diff options
author | Allan Sandfeld Jensen <allan.jensen@theqtcompany.com> | 2016-05-26 11:47:42 +0200 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2016-05-26 13:53:44 +0000 |
commit | e5cd5a93ad3c127610e3f3279189174386c2e9ec (patch) | |
tree | dbc5ef01d75461e60d367d1143befdab612c5dfe /chromium/third_party/libxslt/libxslt/extensions.c | |
parent | 7d6738d45cc229ccd0c82e83a168beff19972e3d (diff) |
[Backport] Check CSP before registering ServiceWorkers
Service Worker registrations should be subject to the same CSP checks as
other workers. The spec doesn't say this explicitly
(https://www.w3.org/TR/CSP2/#directive-child-src-workers says "Worker or
SharedWorker constructors"), but it seems to be in the spirit of things,
and it matches Firefox's behavior.
BUG=579801
Review URL: https://codereview.chromium.org/1861253004
(CVE-2016-1682)
Change-Id: I7a44ce1c39c91e743d1f2c74ae12b982abd7d7da
Reviewed-by: Michael BrĂ¼ning <michael.bruning@theqtcompany.com>
Diffstat (limited to 'chromium/third_party/libxslt/libxslt/extensions.c')
0 files changed, 0 insertions, 0 deletions