264447 – Improve CSP validation for AppSSO

Bug 264447 - Improve CSP validation for AppSSO

Summary: Improve CSP validation for AppSSO

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit Misc. (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	pascoe@apple.com

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2023-11-08 15:24 PST by pascoe@apple.com
Modified:	2023-11-08 23:07 PST (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description pascoe@apple.com 2023-11-08 15:24:48 PST

In https://bugs.webkit.org/show_bug.cgi?id=260100 we added additional CSP validation for AppSSO meant for Subframe initiated sessions, but it's applied to all.

Comment 1 pascoe@apple.com 2023-11-08 15:25:04 PST

rdar://118121639

Comment 2 pascoe@apple.com 2023-11-08 17:18:52 PST

Pull request: https://github.com/WebKit/WebKit/pull/20194

Comment 3 EWS 2023-11-08 23:07:37 PST

Committed 270422@main (9e08e9d30f55): <https://commits.webkit.org/270422@main>

Reviewed commits have been landed. Closing PR #20194 and removing active labels.