Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-09-30 08:39:16 +01:00
Code Issues Projects Releases Packages Wiki Activity

Implement Trusted Type eval checks (#37834)

Browse source 
It implements the new codeForEvalGets callback to retrieve the
value for a trusted script object. Additionally, it implements
the new logic in can-compile-strings to call the policy
factory if required.

Note that parameter and argument checks aren't implemented yet,
as they require updates to binding generation (see TODO in
script_runtime).

Part of #36258

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This commit is contained in:
Tim van der Lippe 2025-08-11 14:26:56 +02:00 committed by GitHub
parent 4c05758ded
commit 82ca2b92cd
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
26 changed files with 159 additions and 345 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tests/wpt/meta/content-security-policy/reporting/report-clips-sample.https.html.ini vendored
View file

@ -1,10 +1,4 @@
[report-clips-sample.https.html]
[Unsafe eval violation sample is clipped to 40 characters.]
expected: FAIL
[Unsafe indirect eval violation sample is clipped to 40 characters.]
expected: FAIL
[Function constructor - the other kind of eval - is clipped.]
expected: FAIL