Adapt to the policy container #482
Conversation
antosart
force-pushed
the
switch-to-policy-container
branch
from
2b82ecc
to
bdc9912
Compare
antosart
force-pushed
the
switch-to-policy-container
branch
from
bdc9912
to
4391ce1
Compare
| @@ -994,25 +1017,9 @@ spec: INFRA; urlPrefix: https://infra.spec.whatwg.org/ | |||
| populates its <a for="response">CSP list</a> accordingly: | |||
|
|
|||
| <ol class="algorithm"> | |||
| 1. Set |response|'s [=response/CSP list=] to the empty list. | |||
There was a problem hiding this comment.
I think we decided in the HTML PR that Fetch can drop a response's CSP list as part of this set of changes. Are you going to put up another CL removing that dependency?
There was a problem hiding this comment.
Right. That needs some more work, since response's CSP list is used by the CSP spec for the navigational response checks (frame-ancestors). For now, I just made the html spec not rely on them. I would refactor the CSP spec not to rely on them and then remove the reference from Fetch in later steps, if you agree.
There was a problem hiding this comment.
Actually, I was just looking into this, and there is still one dependency for getting rid of response's CSP list, which is this sandbox check for workers https://w3c.github.io/webappsec-csp/#sandbox-response
I'll have to think how to get rid of it.
There was a problem hiding this comment.
In the mean time, I did fix the navigational response check (i.e. frame-ancestors) to use the policy container. Since it is a small thing, I put it together inside this change.
antosart
force-pushed
the
switch-to-policy-container
branch
from
4391ce1
to
cc15bff
Compare
antosart
force-pushed
the
switch-to-policy-container
branch
from
cc15bff
to
131406c
Compare
antosart
force-pushed
the
switch-to-policy-container
branch
from
131406c
to
6f8d6f0
Compare
antosart
force-pushed
the
switch-to-policy-container
branch
from
fb2cfdc
to
f2962f6
Compare
This change adds the policy container concept. See also https://github.com/antosart/policy-container-explained. A policy container serves as collection of policies to be applied to a document, WorkerGlobalScope, or WorkletGlobalScope. Its purpose is to simplify how policies are initialized and inherited. Policies are populated by parsing headers and/or meta elements. A policy container can be cloned, hence supporting inheritance of policies. Initially a policy container only contains a CSP list. This is not meant to be a behavioral change, but rather a refactoring. Small behavioral changes introduced by this change (for example storing and reloading policies from history) address what are usually considered to be bugs in the standard/implementation (which often turn out to be security vulnerabilities). CSP PR: w3c/webappsec-csp#482. Service Worker PR: w3c/ServiceWorker#1588. Helps with #4926.
antosart
force-pushed
the
switch-to-policy-container
branch
from
f2962f6
to
0d7956f
Compare
|
I fixed the references now that the PR on html has been merged. |
antosart
force-pushed
the
switch-to-policy-container
branch
from
0d7956f
to
956f5b1
Compare
Together with a companion change to CSP (w3c/webappsec-csp#482), this enables checking policies consistently during the navigation, fixing whatwg/fetch#832 for navigation requests.
This is a companion PR of a PR onto the html spec adding a policy container and storing CSP lists inside the policy container. The PR onto the html allows to remove the policy inheritance parts from the CSP spec, since inheritance is defined for the policy container directly.