Show file tree
Hide file tree
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Safari v14.1 CSP Violation - Usage of "element.removeAttribute("style…
…")" causes style-src CSP Violation. https://bugs.webkit.org/show_bug.cgi?id=227349 <rdar://80020346> Reviewed by Brent Fulgham. If the new style string is null, clear the inline style without checking if the element's inline type should be blocked by CSP. This behavior matches Chrome and Firefox. * Source/WebCore/dom/StyledElement.cpp: (WebCore::StyledElement::styleAttributeChanged): * LayoutTests/http/tests/security/contentSecurityPolicy/allow-inline-remove-attribute-expected.txt: Added. * LayoutTests/http/tests/security/contentSecurityPolicy/allow-inline-remove-attribute.html: Added. Canonical link: https://commits.webkit.org/254409@main
- Loading branch information
Showing 3 changed files with 55 additions and 1 deletion.