Bug 153167 - CSP: 'sandbox' should be ignored in report-only mode
Summary: CSP: 'sandbox' should be ignored in report-only mode
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Local Build
Hardware: All All
: P2 Normal
Assignee: Daniel Bates
Keywords: BlinkMergeCandidate, InRadar
Depends on:
Reported: 2016-01-15 18:08 PST by Daniel Bates
Modified: 2016-02-15 10:54 PST (History)
4 users (show)

See Also:

Patch (6.50 KB, patch)
2016-02-12 17:09 PST, Daniel Bates
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Bates 2016-01-15 18:08:44 PST
We should merge <https://src.chromium.org/viewvc/blink?view=rev&revision=165322>.

CSP: 'sandbox' should be ignored in report-only mode.

This is the behavior Firefox is running with[1], and has recently been
explicitly clarified in the spec[2].

[1]: https://bugzilla.mozilla.org/show_bug.cgi?id=671389
[2]: https://github.com/w3c/webappsec/commit/2cc237a696e982be59886c8f2ba0ed2d84f22c81
Comment 1 Radar WebKit Bug Importer 2016-01-27 20:57:08 PST
Comment 2 Daniel Bates 2016-02-12 12:25:16 PST
Disregard comment #1. We have an existing radar...
Comment 3 Daniel Bates 2016-02-12 12:25:26 PST
Comment 4 Daniel Bates 2016-02-12 17:09:38 PST
Created attachment 271250 [details]
Comment 5 Brent Fulgham 2016-02-15 09:48:46 PST
Comment on attachment 271250 [details]

Comment 6 Daniel Bates 2016-02-15 10:54:28 PST
Comment on attachment 271250 [details]

Clearing flags on attachment: 271250

Committed r196582: <http://trac.webkit.org/changeset/196582>
Comment 7 Daniel Bates 2016-02-15 10:54:30 PST
All reviewed patches have been landed.  Closing bug.