commit | 615df311feca979548acd4f73ce3d7ac34449e3a | [log] [tgz] |
---|---|---|
author | shekyan <shekyan@gmail.com> | Thu Jul 14 19:10:31 2016 |
committer | Commit bot <commit-bot@chromium.org> | Thu Jul 14 19:12:36 2016 |
tree | eaa5f88de5726bc348a8d0df5a3679cc53330252 | |
parent | 1c073ae5204b186aa0695ecedc80abc5225d85a4 [diff] |
Implement the `require-sri-for` CSP directive As defined in [1], this CSP directive allows developers to block resource requests that do not contain integrity metadata. This includes contexts like external scripts, workers, shared workers, service workers, external stylesheets, preload requests, and requests originated by CSS @import. [1]: https://w3c.github.io/webappsec-subresource-integrity/#opt-in-require-sri-for Intent to implement: https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/jyCdW1dHyYA/YefRSKs1AQAJ BUG=618924 R=mkwst@chromium.org Review-Url: https://codereview.chromium.org/2056183002 Cr-Commit-Position: refs/heads/master@{#405530}