mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-10-22 08:00:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9
71693 commits 1 branch 0 tags 545 MiB
Commit graph

4 commits

Author SHA1 Message Date
Tete17
8df173e1bd LibWeb: Add require-trusted-types-for Directive 
This is meant to configure the behaviour of an injection sinks when a
string is passed.
 2025-09-01 16:19:24 +01:00
Tete17
966e00fd69 LibWeb: Finish algorithm to block trusted type policy creation with CSP 
This is the mechanism that should pages to determine what kind of
policies can be created on their domains mostly based around the HTTP
headers the server responds with.
 2025-08-11 12:21:31 +01:00
Luke Wilde
050f984625 LibWeb/CSP: Add Keyword Sources FlyStrings 2025-07-01 10:24:24 +12:00
Luke Wilde
e34a6c86b9 LibWeb: Introduce Content Security Policy policies and directives 
These form the basis of Content Security Policy. A policy is a
collection of directives that are parsed from either the
Content-Security-Policy(-Report-Only) HTTP header, or the `<meta>`
element.

The directives are what restrict the operations can be performed in the
current global execution context. For example, "frame-ancestors: none"
tells us to prevent the page from being loaded in an embedded context,
such as `<iframe>`.

You can see it a bit like OpenBSD's pledge() functionality, but for the
web platform: https://man.openbsd.org/pledge.2
 2025-03-04 14:27:19 +01:00