Open Bug 1808911 Opened 2 years ago Updated 2 years ago

securitypolicyviolation from Worklet can be delayed

Tracking

()

Status:

NEW

People

(Reporter: tschuster, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-backlog2])

Tom Schuster

Reporter

Description

•

2 years ago

We had various test failures that seem to be caused by Worklets breaking the assumption that securitypolicyviolation events are triggered after a setTimeout(0). (bug 1785547 and bug 1785526)

I worked around this in bug 1785547 by increasing the timeout.

Tom Schuster

Reporter

Updated

•

2 years ago

Blocks: CSP

Depends on: 1785526

Frederik Braun [:freddy]

Comment 1

•

2 years ago

is this a timing issue with worklet's exposing a more granular substep in timing than our CSP code?
I'm not sure I fully understand the issue here.

Severity: -- → S3

Priority: -- → P3

Whiteboard: [domsecurity-backlog2]

You need to log in before you can comment on or make changes to this bug.

Bugzilla

securitypolicyviolation from Worklet can be delayed

Categories

(Core :: DOM: Security, defect, P3)

Tracking

()

People

(Reporter: tschuster, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-backlog2])

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1