Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: b88fdb90af4d3363fb018f3e9140bfdc57ce5afb
      
https://github.com/WebKit/WebKit/commit/b88fdb90af4d3363fb018f3e9140bfdc57ce5afb
  Author: Charlie Wolfe <[email protected]>
  Date:   2026-07-06 (Mon, 06 Jul 2026)

  Changed paths:
    M 
LayoutTests/imported/w3c/web-platform-tests/content-security-policy/reporting-api/reporting-api-report-to-only-sends-reports-to-first-endpoint.https.sub-expected.txt
    M 
LayoutTests/imported/w3c/web-platform-tests/content-security-policy/reporting/report-multiple-violations-01-expected.txt
    M Source/WebCore/loader/cache/CachedResourceLoader.cpp
    M Source/WebCore/page/csp/ContentSecurityPolicy.h

  Log Message:
  -----------
  Suppress duplicate CSP reports for speculative preloads
https://bugs.webkit.org/show_bug.cgi?id=318371
rdar://181161362

Reviewed by Ryan Reno.

Speculative preloads and the subsequent parser-driven load both run CSP checks, 
causing blocked
resources to emit duplicate violation reports and events.

Disable all CSP reporting during speculative preloads, while preserving normal 
reporting for
`<link rel=preload>`. The parser-driven load still performs the authoritative 
CSP check and reports
each violation once.

* 
LayoutTests/imported/w3c/web-platform-tests/content-security-policy/reporting-api/reporting-api-report-to-only-sends-reports-to-first-endpoint.https.sub-expected.txt:
* 
LayoutTests/imported/w3c/web-platform-tests/content-security-policy/reporting/report-multiple-violations-01-expected.txt:
* Source/WebCore/loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::allowedByContentSecurityPolicy const):
* Source/WebCore/page/csp/ContentSecurityPolicy.h:

Canonical link: https://commits.webkit.org/316559@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications

Reply via email to