Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(16)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2375423002: Relax '*' in CSPSourceList to match the protected resource's protocol. (Closed)

Created:
4 years, 2 months ago by Mike West
Modified:
4 years, 2 months ago
Reviewers:
CC:
chromium-reviews
Target Ref:
refs/pending/branch-heads/2840
Project:
chromium
Visibility:
Public.

Description

Relax '*' in CSPSourceList to match the protected resource's protocol. '*' should match 'file://whatever.jpg' when loaded from 'file://document.html'. The patch in [1] tightened '*'s behavior, but missed this bit. [1]: https://codereview.chromium.org/2209113002 BUG=648508 Review-Url: https://codereview.chromium.org/2368073003 Cr-Commit-Position: refs/heads/master@{#421129} (cherry picked from commit d55f533b68355157431105281d485ef368e857a6) Committed: https://chromium.googlesource.com/chromium/src/+/45b9a9238953dcffddcaa40ef5c7d9c5e2d48592

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+30 lines, -6 lines) Patch
M third_party/WebKit/Source/core/frame/csp/CSPSourceList.cpp View 1 chunk +4 lines, -6 lines 0 comments Download
M third_party/WebKit/Source/core/frame/csp/CSPSourceListTest.cpp View 1 chunk +26 lines, -0 lines 0 comments Download

Messages

Total messages: 2 (1 generated)
Mike West
4 years, 2 months ago (2016-09-29 10:09:51 UTC) #2
Message was sent while issue was closed. 
Committed patchset #1 (id:1) manually as
45b9a9238953dcffddcaa40ef5c7d9c5e2d48592.

Powered by Google App Engine
This is Rietveld 408576698