RESOLVED FIXED Bug 233911
CSP: Allow external scripts with SRI hashes matching CSP 
https://bugs.webkit.org/show_bug.cgi?id=233911
Summary CSP: Allow external scripts with SRI hashes matching CSP
Patrick Griffis
Reported 2021-12-06 19:51:57 PST
CSP: Allow external scripts with SRI hashes matching CSP
Attachments
Patch (22.32 KB, patch)
2021-12-06 20:17 PST, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
Patch (22.26 KB, patch)
2021-12-06 20:40 PST, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
Patch (26.17 KB, patch)
2021-12-06 21:49 PST, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
Patch (27.63 KB, patch)
2021-12-06 22:17 PST, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
Patch (27.70 KB, patch)
2021-12-07 09:57 PST, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
Patch (26.29 KB, patch)
2021-12-07 18:39 PST, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
Patch for landing (26.30 KB, patch)
2021-12-10 08:09 PST, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
Show Obsolete (6) View All Add attachment proposed patch, testcase, etc.
Patrick Griffis
Comment 1 2021-12-06 19:53:35 PST
*** Bug 233912 has been marked as a duplicate of this bug. ***
Patrick Griffis
Comment 2 2021-12-06 20:17:41 PST
Created attachment 446115 [details] Patch
Patrick Griffis
Comment 3 2021-12-06 20:40:13 PST
Created attachment 446116 [details] Patch
Patrick Griffis
Comment 4 2021-12-06 21:49:48 PST
Created attachment 446119 [details] Patch
Patrick Griffis
Comment 5 2021-12-06 22:17:57 PST
Created attachment 446124 [details] Patch
Patrick Griffis
Comment 6 2021-12-07 09:57:22 PST
Created attachment 446193 [details] Patch
Patrick Griffis
Comment 7 2021-12-07 18:39:10 PST
Created attachment 446274 [details] Patch
Kate Cheney
Comment 8 2021-12-09 07:05:17 PST
Comment on attachment 446274 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=446274&action=review > Source/WebCore/loader/ResourceCryptographicDigest.cpp:74 > + if (auto digest = base64Decode(hashValue)) A bit strange that some hash digests in wpt tests don't have correct padding.
EWS
Comment 9 2021-12-09 20:53:54 PST
Tools/Scripts/svn-apply failed to apply attachment 446274 [details] to trunk. Please resolve the conflicts and upload a new patch.
Patrick Griffis
Comment 10 2021-12-10 08:09:43 PST
Created attachment 446732 [details] Patch for landing
Patrick Griffis
Comment 11 2021-12-10 08:13:23 PST
(In reply to Kate Cheney from comment #8) > Comment on attachment 446274 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=446274&action=review > > > Source/WebCore/loader/ResourceCryptographicDigest.cpp:74 > > + if (auto digest = base64Decode(hashValue)) > > A bit strange that some hash digests in wpt tests don't have correct padding. Yeah, I'm not sure if it was on purpose to test this or what.
EWS
Comment 12 2021-12-10 08:58:10 PST
Committed r286853 (245086@main): <https://commits.webkit.org/245086@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 446732 [details].
Radar WebKit Bug Importer
Comment 13 2021-12-10 08:59:19 PST
<rdar://problem/86324086>
Note You need to log in before you can comment on or make changes to this bug.