Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-09-30 00:29:14 +01:00
Code Issues Projects Releases Packages Wiki Activity
52937 commits 166 branches 5 tags 1.7 GiB
Commit graph

3 commits

Author SHA1 Message Date
Tim van der Lippe
b6b80d4f6f
Correct event_target for CSP violations (#36887) 
All logic is implemented in `report_csp_violations` to avoid
pulling in various element-logic into SecurityManager.

Update the `icon-blocked.sub.html` WPT test to ensure that
the document is the correct target (verified in Firefox and Chrome).

Fixes #36806

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
 2025-05-08 10:46:31 +00:00
Tim van der Lippe
dd63325f50
Check CSP for javascript: URLs (#36709) 
Also update a WPT test to fail-fast if the iframe incorrectly
evaluates the `eval`. Before, it would run into a timeout if
the implementation is correct. Now we reject the promise
when an exception is thrown.

Requires servo/rust-content-security-policy#6

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
 2025-05-02 20:13:31 +00:00
Josh Matthews
ce4ca9ee98
Run subset of CSP tests by default. (#36402) 
This will establish a baseline for the changes from #36363.

Testing: New tests in CI.
Fixes: Part of #4577

Signed-off-by: Josh Matthews <josh@joshmatthews.net>
 2025-04-08 14:46:25 +00:00