239862 – CSP: Fix mixing strict-dynamic and unsafe-inline policies

Bug 239862 - CSP: Fix mixing strict-dynamic and unsafe-inline policies

Summary: CSP: Fix mixing strict-dynamic and unsafe-inline policies

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Patrick Griffis

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2022-04-28 11:54 PDT by Patrick Griffis
Modified:	2022-04-28 19:01 PDT (History)
CC List:	5 users (show)

See Also:

Attachments
Patch (4.37 KB, patch) 2022-04-28 11:59 PDT, Patrick Griffis	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Patrick Griffis 2022-04-28 11:54:18 PDT

If you have multiple policies, one including strict-dynamic and another with unsafe-inline, the unsafe-inline policy was incorrectly handled.

Comment 1 Patrick Griffis 2022-04-28 11:59:45 PDT

Created attachment 458540 [details]
Patch

Comment 2 EWS 2022-04-28 19:00:12 PDT

Committed r293603 (250109@main): <https://commits.webkit.org/250109@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 458540 [details].

Comment 3 Radar WebKit Bug Importer 2022-04-28 19:01:13 PDT

<rdar://problem/92500528>