DescriptionRelax '*' in CSPSourceList to match the protected resource's protocol.
'*' should match 'file://whatever.jpg' when loaded from 'file://document.html'.
The patch in [1] tightened '*'s behavior, but missed this bit.
[1]: https://codereview.chromium.org/2209113002
BUG=648508
Review-Url: https://codereview.chromium.org/2368073003
Cr-Commit-Position: refs/heads/master@{#421129}
(cherry picked from commit d55f533b68355157431105281d485ef368e857a6)
Committed: https://chromium.googlesource.com/chromium/src/+/45b9a9238953dcffddcaa40ef5c7d9c5e2d48592
Patch Set 1 #
Messages
Total messages: 2 (1 generated)
|