mirror of
https://github.com/servo/servo.git
synced 2025-08-06 06:00:15 +01:00
Check all ancestor navigable trustworthiness for mixed content (#36157)
Propagate through documents a flag that represents if any of the ancestor navigables has a potentially trustworthy origin. The "potentially trustworthy origin" concept appears to have gotten confused in a couple of places and we were instead testing if a URL had "potentially trustworthy" properties. The main test for the ancestor navigables is [mixed-content/nested-iframes](https://github.com/web-platform-tests/wpt/blob/master/mixed-content/nested-iframes.window.js) --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: --> - [X] `./mach build -d` does not report any errors - [X] `./mach test-tidy` does not report any errors - [X] These changes fix #36108 <!-- Either: --> - [X] There are tests for these changes --------- Signed-off-by: Sebastian C <sebsebmc@gmail.com>
This commit is contained in:
parent
478e876f6d
commit
76edcff202
84 changed files with 384 additions and 525 deletions
|
@ -261,6 +261,7 @@ impl WebSocketMethods<crate::DomTypeHolder> for WebSocket {
|
|||
let request = RequestBuilder::new(global.webview_id(), url_record, Referrer::NoReferrer)
|
||||
.origin(global.origin().immutable().clone())
|
||||
.insecure_requests_policy(global.insecure_requests_policy())
|
||||
.has_trustworthy_ancestor_origin(global.has_trustworthy_ancestor_or_current_origin())
|
||||
.mode(RequestMode::WebSocket { protocols })
|
||||
.service_workers_mode(ServiceWorkersMode::None)
|
||||
.credentials_mode(CredentialsMode::Include)
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue