154420 – CSP: Enable plugin-types directive by default

Bug 154420 - CSP: Enable plugin-types directive by default

Summary: CSP: Enable plugin-types directive by default

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	WebKit Local Build
Hardware:	All All

Importance:	P2 Normal
Assignee:	Daniel Bates

URL:
Keywords:	InRadar, WebExposed

Depends on:
Blocks:	154652
	Show dependency tree / graph

Reported:	2016-02-18 15:30 PST by Daniel Bates
Modified:	2016-02-25 16:58 PST (History)
CC List:	3 users (show)

See Also:

Attachments
Patch (24.83 KB, patch) 2016-02-23 17:41 PST, Daniel Bates	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Bates 2016-02-18 15:30:31 PST

Currently the Content Security Policy plugin-types directive is guarded by ENABLE(CSP_NEXT) and a runtime flag, both are disabled by default. This directive has been part of the Content Security Policy spec. since version 1.1 and other browsers, Google Chrome, have enabled it by default for some time. We should enable it by default.

Comment 1 Radar WebKit Bug Importer 2016-02-18 15:31:16 PST

<rdar://problem/24730322>

Comment 2 Daniel Bates 2016-02-23 17:41:56 PST

Created attachment 272070 [details]
Patch

Comment 3 Brent Fulgham 2016-02-24 09:17:57 PST

Comment on attachment 272070 [details]
Patch

r=me

Comment 4 Daniel Bates 2016-02-24 10:51:52 PST

Comment on attachment 272070 [details]
Patch

Clearing flags on attachment: 272070

Committed r197038: <http://trac.webkit.org/changeset/197038>

Comment 5 Daniel Bates 2016-02-24 10:51:56 PST

All reviewed patches have been landed.  Closing bug.