Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-08-04 05:00:08 +01:00
Code Issues Projects Releases Packages Wiki Activity

layout_image: Include missing request settings in layout-initiated image loads (#36621)

Browse source 
This PR updates the `fetch_image_for_layout` function to include missing
security-related request settings:

- `insecure_requests_policy`
- `has_trustworthy_ancestor_origin`
- `policy_container`

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix #36591

<!-- Either: -->
- [X] There are tests for these changes

Signed-off-by: Emmanuel Elom <elomemmanuel007@gmail.com>
This commit is contained in:
elomscansio 2025-04-24 13:12:39 +01:00 committed by GitHub
parent 878d595035
commit 189214810e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 45 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
components/script/layout_image.rs
View file

@ -119,7 +119,10 @@ pub(crate) fn fetch_image_for_layout(
) )
.origin(document.origin().immutable().clone()) .origin(document.origin().immutable().clone())
.destination(Destination::Image) .destination(Destination::Image)
.pipeline_id(Some(document.global().pipeline_id())); .pipeline_id(Some(document.global().pipeline_id()))
.insecure_requests_policy(document.insecure_requests_policy())
.has_trustworthy_ancestor_origin(document.has_trustworthy_ancestor_origin())
.policy_container(document.policy_container().to_owned());
// Layout image loads do not delay the document load event. // Layout image loads do not delay the document load event.
document.fetch_background(request, context); document.fetch_background(request, context);

7
tests/wpt/mozilla/meta/MANIFEST.json vendored
View file

@ -12755,6 +12755,13 @@
{} {}
] ]
], ],
"background_image_csp.sub.html": [
"c326f54de52c6a36cbaf4871c947c5b785cac83d",
[
null,
{}
]
],
"binding_keyword.html": [ "binding_keyword.html": [
"818d2aa29471026c1b4215dfcd1b9939a052b1ea", "818d2aa29471026c1b4215dfcd1b9939a052b1ea",
[ [

34
tests/wpt/mozilla/tests/mozilla/background_image_csp.sub.html vendored Normal file
View file

@ -0,0 +1,34 @@
<!doctype html>
<meta http-equiv="content-security-policy" content="img-src 'self'">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<style>
#target {
width: 100px;
height: 100px;
background-size: cover;
}
</style>
<div id="target"></div>
<img id="control">
<script>
// This test sets up a cross-origin background-image on a div and checks that it's blocked by CSP.
// It also uses a regular <img> to control when the test should end.
async_test(t => {
const pathparts = location.pathname.split('/');
const testfile = pathparts[pathparts.length - 1];
const url = location.href.replace(location.hostname, "{{hosts[alt][]}}").replace(testfile, "poster.png");
const target = document.getElementById("target");
target.style.backgroundImage = `url('${url}')`;
// control image load
const control = document.getElementById("control");
control.src = url;
control.onload = t.unreached_func("Control image should not load (CSP should block it)");
control.onerror = t.step_timeout(() => {
// No way to assert background-image load failure directly, just ensure no crash / test timeout
t.done();
}, 500);
});
</script>