Bug 57283 - CSP object-src should block plugin loads
: CSP object-src should block plugin loads
Status: RESOLVED FIXED
: WebKit
New Bugs
: 528+ (Nightly build)
: Other Mac OS X 10.5
: P2 Normal
Assigned To:
:
:
:
: 53572
  Show dependency treegraph
 
Reported: 2011-03-28 16:13 PST by
Modified: 2011-04-06 21:44 PST (History)


Attachments
Work in progress (4.73 KB, patch)
2011-03-28 16:14 PST, Adam Barth
no flags Review Patch | Details | Formatted Diff | Diff
Patch (8.38 KB, patch)
2011-04-05 00:46 PST, Adam Barth
no flags Review Patch | Details | Formatted Diff | Diff


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2011-03-28 16:13:02 PST
CSP object-src should block plugin loads
------- Comment #1 From 2011-03-28 16:14:06 PST -------
Created an attachment (id=87235) [details]
Work in progress
------- Comment #2 From 2011-03-28 16:14:32 PST -------
I need to figure out how to test this patch.
------- Comment #3 From 2011-04-05 00:46:44 PST -------
Created an attachment (id=88188) [details]
Patch
------- Comment #4 From 2011-04-06 10:13:23 PST -------
(From update of attachment 88188 [details])
View in context: https://bugs.webkit.org/attachment.cgi?id=88188&action=review

Seems reasonable.  THank you.

> Source/WebCore/loader/DocumentWriter.cpp:124
> +    // FIXME: Do we need to consult the content security policy here about blocked plug-ins?

How might we hit this case?
------- Comment #5 From 2011-04-06 10:24:18 PST -------
(In reply to comment #4)
> (From update of attachment 88188 [details] [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=88188&action=review
> 
> Seems reasonable.  THank you.
> 
> > Source/WebCore/loader/DocumentWriter.cpp:124
> > +    // FIXME: Do we need to consult the content security policy here about blocked plug-ins?
> 
> How might we hit this case?

I think:

<iframe src="... plugin ..." >

I need to study it more.
------- Comment #6 From 2011-04-06 11:14:08 PST -------
(From update of attachment 88188 [details])
Rejecting attachment 88188 [details] from commit-queue.

Failed to run "['./Tools/Scripts/webkit-patch', '--status-host=queues.webkit.org', '--bot-id=cr-jail-3', 'land-a..." exit_code: 2

Last 500 characters of output:
rocess/InjectedBundle/API/c/WKBundle.cpp
    M    Source/WebKit2/WebProcess/InjectedBundle/InjectedBundle.h
    M    Tools/WebKitTestRunner/InjectedBundle/Bindings/LayoutTestController.idl
    M    Tools/WebKitTestRunner/InjectedBundle/LayoutTestController.cpp
    M    Tools/WebKitTestRunner/InjectedBundle/LayoutTestController.h
    M    Tools/ChangeLog
r83071 = 1c223216c59c4d4ca60248eb86830155cbe81c37 (refs/remotes/trunk)
First, rewinding head to replay your work on top of it...
Fast-forwarded master to refs/remotes/trunk.

Full output: http://queues.webkit.org/results/8347285
------- Comment #7 From 2011-04-06 21:43:54 PST -------
(From update of attachment 88188 [details])
Clearing flags on attachment: 88188

Committed r83141: <http://trac.webkit.org/changeset/83141>
------- Comment #8 From 2011-04-06 21:44:00 PST -------
All reviewed patches have been landed.  Closing bug.