CSP post checks should be done for service worker responses
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 26 Jan 2018 17:36:47 +0000 (17:36 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 26 Jan 2018 17:36:47 +0000 (17:36 +0000)
commit60d374934f6fa5789c4e5d44cc31f6c32fc9aea9
treeb9532e247367229eb18ad40f109625c76f66d2f9
parent5c5d1d5bb8755b4ba1f71662158b9f1bbf15490c
CSP post checks should be done for service worker responses
https://bugs.webkit.org/show_bug.cgi?id=182160

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-26
Reviewed by Daniel Bates.

LayoutTests/imported/w3c:

* web-platform-tests/service-workers/service-worker/fetch-csp.https-expected.txt:

Source/WebCore:

Covered by updated test.

Add security checks when receiving a service worker response.

* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::didReceiveResponse):
* loader/cache/CachedResourceLoader.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@227680 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/imported/w3c/ChangeLog
LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-csp.https-expected.txt
Source/WebCore/ChangeLog
Source/WebCore/loader/SubresourceLoader.cpp
Source/WebCore/loader/cache/CachedResourceLoader.h