CSP 1.1: Strip URLs in SecurityPolicyViolationEvents, just as we do for POSTed violation reports.
Created attachment 194500 [details] Patch
Hey Adam! I obviously need to rebase this patch to fix whatever didn't apply correctly, but perhaps you can take a look in the meantime? It's a fairly large oversight on my part in the initial implementation. :/ Thanks!
Created attachment 194810 [details] Patch
Hey Jochen! Since Adam is out, would you mind taking a look at this patch?
Created attachment 194818 [details] Patch
(In reply to comment #5) > Created an attachment (id=194818) [details] > Patch Jochen noted that we're doing the wrong thing with 'file:' URIs. Normally, I'd break that out into a separate patch, but I'm not sure it's worth it in this case. The current patch fixes both issues by changing the 'if' to 'if (!url.isHierarchical() || url.protocolIs("file"))'. I'm also happy to break that (and the new test it brings with it) out to a separate patch if you think that'd be clearer.
Comment on attachment 194818 [details] Patch ok
(In reply to comment #7) > (From update of attachment 194818 [details]) > ok Cool. I'll CQ it once the mac bots join the happy crowd. Thanks!
Created attachment 194830 [details] Patch
Comment on attachment 194830 [details] Patch Carrying over the r+, CQing after fixing the platform-specific results for the new test.
Comment on attachment 194830 [details] Patch Clearing flags on attachment: 194830 Committed r146758: <http://trac.webkit.org/changeset/146758>
All reviewed patches have been landed. Closing bug.