2022-01-28 15:39:06 PST
Comment on attachment 450280 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=450280&action=review > Source/WebCore/loader/ResourceLoaderOptions.h:150 > +enum class LoadedFromPluginElement : uint8_t { Usually we write enums for booleans like this: enum class LoadedFromPluginElement : bool { No, Yes }; with a "bool" specifier and the 'No' value first. I am not sure why other enums in this class do not follow that pattern, but I think we should stick with it. > Source/WebCore/page/csp/ContentSecurityPolicy.cpp:581 > + String consoleMessage = consoleMessageForViolation(violatedDirective, blockedURL, "Refused to load"); We should log the target URL in the console here I think. It is helpful to debug and I believe it also matches other browser behavior in general to log the target URL in the console.
Patrick Griffis
Comment 3 2022-01-29 10:35:14 PST
Created attachment 450327 [details] Patch for landing
EWS
Comment 4 2022-01-29 10:36:27 PST
ChangeLog entry in LayoutTests/ChangeLog contains OOPS!.
Patrick Griffis
Comment 5 2022-01-29 10:39:09 PST
Created attachment 450328 [details] Patch for landing
EWS
Comment 6 2022-01-29 11:29:09 PST
Committed r288792 (246569@main): <https://commits.webkit.org/246569@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 450328 [details].
Radar WebKit Bug Importer
Comment 7 2022-01-29 11:30:17 PST
<rdar://problem/88227274>
Brent Fulgham
Comment 8 2022-02-08 16:15:40 PST
*** Bug 181846 has been marked as a duplicate of this bug. ***
Brent Fulgham
Comment 9 2022-05-26 14:49:03 PDT
This fix shipped with Safari 15.5 (all platforms).
Note You need to log in before you can comment on or make changes to this bug.