Bug 156092 - CSP: child-src violations reported as frame-src violation
Summary: CSP: child-src violations reported as frame-src violation
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Local Build
Hardware: All All
: P2 Normal
Assignee: Daniel Bates
URL:
Keywords: InRadar, WebExposed
Depends on:
Blocks:
 
Reported: 2016-03-31 16:44 PDT by Daniel Bates
Modified: 2016-04-01 14:01 PDT (History)
6 users (show)

See Also:


Attachments
Test case (1.18 KB, text/html)
2016-03-31 16:47 PDT, Daniel Bates
no flags Details
Patch and Layout Tests (19.16 KB, patch)
2016-03-31 18:29 PDT, Daniel Bates
aestes: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Bates 2016-03-31 16:44:48 PDT
Frame loads blocked by directive child-src are reported as being blocked by directive frame-src in both the console message and dispatched SecurityPolicyViolation event.

You can see observe these issue by opening the attached test, test.html, and looking at the test output and the console message emitted in the Web Inspector.
Comment 1 Daniel Bates 2016-03-31 16:47:40 PDT
Created attachment 275356 [details]
Test case
Comment 2 Radar WebKit Bug Importer 2016-03-31 17:04:05 PDT
<rdar://problem/25478509>
Comment 3 Daniel Bates 2016-03-31 18:29:56 PDT
Created attachment 275364 [details]
Patch and Layout Tests
Comment 4 Daniel Bates 2016-04-01 11:40:26 PDT
Committed r198951: <http://trac.webkit.org/changeset/198951>
Comment 5 Ryan Haddad 2016-04-01 14:01:28 PDT
The tests added with this change were rebaselined in <http://trac.webkit.org/changeset/198954>