| commit | 80d64490e06dba8bc941051e60ea0423c224658b | |
| author | Antonio Sartori <antoniosartori@chromium.org> | |
| Tue, 13 Apr 2021 10:22:10 +0000 (13 10:22 +0000) | ||
| committer | moz-wptsync-bot <wptsync@mozilla.com> | |
| Thu, 15 Apr 2021 09:17:27 +0000 (15 09:17 +0000) | ||
| tree | 55b1eb671c1067df37fdd227d2cc7a3f63907cce | treesnapshot (tar.gz zip) |
| parent | 5c58b05b96217f9e142a46078936098c981fc63c | commitdiff |
Bug 1700080 [wpt PR 28169] - CSP: Improve WPTs inside workers, a=testonly
Automatic update from web-platform-tests
CSP: Improve WPTs inside workers
This change improves Web Platform Tests for Content Security Policy
inside shared workers, by:
1) Fixing a test with CSP: connect-src 'self' that could not fail
because of CORS requests being blocked independently of CSP.
2) Adding assertions that we raise securitypolicyviolation events for
CSP violations.
3) Adding a test for Content Security Policies in report-only mode.
While testing this, I noticed that debug versions of chrome would
crash when checking the disposition of a securitypolicyviolation event
from a Worker. This because of the thread-safety DCHECKs of
WTF::String. For addressing this, I needed to create new global static
strings "enforce" and "report".
Change-Id: I9c91b1a60eac82279dd74e8bb640dde2ada9cf6e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2775564
Reviewed-by: Mike West <mkwst@chromium.org>
Commit-Queue: Antonio Sartori <antoniosartori@chromium.org>
Cr-Commit-Position: refs/heads/master@{#870899}
--
wpt-commits: 947481c1173a4d86a0d4064d4d698f9cd69beb85
wpt-pr: 28169
Automatic update from web-platform-tests
CSP: Improve WPTs inside workers
This change improves Web Platform Tests for Content Security Policy
inside shared workers, by:
1) Fixing a test with CSP: connect-src 'self' that could not fail
because of CORS requests being blocked independently of CSP.
2) Adding assertions that we raise securitypolicyviolation events for
CSP violations.
3) Adding a test for Content Security Policies in report-only mode.
While testing this, I noticed that debug versions of chrome would
crash when checking the disposition of a securitypolicyviolation event
from a Worker. This because of the thread-safety DCHECKs of
WTF::String. For addressing this, I needed to create new global static
strings "enforce" and "report".
Change-Id: I9c91b1a60eac82279dd74e8bb640dde2ada9cf6e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2775564
Reviewed-by: Mike West <mkwst@chromium.org>
Commit-Queue: Antonio Sartori <antoniosartori@chromium.org>
Cr-Commit-Position: refs/heads/master@{#870899}
--
wpt-commits: 947481c1173a4d86a0d4064d4d698f9cd69beb85
wpt-pr: 28169