corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1382869: data document should ignore meta csp. r=bz

Browse Source
This commit is contained in:
Christoph Kerschbaumer
2017-08-08 15:31:10 +02:00
parent e4ef871eb5
commit 5adc247392
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dom/html/HTMLMetaElement.cpp
View File

@@ -103,7 +103,7 @@ HTMLMetaElement::BindToTree(nsIDocument* aDocument, nsIContent* aParent,
nsContentUtils::ProcessViewportInfo(aDocument, content);
}
if (CSPService::sCSPEnabled && aDocument &&
if (CSPService::sCSPEnabled && aDocument && !aDocument->IsLoadedAsData() &&
AttrValueIs(kNameSpaceID_None, nsGkAtoms::httpEquiv, nsGkAtoms::headerCSP, eIgnoreCase)) {
// only accept <meta http-equiv="Content-Security-Policy" content=""> if it appears