Bug 239862

Summary: CSP: Fix mixing strict-dynamic and unsafe-inline policies
Product: WebKit Reporter: Patrick Griffis <pgriffis>
Component: WebCore Misc.Assignee: Patrick Griffis <pgriffis>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, ews-watchlist, katherine_cheney, mkwst, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Patrick Griffis
Reported 2022-04-28 11:54:18 PDT
If you have multiple policies, one including strict-dynamic and another with unsafe-inline, the unsafe-inline policy was incorrectly handled.
Attachments
Patch (4.37 KB, patch)
2022-04-28 11:59 PDT, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Patrick Griffis
Comment 1 2022-04-28 11:59:45 PDT
Created attachment 458540 [details] Patch
EWS
Comment 2 2022-04-28 19:00:12 PDT
Committed r293603 (250109@main): <https://commits.webkit.org/250109@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 458540 [details].
Radar WebKit Bug Importer
Comment 3 2022-04-28 19:01:13 PDT
<rdar://problem/92500528>
Note You need to log in before you can comment on or make changes to this bug.