Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upImplement Content Security Policy (CSP). #4577
Open
Assignees
Labels
Comments
Ms2ger
changed the title
This was referenced Jan 8, 2017
|
https://github.com/notriddle/rust-content-security-policy I started working on it for Ammonia's purposes, but after looking around for an existing implementation, decided that if Servo needs it then here it is. |
notriddle
added a commit
to notriddle/servo
that referenced
this issue
Sep 28, 2019
This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo#4577
notriddle
added a commit
to notriddle/servo
that referenced
this issue
Sep 28, 2019
This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo#4577
notriddle
added a commit
to notriddle/servo
that referenced
this issue
Sep 28, 2019
This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo#4577
notriddle
added a commit
to notriddle/servo
that referenced
this issue
Oct 3, 2019
This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo#4577
bors-servo
added a commit
that referenced
this issue
Oct 3, 2019
[WIP] Add simple implementation of content-security-policy on scripts / styles This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of #4577 but we should probably track the rest of the implementation somewhere. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: --> - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [x] There are tests for these changes (before merging, this PR should fix at least some of the WPT tests for CSP) <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/24315) <!-- Reviewable:end -->
bors-servo
added a commit
that referenced
this issue
Oct 4, 2019
[WIP] Add simple implementation of content-security-policy on scripts / styles This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of #4577 but we should probably track the rest of the implementation somewhere. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: --> - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [x] There are tests for these changes (before merging, this PR should fix at least some of the WPT tests for CSP) <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/24315) <!-- Reviewable:end -->
notriddle
added a commit
to notriddle/servo
that referenced
this issue
Oct 4, 2019
This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo#4577
notriddle
added a commit
to notriddle/servo
that referenced
this issue
Oct 4, 2019
This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo#4577
notriddle
added a commit
to notriddle/servo
that referenced
this issue
Oct 4, 2019
This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo#4577
bors-servo
added a commit
that referenced
this issue
Oct 5, 2019
[WIP] Add simple implementation of content-security-policy on scripts / styles This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of #4577 but we should probably track the rest of the implementation somewhere. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: --> - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [x] There are tests for these changes (before merging, this PR should fix at least some of the WPT tests for CSP) <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/24315) <!-- Reviewable:end -->
bors-servo
added a commit
that referenced
this issue
Oct 5, 2019
[WIP] Add simple implementation of content-security-policy on scripts / styles This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of #4577 but we should probably track the rest of the implementation somewhere. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: --> - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [x] There are tests for these changes (before merging, this PR should fix at least some of the WPT tests for CSP) <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/24315) <!-- Reviewable:end -->
notriddle
added a commit
to notriddle/servo
that referenced
this issue
Oct 10, 2019
This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo#4577
notriddle
added a commit
to notriddle/servo
that referenced
this issue
Oct 10, 2019
This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo#4577
notriddle
added a commit
to notriddle/servo
that referenced
this issue
Oct 16, 2019
This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo#4577
bors-servo
added a commit
that referenced
this issue
Oct 17, 2019
Add simple implementation of content-security-policy on network requests This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of #4577 but we should probably track the rest of the implementation somewhere. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: --> - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [x] There are tests for these changes (before merging, this PR should fix at least some of the WPT tests for CSP) <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/24315) <!-- Reviewable:end -->
bors-servo
added a commit
that referenced
this issue
Oct 17, 2019
Add simple implementation of content-security-policy on network requests This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of #4577 but we should probably track the rest of the implementation somewhere. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: --> - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [x] There are tests for these changes (before merging, this PR should fix at least some of the WPT tests for CSP) <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/24315) <!-- Reviewable:end -->
bors-servo
added a commit
that referenced
this issue
Oct 17, 2019
Add simple implementation of content-security-policy on network requests This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of #4577 but we should probably track the rest of the implementation somewhere. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: --> - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [x] There are tests for these changes (before merging, this PR should fix at least some of the WPT tests for CSP) <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/24315) <!-- Reviewable:end -->
moz-v2v-gh
pushed a commit
to mozilla/gecko-dev
that referenced
this issue
Nov 4, 2019
…licy on scripts / styles. This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo/servo#4577 Servo commit: b8f3e8bb2e9 Differential Revision: https://phabricator.services.mozilla.com/D51588 --HG-- extra : moz-landing-system : lando
xeonchen
pushed a commit
to xeonchen/gecko
that referenced
this issue
Nov 4, 2019
…licy on scripts / styles. This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo/servo#4577 Servo commit: b8f3e8bb2e9 Differential Revision: https://phabricator.services.mozilla.com/D51588
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-comments-removed
that referenced
this issue
Nov 5, 2019
…licy on scripts / styles. This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo/servo#4577 Servo commit: b8f3e8bb2e9 Differential Revision: https://phabricator.services.mozilla.com/D51588 UltraBlame original commit: 584249c337abdd0e28b46a013adbda9cd8e2ceae
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-wordified-and-comments-removed
that referenced
this issue
Nov 5, 2019
…licy on scripts / styles. This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo/servo#4577 Servo commit: b8f3e8bb2e9 Differential Revision: https://phabricator.services.mozilla.com/D51588 UltraBlame original commit: 584249c337abdd0e28b46a013adbda9cd8e2ceae
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-wordified
that referenced
this issue
Nov 5, 2019
…licy on scripts / styles. This needs a lot more hooks before it'll actually be a good implementation, but for a start it can help get some feedback on if this is the right way to go about it. Part of servo/servo#4577 Servo commit: b8f3e8bb2e9 Differential Revision: https://phabricator.services.mozilla.com/D51588 UltraBlame original commit: 584249c337abdd0e28b46a013adbda9cd8e2ceae
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Depends on #4576.
Estimated 2 months work assuming the right hooks.