Bug 233911 - CSP: Allow external scripts with SRI hashes matching CSP
Summary: CSP: Allow external scripts with SRI hashes matching CSP
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Patrick Griffis
URL:
Keywords: InRadar
: 233912 (view as bug list)
Depends on:
Blocks:
 
Reported: 2021-12-06 19:51 PST by Patrick Griffis
Modified: 2021-12-10 08:59 PST (History)
6 users (show)

See Also:

Attachments
Patch (22.32 KB, patch)
2021-12-06 20:17 PST, Patrick Griffis 		no flags Details | Formatted Diff | Diff
Patch (22.26 KB, patch)
2021-12-06 20:40 PST, Patrick Griffis 		no flags Details | Formatted Diff | Diff
Patch (26.17 KB, patch)
2021-12-06 21:49 PST, Patrick Griffis 		no flags Details | Formatted Diff | Diff
Patch (27.63 KB, patch)
2021-12-06 22:17 PST, Patrick Griffis 		no flags Details | Formatted Diff | Diff
Patch (27.70 KB, patch)
2021-12-07 09:57 PST, Patrick Griffis 		no flags Details | Formatted Diff | Diff
Patch (26.29 KB, patch)
2021-12-07 18:39 PST, Patrick Griffis 		no flags Details | Formatted Diff | Diff
Patch for landing (26.30 KB, patch)
2021-12-10 08:09 PST, Patrick Griffis 		no flags Details | Formatted Diff | Diff
Show Obsolete (6) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Patrick Griffis 2021-12-06 19:51:57 PST 
CSP: Allow external scripts with SRI hashes matching CSP
Comment 1 Patrick Griffis 2021-12-06 19:53:35 PST 
*** Bug 233912 has been marked as a duplicate of this bug. ***
Comment 2 Patrick Griffis 2021-12-06 20:17:41 PST 
Created attachment 446115 [details]
Patch
Comment 3 Patrick Griffis 2021-12-06 20:40:13 PST 
Created attachment 446116 [details]
Patch
Comment 4 Patrick Griffis 2021-12-06 21:49:48 PST 
Created attachment 446119 [details]
Patch
Comment 5 Patrick Griffis 2021-12-06 22:17:57 PST 
Created attachment 446124 [details]
Patch
Comment 6 Patrick Griffis 2021-12-07 09:57:22 PST 
Created attachment 446193 [details]
Patch
Comment 7 Patrick Griffis 2021-12-07 18:39:10 PST 
Created attachment 446274 [details]
Patch
Comment 8 Kate Cheney 2021-12-09 07:05:17 PST 
Comment on attachment 446274 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=446274&action=review

> Source/WebCore/loader/ResourceCryptographicDigest.cpp:74
> +    if (auto digest = base64Decode(hashValue))

A bit strange that some hash digests in wpt tests don't have correct padding.
Comment 9 EWS 2021-12-09 20:53:54 PST 
Tools/Scripts/svn-apply failed to apply attachment 446274 [details] to trunk.
Please resolve the conflicts and upload a new patch.
Comment 10 Patrick Griffis 2021-12-10 08:09:43 PST 
Created attachment 446732 [details]
Patch for landing
Comment 11 Patrick Griffis 2021-12-10 08:13:23 PST 
(In reply to Kate Cheney from comment #8)
> Comment on attachment 446274 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=446274&action=review
> 
> > Source/WebCore/loader/ResourceCryptographicDigest.cpp:74
> > +    if (auto digest = base64Decode(hashValue))
> 
> A bit strange that some hash digests in wpt tests don't have correct padding.

Yeah, I'm not sure if it was on purpose to test this or what.
Comment 12 EWS 2021-12-10 08:58:10 PST 
Committed r286853 (245086@main): <https://commits.webkit.org/245086@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 446732 [details].
Comment 13 Radar WebKit Bug Importer 2021-12-10 08:59:19 PST 
<rdar://problem/86324086>