qt/qtwebengine-chromium.git - Vendor branch of Chromium. This is a submodule of qtwebengine

diff options

author	Allan Sandfeld Jensen <allan.jensen@theqtcompany.com>	2016-05-26 11:47:42 +0200
committer	Allan Sandfeld Jensen <allan.jensen@qt.io>	2016-05-26 13:53:44 +0000
commit	e5cd5a93ad3c127610e3f3279189174386c2e9ec (patch)
tree	dbc5ef01d75461e60d367d1143befdab612c5dfe /chromium/third_party/libxslt/libxslt/extensions.c
parent	7d6738d45cc229ccd0c82e83a168beff19972e3d (diff)

[Backport] Check CSP before registering ServiceWorkers

Service Worker registrations should be subject to the same CSP checks as other workers. The spec doesn't say this explicitly (https://www.w3.org/TR/CSP2/#directive-child-src-workers says "Worker or SharedWorker constructors"), but it seems to be in the spirit of things, and it matches Firefox's behavior. BUG=579801 Review URL: https://codereview.chromium.org/1861253004 (CVE-2016-1682) Change-Id: I7a44ce1c39c91e743d1f2c74ae12b982abd7d7da Reviewed-by: Michael Brüning <michael.bruning@theqtcompany.com>

Diffstat (limited to 'chromium/third_party/libxslt/libxslt/extensions.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: