Bug 53572

Summary: [meta] Implement Content-Security-Policy 1.0
Product: WebKit Reporter: Adam Barth <abarth>
Component: WebCore Misc.Assignee: Nobody <webkit-unassigned>
Status: NEW ---    
Severity: Normal CC: aestes, ap, bugmail, dbates, donggwan.kim, dveditz, erlend, felipe, jwalden+bwo, kozmic, laszlo.gombos, memorius, mike, mjs, mkwst, ojan, peter, pkasting, rafael.lobo, sam, syoichi, tsepez, vitaly.osipov, vprajan, webkit.arunp, webkit
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Bug Depends on: 53573, 53685, 53867, 54379, 54381, 54551, 54787, 54799, 56582, 57196, 57212, 57278, 57283, 57287, 58012, 58014, 58018, 58604, 58610, 58639, 58640, 58641, 58642, 58643, 58644, 58645, 58646, 59291, 59292, 59293, 59850, 59899, 60240, 60384, 60402, 60800, 60874, 61360, 61576, 63636, 63637, 69433, 69728, 70011, 70463, 73240, 85233, 85553, 85561, 85662, 85682, 85778, 96765, 106314    
Bug Blocks: 103582    

Description Adam Barth 2011-02-01 21:44:48 PST
We're coordinating with Mozilla in the W3C's public-web-security.  This is a meta-bug for implementing the feature.
Comment 1 Adam Barth 2011-04-15 00:30:02 PDT
The list of blockers for this bug should now be complete.  We might not implement all of the directives (e.g., frame-ancestors), but they're all listed as blocking this bug now so we can see the big picture.
Comment 2 Adam Barth 2011-05-11 01:41:01 PDT
WebKit's implementation is now (roughly) feature-complete.  I'm going to leave this bug open to continue to serve as a meta bug for tracking any changes to the spec.
Comment 3 Sam Weinig 2011-10-04 17:50:46 PDT
*** Bug 30081 has been marked as a duplicate of this bug. ***
Comment 4 Adam Barth 2012-05-03 17:30:19 PDT
CSP 1.0 is very close to WGLC.  Let's use this bug as a meta bug for driving the last spec compliance issues to zero.
Comment 5 Adam Barth 2012-05-03 17:33:23 PDT
Note: I'll be punting some bugs to https://bugs.webkit.org/show_bug.cgi?id=85558, which is the meta bug for implementing CSP 1.1.