servo

mirror of https://github.com/servo/servo.git synced 2025-07-23 15:23:42 +01:00

History

Tim van der Lippe 539ca27284 Propagate parent policy container to local iframes (#36710 ) This follows the rules as defined in https://w3c.github.io/webappsec-csp/#security-inherit-csp where local iframes (about:blank and about:srcdoc) should initially start with the CSP rules of the parent. After that, all new CSP headers should only be set on the policy container of the iframe. Part of #36437 Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com> Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>		2025-05-03 08:47:40 +00:00
..
async_html.rs	Use version of `markup5ever` with `web_atoms` crate (#36542 )	2025-04-19 11:49:37 +00:00
html.rs	script_thread: HTML parser doesn't set relevant option (#36622 )	2025-04-27 20:23:22 +00:00
mod.rs	Propagate parent policy container to local iframes (#36710 )	2025-05-03 08:47:40 +00:00
prefetch.rs	Update FetchTaskTarget to propagate CSP violations. (#36409 )	2025-04-13 20:54:59 +00:00
xml.rs	Unify the way html5ever and xml5ever block on script elements (#36284 )	2025-04-08 16:40:14 +00:00