273187 – Block Function constructor string arguments when trusted types enforced

NEW Bug 273187

Block Function constructor string arguments when trusted types enforced

https://bugs.webkit.org/show_bug.cgi?id=273187

Summary Block Function constructor string arguments when trusted types enforced

Luke Warlow

Reported 2024-04-24 07:51:14 PDT

When trusted types are enforced string arguments to new Function() should be blocked unless the default policy exists and allows them.

Attachments
Add attachment proposed patch, testcase, etc.

Luke Warlow

Comment 1 2024-04-29 09:50:07 PDT

Radar WebKit Bug Importer

Comment 2 2024-05-01 07:52:15 PDT

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version Safari 17

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Luke Warlow

Reported

2024-04-24 07:51 PDT

Modified

2024-05-30 03:36 PDT History

CC List

1 user Show

URL

Keywords InRadar

Depends on

Blocks

267694

Dependencies

tree graph