Title: [295314] branches/safari-613-branch
- Revision
- 295314
- Author
- [email protected]
- Date
- 2022-06-06 19:30:00 -0700 (Mon, 06 Jun 2022)
Log Message
Cherry-pick 0fe83157c4d9. rdar://problem/94467906
CSP: Fix mixing strict-dynamic and unsafe-inline policies
https://bugs.webkit.org/show_bug.cgi?id=239862
Reviewed by Kate Cheney.
Source/WebCore:
Test: http/tests/security/contentSecurityPolicy/script-src-strict-dynamic-and-unsafe-inline-policies.html
* page/csp/ContentSecurityPolicyDirectiveList.cpp:
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForNonParserInsertedScripts const):
LayoutTests:
If you had multiple policies, one including strict-dynamic and another with unsafe-inline, the unsafe-inline
policy was incorrectly handled.
* http/tests/security/contentSecurityPolicy/script-src-strict-dynamic-and-unsafe-inline-policies-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/script-src-strict-dynamic-and-unsafe-inline-policies.html: Added.
Canonical link: https://commits.webkit.org/250109@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@293603 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Added Paths
Diff
Modified: branches/safari-613-branch/LayoutTests/ChangeLog (295313 => 295314)
--- branches/safari-613-branch/LayoutTests/ChangeLog 2022-06-07 01:32:27 UTC (rev 295313)
+++ branches/safari-613-branch/LayoutTests/ChangeLog 2022-06-07 02:30:00 UTC (rev 295314)
@@ -1,3 +1,16 @@
+2022-04-28 Patrick Griffis <[email protected]>
+
+ CSP: Fix mixing strict-dynamic and unsafe-inline policies
+ https://bugs.webkit.org/show_bug.cgi?id=239862
+
+ Reviewed by Kate Cheney.
+
+ If you had multiple policies, one including strict-dynamic and another with unsafe-inline, the unsafe-inline
+ policy was incorrectly handled.
+
+ * http/tests/security/contentSecurityPolicy/script-src-strict-dynamic-and-unsafe-inline-policies-expected.txt: Added.
+ * http/tests/security/contentSecurityPolicy/script-src-strict-dynamic-and-unsafe-inline-policies.html: Added.
+
2022-05-03 Antti Koivisto <[email protected]>
[CSS Cascade Layers] Endless recursion with revert-layer in other tree context
Added: branches/safari-613-branch/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-strict-dynamic-and-unsafe-inline-policies-expected.txt (0 => 295314)
--- branches/safari-613-branch/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-strict-dynamic-and-unsafe-inline-policies-expected.txt (rev 0)
+++ branches/safari-613-branch/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-strict-dynamic-and-unsafe-inline-policies-expected.txt 2022-06-07 02:30:00 UTC (rev 295314)
@@ -0,0 +1,2 @@
+CONSOLE MESSAGE: allowed
+
Added: branches/safari-613-branch/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-strict-dynamic-and-unsafe-inline-policies.html (0 => 295314)
--- branches/safari-613-branch/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-strict-dynamic-and-unsafe-inline-policies.html (rev 0)
+++ branches/safari-613-branch/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-strict-dynamic-and-unsafe-inline-policies.html 2022-06-07 02:30:00 UTC (rev 295314)
@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html lang="en">
+ <head>
+ <!-- This tests that we properly handle multiple policies when one includes strict-dynamic and another unsafe-inline. -->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'nonce-dummy' 'strict-dynamic'">
+ <meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'">
+ <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+ <script nonce="dummy">
+ if (window.testRunner) {
+ testRunner.dumpAsText();
+ }
+ </script>
+ </head>
+ <body>
+ <script type="text/_javascript_" nonce="dummy">console.log('allowed');</script>
+ </body>
+</html>
\ No newline at end of file
Modified: branches/safari-613-branch/Source/WebCore/ChangeLog (295313 => 295314)
--- branches/safari-613-branch/Source/WebCore/ChangeLog 2022-06-07 01:32:27 UTC (rev 295313)
+++ branches/safari-613-branch/Source/WebCore/ChangeLog 2022-06-07 02:30:00 UTC (rev 295314)
@@ -1,3 +1,15 @@
+2022-04-28 Patrick Griffis <[email protected]>
+
+ CSP: Fix mixing strict-dynamic and unsafe-inline policies
+ https://bugs.webkit.org/show_bug.cgi?id=239862
+
+ Reviewed by Kate Cheney.
+
+ Test: http/tests/security/contentSecurityPolicy/script-src-strict-dynamic-and-unsafe-inline-policies.html
+
+ * page/csp/ContentSecurityPolicyDirectiveList.cpp:
+ (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForNonParserInsertedScripts const):
+
2022-05-03 Antti Koivisto <[email protected]>
[CSS Cascade Layers] Endless recursion with revert-layer in other tree context
Modified: branches/safari-613-branch/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp (295313 => 295314)
--- branches/safari-613-branch/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp 2022-06-07 01:32:27 UTC (rev 295313)
+++ branches/safari-613-branch/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp 2022-06-07 02:30:00 UTC (rev 295314)
@@ -240,7 +240,8 @@
if (checkHashes(operativeDirective, hashes)
|| checkNonParserInsertedScripts(operativeDirective, parserInserted)
|| checkNonce(operativeDirective, nonce)
- || checkSource(operativeDirective, url))
+ || checkSource(operativeDirective, url)
+ || (url.isEmpty() && checkInline(operativeDirective)))
return nullptr;
return operativeDirective;
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
