Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This change adds the policy container concept. See also https://github.com/antosart/policy-container-explained. A policy container serves as collection of policies to be applied to a document, WorkerGlobalScope, or WorkletGlobalScope. Its purpose is to simplify how policies are initialized and inherited. Policies are populated by parsing headers and/or meta elements. A policy container can be cloned, hence supporting inheritance of policies. Initially a policy container only contains a CSP list. This is not meant to be a behavioral change, but rather a refactoring. Small behavioral changes introduced by this change (for example storing and reloading policies from history) address what are usually considered to be bugs in the standard/implementation (which often turn out to be security vulnerabilities). CSP PR: w3c/webappsec-csp#482. Service Worker PR: w3c/ServiceWorker#1588. Helps with #4926.
- Loading branch information
