Set correct policy-container for worker construction (#36603)

This makes sure that when workers are created, their global scope has
the correct policy-container set
so that we can do CSP-checks.

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>

1 files changed, 6 insertions, 0 deletions

diff --git a/components/script/dom/workerglobalscope.rs b/components/script/dom/workerglobalscope.rs
index 5775375c385..695119715e4 100644
--- a/components/script/dom/workerglobalscope.rs
+++ b/components/script/dom/workerglobalscope.rs
@@ -12,6 +12,7 @@ use std::time::Duration;
 use base::cross_process_instant::CrossProcessInstant;
 use base::id::{PipelineId, PipelineNamespace};
 use constellation_traits::WorkerGlobalScopeInit;
+use content_security_policy::CspList;
 use crossbeam_channel::Receiver;
 use devtools_traits::{DevtoolScriptControlMsg, WorkerId};
 use dom_struct::dom_struct;
@@ -246,6 +247,10 @@ impl WorkerGlobalScope {
         self.policy_container.borrow()
     }
 
+    pub(crate) fn set_csp_list(&self, csp_list: Option<CspList>) {
+        self.policy_container.borrow_mut().set_csp_list(csp_list);
+    }
+
     /// Get a mutable reference to the [`TimerScheduler`] for this [`ServiceWorkerGlobalScope`].
     pub(crate) fn timer_scheduler(&self) -> RefMut<TimerScheduler> {
         self.timer_scheduler.borrow_mut()
@@ -300,6 +305,7 @@ impl WorkerGlobalScopeMethods<crate::DomTypeHolder> for WorkerGlobalScope {
             .use_url_credentials(true)
             .origin(global_scope.origin().immutable().clone())
             .insecure_requests_policy(self.insecure_requests_policy())
+            .policy_container(global_scope.policy_container())
             .has_trustworthy_ancestor_origin(
                 global_scope.has_trustworthy_ancestor_or_current_origin(),
             )