238019 – CSP: report upon attempting to consume a forbidden preloaded resource

NEW Bug 238019

CSP: report upon attempting to consume a forbidden preloaded resource

https://bugs.webkit.org/show_bug.cgi?id=238019

Summary CSP: report upon attempting to consume a forbidden preloaded resource

Noam Rosenthal

Reported 2022-03-17 06:06:13 PDT

See https://github.com/whatwg/fetch/pull/1411 for spec and https://github.com/web-platform-tests/wpt/pull/33205 for failing test 1. Open a page with CSP forbidding images 2. Load an image with a <link rel=preload as=image /> 2. Consume the same image with <img /> The expected (newly spec'ed) behavior: - the forbidden attempt to request the image should be reported twice The actual result: - One report

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2022-03-22 08:49:38 PDT

<rdar://problem/90638057>

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component Page Loading

Assignee

Nobody

Reported

2022-03-17 06:06 PDT

Modified

2022-03-22 09:06 PDT History

CC List

2 users Show

URL

Keywords InRadar

Depends on

Blocks