corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1797070 - CSP: Add a basic implementation of unsafe-hashes behind a flag. r=freddyb

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D160046
This commit is contained in:
Tom Schuster
2022-11-07 17:56:23 +00:00
parent df52ac2d97
commit 2365bbceed
21 changed files with 83 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
dom/script/ScriptLoader.cpp
View File

@@ -801,8 +801,9 @@ static bool CSPAllowsInlineScript(nsIScriptElement* aElement,
bool allowInlineScript = false;
nsresult rv = csp->GetAllowsInline(
nsIContentSecurityPolicy::SCRIPT_SRC_ELEM_DIRECTIVE, nonce, parserCreated,
scriptContent, nullptr /* nsICSPEventListener */, u""_ns,
nsIContentSecurityPolicy::SCRIPT_SRC_ELEM_DIRECTIVE,
false /* aHasUnsafeHash */, nonce, parserCreated, scriptContent,
nullptr /* nsICSPEventListener */, u""_ns,
aElement->GetScriptLineNumber(), aElement->GetScriptColumnNumber(),
&allowInlineScript);
return NS_SUCCEEDED(rv) && allowInlineScript;