[wpt-sync] Sync PR 11140 - Fixed CSP directive value parsing accepted character range

RESOLVED FIXED in Firefox 62

Status

()

enhancement
P4
normal
RESOLVED FIXED
Last year
Last year

People

(Reporter: wptsync, Unassigned)

Tracking

unspecified
mozilla62
Points:
---

Firefox Tracking Flags

(firefox62 fixed)

Details

(Whiteboard: [wptsync downstream][domsecurity-backlog], )

Sync web-platform-tests PR 11140 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/w3c/web-platform-tests/pull/11140
Details from upstream follow.

Andy Paicu <andypaicu@chromium.org> wrote:
>  Fixed CSP directive value parsing accepted character range
>  
>  Bug: 845961
>  Change-Id: Ifc9609058cd7cbd268785db46534e3ed09da6ce3
>  Reviewed-on: https://chromium-review.googlesource.com/1071510
>  WPT-Export-Revision: 3ceccaa1797813deebfdd8be7bf03a41bc055321
Component: web-platform-tests → DOM: Security
Product: Testing → Core
Ran 1 tests and 90 subtests
OK     : 1
PASS   : 64
FAIL   : 26

New tests that have failures or other problems:
/content-security-policy/embedded-enforcement/required_csp-header.html
    Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - \n character after directive name: FAIL
    Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - \n character in directive value: FAIL
    Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - \r\n character after directive name: FAIL
    Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - \r\n character in directive value: FAIL
Whiteboard: [wptsync downstream] → [wptsync downstream][domsecurity-backlog]
Pushed by james@hoppipolla.co.uk:
https://hg.mozilla.org/integration/mozilla-inbound/rev/8a717234b858
[wpt PR 11140] - Fixed CSP directive value parsing accepted character range, a=testonly
https://hg.mozilla.org/integration/mozilla-inbound/rev/a9e1b4d220b1
[wpt PR 11140] - Update wpt metadata, a=testonly
https://hg.mozilla.org/mozilla-central/rev/8a717234b858
https://hg.mozilla.org/mozilla-central/rev/a9e1b4d220b1
Status: NEW → RESOLVED
Closed: Last year
Resolution: --- → FIXED
Target Milestone: --- → mozilla62
You need to log in before you can comment on or make changes to this bug.