146279 – CSP error message when frame load is blocked does not read well

Bug 146279 - CSP error message when frame load is blocked does not read well

Summary: CSP error message when frame load is blocked does not read well

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	528+ (Nightly build)
Hardware:	All All

Importance:	P2 Normal
Assignee:	Daniel Bates

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-06-24 08:25 PDT by Daniel Bates
Modified:	2015-06-24 08:55 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
Patch (4.29 KB, patch) 2015-06-24 08:30 PDT, Daniel Bates	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Bates 2015-06-24 08:25:22 PDT

When the Content Security Policy (CSP) blocks a frame load it emits an error message to the Web Inspector console that has the form:

Refused to frame 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/alert-fail.html' because it violates the following Content Security Policy directive: "frame-src 'none'"

This error message does not read well. In particular, the phrase "Refused to frame" does not read well. We should make this error message read well so that it is clear that the CSP policy of the page blocked a frame load.

Comment 1 Daniel Bates 2015-06-24 08:30:18 PDT

Created attachment 255482 [details]
Patch

Comment 2 Csaba Osztrogonác 2015-06-24 08:43:22 PDT

Comment on attachment 255482 [details]
Patch

Nice catch, r=me.

Comment 3 Daniel Bates 2015-06-24 08:55:10 PDT

Comment on attachment 255482 [details]
Patch

Clearing flags on attachment: 255482

Committed r185912: <http://trac.webkit.org/changeset/185912>

Comment 4 Daniel Bates 2015-06-24 08:55:13 PDT

All reviewed patches have been landed.  Closing bug.