RESOLVED FIXED248066
Block loading remote content in console message style formatter.
https://bugs.webkit.org/show_bug.cgi?id=248066
Summary Block loading remote content in console message style formatter.
Ryan Reno
Reported 2022-11-17 16:13:00 PST
The console spec doesn't specify the behavior of the %c formatter. There isn't a great use case for loading remote content in any of our allowed CSS properties so we should block the use of url and src CSS functions.
Attachments
Ryan Reno
Comment 1 2022-11-17 16:13:15 PST
Ryan Reno
Comment 2 2022-11-17 16:15:42 PST
EWS
Comment 3 2022-11-18 10:10:47 PST
Committed 256840@main (e0bf4081c1a0): <https://commits.webkit.org/256840@main> Reviewed commits have been landed. Closing PR #6613 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.