RESOLVED FIXED Bug 101321
CSP 1.1: Tweak the script interface to match the spec. 
https://bugs.webkit.org/show_bug.cgi?id=101321
Summary CSP 1.1: Tweak the script interface to match the spec.
Mike West
Reported 2012-11-06 01:27:50 PST
https://dvcs.w3.org/hg/content-security-policy/rev/5a29424a37d4 had the following effects: * Renamed 'document.SecurityPolicy' to 'document.securityPolicy' * Converted the following to read-only boolean attributes: * 'allowsEval' * 'allowsInlineScript' * 'allowsInlineStyle' * 'isActive'
Attachments
Patch (28.91 KB, patch)
2012-11-06 01:56 PST, Mike West 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Mike West
Comment 1 2012-11-06 01:56:05 PST
Created attachment 172526 [details] Patch
Adam Barth
Comment 2 2012-11-06 07:35:02 PST
Comment on attachment 172526 [details] Patch We should double-check that this is turned off in M24.
Mike West
Comment 3 2012-11-06 08:00:17 PST
Comment on attachment 172526 [details] Patch (In reply to comment #2) > (From update of attachment 172526 [details]) > We should double-check that this is turned off in M24. http://trac.webkit.org/changeset/133008 :) Longer term, should we prefix this interface, or just keep turning it off until it's somewhat stable in the spec?
Adam Barth
Comment 4 2012-11-06 08:35:46 PST
> Longer term, should we prefix this interface, or just keep turning it off until it's somewhat stable in the spec? We should make it run-time enabled and put it behind --enable-experimental-webkit-features. That's the compromise we reached with the release engineers.
WebKit Review Bot
Comment 5 2012-11-06 09:15:58 PST
Comment on attachment 172526 [details] Patch Clearing flags on attachment: 172526 Committed r133620: <http://trac.webkit.org/changeset/133620>
WebKit Review Bot
Comment 6 2012-11-06 09:16:01 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.