mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-07-24 18:02:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9
68206 commits 1 branch 0 tags 485 MiB
Commit graph

8 commits

Author SHA1 Message Date
Luke Wilde
278666edcd LibWeb: Enforce Content Security Policy on navigation request/response
Some checks are pending
CI / Lagom (x86_64, Fuzzers_CI, false, ubuntu-24.04, Linux, Clang) (push) Waiting to run
Details
CI / Lagom (arm64, Sanitizer_CI, false, macos-15, macOS, Clang) (push) Waiting to run
Details
CI / Lagom (x86_64, Sanitizer_CI, false, ubuntu-24.04, Linux, GNU) (push) Waiting to run
Details
CI / Lagom (x86_64, Sanitizer_CI, true, ubuntu-24.04, Linux, Clang) (push) Waiting to run
Details
Package the js repl as a binary artifact / build-and-package (macos-14, macOS, macOS-universal2) (push) Waiting to run
Details
Package the js repl as a binary artifact / build-and-package (ubuntu-24.04, Linux, Linux-x86_64) (push) Waiting to run
Details
Run test262 and test-wasm / run_and_update_results (push) Waiting to run
Details
Lint Code / lint (push) Waiting to run
Details
Label PRs with merge conflicts / auto-labeler (push) Waiting to run
Details
Push notes / build (push) Waiting to run
Details
2025-04-01 04:01:28 +02:00
Luke Wilde
7643a079c0 LibWeb: Enforce Content Security Policy of Fetch responses 2025-03-19 00:55:14 +01:00
Luke Wilde
51796e2d3a LibWeb: Report CSP violations for request 2025-03-19 00:55:14 +01:00
Luke Wilde
6f771f45e2 LibWeb: Enforce Content Security Policy on Fetch requests 2025-03-19 00:55:14 +01:00
Luke Wilde
86170f4bfd LibWeb/CSP: Introduce the ability to create and report a violation 
A violation provides several details about an enforcement failing, such
as the URL of the document, the directive that returned "Blocked", etc.
 2025-03-19 00:55:14 +01:00
Luke Wilde
02236be737 LibWeb/CSP: Implement SecurityPolicyViolationEvent 
This is used to report violations of policies to the element/global
object that caused it.
 2025-03-19 00:55:14 +01:00
Aliaksandr Kalenik
56971a4201 LibWeb: Delete FIXME debug log in PolicyList 
It adds too much spam in test runner output.
 2025-03-13 22:16:47 +01:00
Luke Wilde
e34a6c86b9 LibWeb: Introduce Content Security Policy policies and directives 
These form the basis of Content Security Policy. A policy is a
collection of directives that are parsed from either the
Content-Security-Policy(-Report-Only) HTTP header, or the `<meta>`
element.

The directives are what restrict the operations can be performed in the
current global execution context. For example, "frame-ancestors: none"
tells us to prevent the page from being loaded in an embedded context,
such as `<iframe>`.

You can see it a bit like OpenBSD's pledge() functionality, but for the
web platform: https://man.openbsd.org/pledge.2
 2025-03-04 14:27:19 +01:00