CSP: Fix parsing of 'host/path' source expressions
authordbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 16 Feb 2016 21:18:19 +0000 (21:18 +0000)
committerdbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 16 Feb 2016 21:18:19 +0000 (21:18 +0000)
commitebeb412157209c2e2ab46569f31b8f325ecc9776
tree1f65a613852c5dde53cab36df94b10ec0a86118b
parent0640a4568b6c50d818430bd0f38bb437f969afbc
CSP: Fix parsing of 'host/path' source expressions
https://bugs.webkit.org/show_bug.cgi?id=153170
<rdar://problem/24383407>

Reviewed by Brent Fulgham.

Source/WebCore:

Merged from Blink (patch by Mike West):
<https://src.chromium.org/viewvc/blink?revision=154875&view=revision>

Fixes an issue where a source of the form example.com/A/ was incorrectly considered
invalid and hence such a requested resource would be blocked. A source of this form
is valid by the definition of host-source in section Source List Syntax of the Content
Security Policy 2.0 spec., <http://www.w3.org/TR/2015/CR-CSP2-20150721/>.

* page/csp/ContentSecurityPolicySourceList.cpp:
(WebCore::ContentSecurityPolicySourceList::parseSource):

LayoutTests:

Remove entry for test http/tests/security/contentSecurityPolicy/source-list-parsing-paths-03.html
as it now passes.

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@196655 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/page/csp/ContentSecurityPolicySourceList.cpp