273394 – Investigate moving 'unsafe-eval' check into canCompileStrings

Bug 273394 - Investigate moving 'unsafe-eval' check into canCompileStrings

Summary: Investigate moving 'unsafe-eval' check into canCompileStrings

Status:	RESOLVED WONTFIX

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	Safari 17
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:	267694
Blocks:
	Show dependency tree / graph

Reported:	2024-04-29 03:29 PDT by Luke Warlow
Modified:	2024-05-30 03:36 PDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Luke Warlow 2024-04-29 03:29:40 PDT

Currently the Trusted Types canCompileStrings function is just doing TrustedTypes checks, it could make sense to move the CSP 'unsafe-eval' checking into that function too.

Comment 1 Radar WebKit Bug Importer 2024-05-06 03:30:16 PDT

<rdar://problem/127596772>

Comment 2 Luke Warlow 2024-05-30 03:36:48 PDT

From a perf point of view it probably doesn't so going to close