| commit | 087183913f74ebd1e18964fabd269dfebb4763f3 | |
| author | rob <rob@robwu.nl> | |
| Wed, 19 Nov 2014 23:33:58 +0000 (19 15:33 -0800) | ||
| committer | Commit bot <commit-bot@chromium.org> | |
| Wed, 19 Nov 2014 23:34:11 +0000 (19 23:34 +0000) | ||
| tree | 3a3fcb970de8892c6ded44f81b6f5ec63118ab21 | treesnapshot (tar.gz zip) |
| parent | 798ccc5bd26900673f92fc80a0e3a76be81646c7 | commitdiff |
Accept invalid chrome-extension:// and chrome:// CSP tokens
Do not refuse to load the extension when the CSP contains
"chrome-extension://", because there are some extensions in the wild
that contains this token in the CSP. It is safe to accept this token
because the invalid CSP token is ignored by Blink (together with an
error message in the console, so the developer can fix the problem if
they bother to look at the console).
BUG=432227
R=kalman@chromium.org
Review URL: https://codereview.chromium.org/722233004
Cr-Commit-Position: refs/heads/master@{#304922}
Do not refuse to load the extension when the CSP contains
"chrome-extension://", because there are some extensions in the wild
that contains this token in the CSP. It is safe to accept this token
because the invalid CSP token is ignored by Blink (together with an
error message in the console, so the developer can fix the problem if
they bother to look at the console).
BUG=432227
R=kalman@chromium.org
Review URL: https://codereview.chromium.org/722233004
Cr-Commit-Position: refs/heads/master@{#304922}
| extensions/common/csp_validator.cc | diffblobblamehistory | |
| extensions/common/csp_validator_unittest.cc | diffblobblamehistory |