Demix securitypolicyviolation event from GlobalEventHandlers#16728
Conversation
|
This pull request has merge conflicts that must be resolved before it can be merged. |
|
Per https://w3c.github.io/webappsec-csp/#report-violation and https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/core/frame/csp/execution_context_csp_delegate.cc;l=287-294;drc=169c6cc102b39295a5bfe2f2a176b42b1c2fe2c4 the possible event targets are The entry on |
|
Are there any other changes that need to be made for this PR? |
|
Yes, there are differences in the data across the 3 entries that need to be explained or fixed:
I would expect that the events on Digging through source might be simpler than testing in this case. |
|
This pull request has merge conflicts that must be resolved before it can be merged. |
|
This pull request has merge conflicts that must be resolved before it can be merged. |
|
This pull request has merge conflicts that must be resolved before it can be merged. |
|
I merged this PR while there were changes requested because I wanted to defer version number updates to a future PR so it wouldn't block the demixing of GEH. I do plan to follow-up on this using results from the collector! |
Can you file an issue about this data? We can't trust the collector because it's based on the properties, and in particular the absence of changes suggested by the data doesn't imply that the questions in #16728 (comment) have been answered, so probably it will never come up organically from collector work. |
This PR demixes the
securitypolicyviolationevent from the GlobalEventHandlers mixin.