From e872f92c8bd6f6da2117235cb92bb639f8fcfbf4 Mon Sep 17 00:00:00 2001 From: Mirko Brodesser Date: Thu, 19 Sep 2024 20:25:14 +0000 Subject: [PATCH] change to create securitypolicyviolation event on javascript URL execution. Previously, the securitypolicyviolation was created because an inline event handler was attempted to be executed. The inline event handler's code didn't matter. Differential Revision: https://phabricator.services.mozilla.com/D222424 bugzilla-url: https://bugzilla.mozilla.org/show_bug.cgi?id=1919229 gecko-commit: 4349180baf89c9539fb7b7d77ab1be3a4feb2353 gecko-reviewers: tschuster --- .../to-javascript-parent-initiated-parent-csp.html | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp.html b/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp.html index 8aa8884914d581..98052c42c1e8f0 100644 --- a/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp.html +++ b/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp.html @@ -6,9 +6,9 @@ -