Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-09-30 00:29:14 +01:00
Code Issues Projects Releases Packages Wiki Activity

Disallow invalid trusted type policy names (#38886)

Browse source 
Actual fix is in the CSP crate.

Part of #36258

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This commit is contained in:
Tim van der Lippe 2025-08-28 19:49:33 +02:00 committed by GitHub
parent 908c392219
commit 6205c07114
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 18 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

8
components/script/dom/csp.rs
View file

@ -51,8 +51,8 @@ pub(crate) trait CspReporting {
fn is_trusted_type_policy_creation_allowed(
&self,
global: &GlobalScope,
policy_name: String,
created_policy_names: Vec<String>,
policy_name: &str,
created_policy_names: &[&str],
) -> bool;
fn does_sink_type_require_trusted_types(
&self,
@ -173,8 +173,8 @@ impl CspReporting for Option<CspList> {
fn is_trusted_type_policy_creation_allowed(
&self,
global: &GlobalScope,
policy_name: String,
created_policy_names: Vec<String>,
policy_name: &str,
created_policy_names: &[&str],
) -> bool {
let Some(csp_list) = self else {
return true;