git://git.webkit.org / WebKit-https.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
2011-04-07 Adam Barth <abarth@webkit.org>
[WebKit-https.git] / Source / WebCore / ChangeLog
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
index 28d197b..660c226 100644 (file)
--- a/Source/WebCore/ChangeLog
+++ b/Source/WebCore/ChangeLog
@@ -1,3 +1,29 @@
+2011-04-07  Adam Barth  <abarth@webkit.org>
+
+        Reviewed by Eric Seidel.
+
+        Implement img-src style-src and font-src
+        https://bugs.webkit.org/show_bug.cgi?id=58018
+
+        These are pretty straight forward given the rest of the infrastructure
+        we've built so far.
+
+        Tests: http/tests/security/contentSecurityPolicy/image-allowed.html
+               http/tests/security/contentSecurityPolicy/image-blocked.html
+               http/tests/security/contentSecurityPolicy/style-allowed.html
+               http/tests/security/contentSecurityPolicy/style-blocked.html
+               http/tests/security/contentSecurityPolicy/xsl-allowed.php
+               http/tests/security/contentSecurityPolicy/xsl-blocked.php
+
+        * loader/cache/CachedResourceLoader.cpp:
+        (WebCore::CachedResourceLoader::canRequest):
+        * page/ContentSecurityPolicy.cpp:
+        (WebCore::ContentSecurityPolicy::allowImageFromSource):
+        (WebCore::ContentSecurityPolicy::allowStyleFromSource):
+        (WebCore::ContentSecurityPolicy::allowFontFromSource):
+        (WebCore::ContentSecurityPolicy::addDirective):
+        * page/ContentSecurityPolicy.h:
+
 2011-04-07  David Levin  <levin@chromium.org>
 
         Reviewed by Darin Adler.
Mirror of the WebKit open source project from svn.webkit.org.