Open
Bug 1901492
Opened 3 months ago
Updated 13 days ago
Add CSP support for Trusted Types for Workers
Categories
(Core :: DOM: Security, task)
Core
DOM: Security
Tracking
()
NEW
People
(Reporter: mbrodesser-Igalia, Unassigned)
References
(Blocks 2 open bugs)
Details
(Whiteboard: [domsecurity-backlog])
The Worker's method to obtain the connected CSP currently has to be called from the main thread: https://searchfox.org/mozilla-central/rev/cc01f11adfacca9cd44a75fd140d2fdd8f9a48d4/dom/workers/WorkerPrivate.h#908-909.
Hence Trusted types code running in a Worker thread can't directly call that method.
There's a thread-safe alternative (https://searchfox.org/mozilla-central/rev/cc01f11adfacca9cd44a75fd140d2fdd8f9a48d4/dom/workers/WorkerPrivate.h#9210) which might be usable with some extensions.
A sketch for some of the work: https://phabricator.services.mozilla.com/D210435 and a summary of a discussion around it (https://phabricator.services.mozilla.com/D210435#7223565).
Updated•3 months ago
|
Severity: -- → N/A
Whiteboard: [domsecurity-backlog]
You need to log in
before you can comment on or make changes to this bug.
Description
•