diff --git a/components/script/dom/htmliframeelement.rs b/components/script/dom/htmliframeelement.rs
index da7a53bbf0b..0fbff86e44a 100644
--- a/components/script/dom/htmliframeelement.rs
+++ b/components/script/dom/htmliframeelement.rs
@@ -279,6 +279,7 @@ impl HTMLIFrameElement {
Some(document.insecure_requests_policy()),
document.has_trustworthy_ancestor_or_current_origin(),
);
+ load_data.policy_container = Some(window.as_global_scope().policy_container());
let element = self.upcast::();
load_data.srcdoc = String::from(element.get_string_attribute(&local_name!("srcdoc")));
self.navigate_or_reload_child_browsing_context(
@@ -361,7 +362,7 @@ impl HTMLIFrameElement {
None
};
- let load_data = LoadData::new(
+ let mut load_data = LoadData::new(
LoadOrigin::Script(document.origin().immutable().clone()),
url,
creator_pipeline_id,
@@ -378,6 +379,10 @@ impl HTMLIFrameElement {
let is_about_blank =
pipeline_id.is_some() && pipeline_id == self.about_blank_pipeline_id.get();
+ if is_about_blank {
+ load_data.policy_container = Some(window.as_global_scope().policy_container());
+ }
+
let history_handling = if is_about_blank {
NavigationHistoryBehavior::Replace
} else {
@@ -407,7 +412,7 @@ impl HTMLIFrameElement {
let document = self.owner_document();
let window = self.owner_window();
let pipeline_id = Some(window.pipeline_id());
- let load_data = LoadData::new(
+ let mut load_data = LoadData::new(
LoadOrigin::Script(document.origin().immutable().clone()),
url,
pipeline_id,
@@ -417,6 +422,7 @@ impl HTMLIFrameElement {
Some(document.insecure_requests_policy()),
document.has_trustworthy_ancestor_or_current_origin(),
);
+ load_data.policy_container = Some(window.as_global_scope().policy_container());
let browsing_context_id = BrowsingContextId::new();
let webview_id = window.window_proxy().webview_id();
self.pipeline_id.set(None);
diff --git a/components/script/dom/servoparser/mod.rs b/components/script/dom/servoparser/mod.rs
index 0650fde676e..5878573d552 100644
--- a/components/script/dom/servoparser/mod.rs
+++ b/components/script/dom/servoparser/mod.rs
@@ -21,6 +21,7 @@ use html5ever::{Attribute, ExpandedName, LocalName, QualName, local_name, ns};
use hyper_serde::Serde;
use markup5ever::TokenizerResult;
use mime::{self, Mime};
+use net_traits::policy_container::PolicyContainer;
use net_traits::request::RequestId;
use net_traits::{
FetchMetadata, FetchResponseListener, Metadata, NetworkError, ResourceFetchTiming,
@@ -813,6 +814,27 @@ impl ParserContext {
pushed_entry_index: None,
}
}
+
+ pub(crate) fn append_parent_to_csp_list(&self, policy_container: Option<&PolicyContainer>) {
+ let Some(policy_container) = policy_container else {
+ return;
+ };
+ let Some(parent_csp_list) = &policy_container.csp_list else {
+ return;
+ };
+ let Some(parser) = self.parser.as_ref().map(|p| p.root()) else {
+ return;
+ };
+ let new_csp_list = match parser.document.get_csp_list() {
+ None => parent_csp_list.clone(),
+ Some(original_csp_list) => {
+ let mut appended_csp_list = original_csp_list.clone();
+ appended_csp_list.append(parent_csp_list.clone());
+ appended_csp_list.to_owned()
+ },
+ };
+ parser.document.set_csp_list(Some(new_csp_list));
+ }
}
impl FetchResponseListener for ParserContext {
diff --git a/components/script/script_thread.rs b/components/script/script_thread.rs
index bd4de9d893b..7241c115a2a 100644
--- a/components/script/script_thread.rs
+++ b/components/script/script_thread.rs
@@ -3674,10 +3674,12 @@ impl ScriptThread {
None => vec![],
};
+ let policy_container = incomplete.load_data.policy_container.clone();
self.incomplete_loads.borrow_mut().push(incomplete);
let dummy_request_id = RequestId::default();
context.process_response(dummy_request_id, Ok(FetchMetadata::Unfiltered(meta)));
+ context.append_parent_to_csp_list(policy_container.as_ref());
context.process_response_chunk(dummy_request_id, chunk);
context.process_response_eof(
dummy_request_id,
@@ -3697,12 +3699,14 @@ impl ScriptThread {
let srcdoc = std::mem::take(&mut incomplete.load_data.srcdoc);
let chunk = srcdoc.into_bytes();
+ let policy_container = incomplete.load_data.policy_container.clone();
self.incomplete_loads.borrow_mut().push(incomplete);
let mut context = ParserContext::new(id, url);
let dummy_request_id = RequestId::default();
context.process_response(dummy_request_id, Ok(FetchMetadata::Unfiltered(meta)));
+ context.append_parent_to_csp_list(policy_container.as_ref());
context.process_response_chunk(dummy_request_id, chunk);
context.process_response_eof(
dummy_request_id,
diff --git a/components/shared/constellation/from_script_message.rs b/components/shared/constellation/from_script_message.rs
index ddc9f788617..21665c24e57 100644
--- a/components/shared/constellation/from_script_message.rs
+++ b/components/shared/constellation/from_script_message.rs
@@ -22,6 +22,7 @@ use euclid::default::Size2D as UntypedSize2D;
use http::{HeaderMap, Method};
use ipc_channel::Error as IpcError;
use ipc_channel::ipc::{IpcReceiver, IpcSender};
+use net_traits::policy_container::PolicyContainer;
use net_traits::request::{InsecureRequestsPolicy, Referrer, RequestBody};
use net_traits::storage_thread::StorageType;
use net_traits::{CoreResourceMsg, ReferrerPolicy, ResourceThreads};
@@ -97,6 +98,8 @@ pub struct LoadData {
pub referrer: Referrer,
/// The referrer policy.
pub referrer_policy: ReferrerPolicy,
+ /// The policy container.
+ pub policy_container: Option,
/// The source to use instead of a network response for a srcdoc document.
pub srcdoc: String,
@@ -143,6 +146,7 @@ impl LoadData {
js_eval_result: None,
referrer,
referrer_policy,
+ policy_container: None,
srcdoc: "".to_string(),
inherited_secure_context,
crash: None,
diff --git a/tests/wpt/meta/content-security-policy/inheritance/document-write-iframe.html.ini b/tests/wpt/meta/content-security-policy/inheritance/document-write-iframe.html.ini
deleted file mode 100644
index d93be0d40ea..00000000000
--- a/tests/wpt/meta/content-security-policy/inheritance/document-write-iframe.html.ini
+++ /dev/null
@@ -1,3 +0,0 @@
-[document-write-iframe.html]
- [document.open() keeps inherited CSPs on empty iframe.]
- expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/iframe-all-local-schemes.sub.html.ini b/tests/wpt/meta/content-security-policy/inheritance/iframe-all-local-schemes.sub.html.ini
index 781468a1f16..af308a4588e 100644
--- a/tests/wpt/meta/content-security-policy/inheritance/iframe-all-local-schemes.sub.html.ini
+++ b/tests/wpt/meta/content-security-policy/inheritance/iframe-all-local-schemes.sub.html.ini
@@ -1,30 +1,6 @@
[iframe-all-local-schemes.sub.html]
- [