https://dvcs.w3.org/hg/content-security-policy/rev/a7dc8820946e changed schemeless source expressions to match both HTTP and HTTPS on HTTP sites. We should implement this behind the CSP_NEXT flag.
Created attachment 193570 [details] Patch
Bots are happy here too. WDYT, Adam?
Comment on attachment 193570 [details] Patch Thanks!
Comment on attachment 193570 [details] Patch Clearing flags on attachment: 193570 Committed r146141: <http://trac.webkit.org/changeset/146141>
All reviewed patches have been landed. Closing bug.