Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-06-06 16:45:39 +00:00
Code Issues Projects Releases Packages Wiki Activity

Check CSP for javascript: URLs (#36709)

Browse source 
Also update a WPT test to fail-fast if the iframe incorrectly
evaluates the `eval`. Before, it would run into a timeout if
the implementation is correct. Now we reject the promise
when an exception is thrown.

Requires servo/rust-content-security-policy#6

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This commit is contained in:
Tim van der Lippe 2025-05-02 22:13:31 +02:00 committed by GitHub
parent b8971e528f
commit dd63325f50
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
16 changed files with 70 additions and 57 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/wpt/meta/MANIFEST.json vendored
View file

@ -571755,7 +571755,7 @@
]
],
"eval-blocked-in-about-blank-iframe.html": [
"054e75b52749b37530a02bc5ee0119ca5e76a474",
"b2286f56a234a515cddec0e02439f9768e3a2905",
[
null,
{}