Bug 311728
| Summary: | Page CSP blocks content script background image rendering in action popups | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Carlos J. <carlosj-webkit-bugzilla> |
| Component: | WebKit Extensions | Assignee: | Nobody <webkit-unassigned> |
| Status: | NEW | ||
| Severity: | Normal | CC: | timothy, webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | Safari 26 | ||
| Hardware: | Mac (Apple Silicon) | ||
| OS: | macOS 26 | ||
| URL: | https://jeurissen.co/webext-demos/action-popup-content-script-css-data-image | ||
Carlos J.
Given the following:
Extension opens extension popup
The popup has an iframe
The iframe is set to a document which declares a CSP with default-src
The extension applied a css content script to that document with a data:image based background-image
Somehow Webkit does not render this image properly. While other engines render it completely fine.
It seems somehow Webkit interprets the CSP as if it should block the css image.
See demo extension:
http://jeurissen.co/webext-demos/action-popup-content-script-css-data-image
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Radar WebKit Bug Importer
<rdar://problem/174316860>