Branch: refs/heads/main Home: https://github.com/WebKit/WebKit Commit: 142d2a80207e10069b36196a19a83cda6b96223d https://github.com/WebKit/WebKit/commit/142d2a80207e10069b36196a19a83cda6b96223d Author: Luke Warlow <lwar...@igalia.com> Date: 2024-02-07 (Wed, 07 Feb 2024)
Changed paths: M LayoutTests/TestExpectations M LayoutTests/imported/w3c/web-platform-tests/trusted-types/TrustedTypePolicy-CSP-no-name-expected.txt M LayoutTests/imported/w3c/web-platform-tests/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-expected.txt M LayoutTests/imported/w3c/web-platform-tests/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-noNamesGiven-expected.txt M LayoutTests/imported/w3c/web-platform-tests/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-none-expected.txt M LayoutTests/imported/w3c/web-platform-tests/trusted-types/TrustedTypePolicyFactory-createPolicy-nameTests-expected.txt M LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-duplicate-names-expected.txt M LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-duplicate-names-list-expected.txt M LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-duplicate-names-list-report-only-expected.txt M LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-reporting-check-report-expected.txt M LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-reporting-expected.txt M Source/WebCore/dom/TrustedTypePolicyFactory.cpp M Source/WebCore/page/csp/ContentSecurityPolicy.cpp M Source/WebCore/page/csp/ContentSecurityPolicy.h M Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp M Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h M Source/WebCore/page/csp/ContentSecurityPolicyTrustedTypesDirective.cpp M Source/WebCore/page/csp/ContentSecurityPolicyTrustedTypesDirective.h Log Message: ----------- Implement enforcement of `trusted-types` CSP directive https://bugs.webkit.org/show_bug.cgi?id=267632 Reviewed by Youenn Fablet. This updates the trusted types policy creation code to validate that it's allowed by CSP. * LayoutTests/TestExpectations: * LayoutTests/imported/w3c/web-platform-tests/trusted-types/TrustedTypePolicy-CSP-no-name-expected.txt: * LayoutTests/imported/w3c/web-platform-tests/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-expected.txt: * LayoutTests/imported/w3c/web-platform-tests/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-noNamesGiven-expected.txt: * LayoutTests/imported/w3c/web-platform-tests/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-none-expected.txt: * LayoutTests/imported/w3c/web-platform-tests/trusted-types/TrustedTypePolicyFactory-createPolicy-nameTests-expected.txt: * LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-duplicate-names-expected.txt: * LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-duplicate-names-list-expected.txt: * LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-duplicate-names-list-report-only-expected.txt: * LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-reporting-check-report-expected.txt: * LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-reporting-expected.txt: * Source/WebCore/dom/TrustedTypePolicyFactory.cpp: (WebCore::TrustedTypePolicyFactory::createPolicy): * Source/WebCore/page/csp/ContentSecurityPolicy.cpp: (WebCore::ContentSecurityPolicy::allowTrustedTypesPolicy const): (WebCore::ContentSecurityPolicy::reportViolation const): * Source/WebCore/page/csp/ContentSecurityPolicy.h: * Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp: (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForTrustedTypesPolicy const): (WebCore::ContentSecurityPolicyDirectiveList::shouldReportSample const): * Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h: * Source/WebCore/page/csp/ContentSecurityPolicyTrustedTypesDirective.cpp: (WebCore::ContentSecurityPolicyTrustedTypesDirective::allows const): * Source/WebCore/page/csp/ContentSecurityPolicyTrustedTypesDirective.h: Canonical link: https://commits.webkit.org/274263@main _______________________________________________ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes