RESOLVED FIXED 59293
style-src should block @style 
https://bugs.webkit.org/show_bug.cgi?id=59293
Summary style-src should block @style
Adam Barth
Reported 2011-04-23 22:24:54 PDT
style-src should block @style
Attachments
Patch (5.61 KB, patch)
2011-04-23 22:27 PDT, Adam Barth 		no flags
DetailsFormatted DiffDiff
Patch (7.43 KB, patch)
2011-04-29 18:41 PDT, Adam Barth 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Adam Barth
Comment 1 2011-04-23 22:27:11 PDT
Created attachment 90870 [details] Patch
WebKit Review Bot
Comment 2 2011-04-23 22:29:36 PDT
Attachment 90870 [details] did not pass chromium-ews: Output: http://queues.webkit.org/results/8497902
Early Warning System Bot
Comment 3 2011-04-23 22:35:19 PDT
Attachment 90870 [details] did not build on qt: Build output: http://queues.webkit.org/results/8498897
WebKit Review Bot
Comment 4 2011-04-23 22:43:19 PDT
Attachment 90870 [details] did not build on chromium: Build output: http://queues.webkit.org/results/8494985
WebKit Review Bot
Comment 5 2011-04-23 22:45:16 PDT
Attachment 90870 [details] did not build on mac: Build output: http://queues.webkit.org/results/8495954
Build Bot
Comment 6 2011-04-23 23:03:27 PDT
Attachment 90870 [details] did not build on win: Build output: http://queues.webkit.org/results/8495964
Collabora GTK+ EWS bot
Comment 7 2011-04-23 23:09:38 PDT
Attachment 90870 [details] did not build on gtk: Build output: http://queues.webkit.org/results/8497916
Eric Seidel (no email)
Comment 8 2011-04-24 06:26:32 PDT
Comment on attachment 90870 [details] Patch No r+ for you, build-breaker! :p
Eric Seidel (no email)
Comment 9 2011-04-24 06:27:34 PDT
Comment on attachment 90870 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=90870&action=review > Source/WebCore/dom/StyledElement.cpp:244 > + else if (document()->contentSecurityPolicy()->allowInlineStyle()) Should it early return instead? Should it be going down the destoryInlineStleDecl case instead? Why should it be re-calcing after?
Adam Barth
Comment 10 2011-04-24 11:13:21 PDT
> No r+ for you, build-breaker! :p It's just dependent on earlier patches. I should have mentioned that. > (From update of attachment 90870 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=90870&action=review > > > Source/WebCore/dom/StyledElement.cpp:244 > > + else if (document()->contentSecurityPolicy()->allowInlineStyle()) > > Should it early return instead? Should it be going down the destoryInlineStleDecl case instead? Why should it be re-calcing after? This seemed like a less disruptive way of blocking the attribute. We could destroy the attribute if you like, but that could have some odd behavior if there was some way of dynamically changing the CSP policy (which there isn't really today).
Adam Barth
Comment 11 2011-04-29 18:41:11 PDT
Created attachment 91789 [details] Patch
Eric Seidel (no email)
Comment 12 2011-04-29 18:47:00 PDT
Comment on attachment 91789 [details] Patch OK.
Early Warning System Bot
Comment 13 2011-04-29 18:49:43 PDT
Attachment 91789 [details] did not build on qt: Build output: http://queues.webkit.org/results/8523353
WebKit Review Bot
Comment 14 2011-04-29 18:50:58 PDT
Attachment 91789 [details] did not build on chromium: Build output: http://queues.webkit.org/results/8521520
WebKit Commit Bot
Comment 15 2011-04-29 19:25:30 PDT
Comment on attachment 91789 [details] Patch Rejecting attachment 91789 [details] from commit-queue. Failed to run "['./Tools/Scripts/webkit-patch', '--status-host=queues.webkit.org', '--bot-id=cr-jail-3', 'build'..." exit_code: 2 Last 500 characters of output: VERSION_MINOR 0320 setenv YACC /Developer/usr/bin/yacc /bin/sh -c /mnt/git/webkit-commit-queue/WebKitBuild/WebCore.build/Debug/WebCore.build/Script-5DF50887116F3077005202AB.sh ** BUILD FAILED ** The following build commands failed: WebCore: CompileC /mnt/git/webkit-commit-queue/WebKitBuild/WebCore.build/Debug/WebCore.build/Objects-normal/x86_64/StyledElement.o /mnt/git/webkit-commit-queue/Source/WebCore/dom/StyledElement.cpp normal x86_64 c++ com.apple.compilers.gcc.4_2 (1 failure) Full output: http://queues.webkit.org/results/8460022
WebKit Commit Bot
Comment 16 2011-04-29 19:56:34 PDT
Comment on attachment 91789 [details] Patch Clearing flags on attachment: 91789 Committed r85384: <http://trac.webkit.org/changeset/85384>
WebKit Commit Bot
Comment 17 2011-04-29 19:56:41 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.