diff options
| author | Simon Wülker <simon.wuelker@arcor.de> | 2025-04-30 22:53:24 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-04-30 20:53:24 +0000 |
| commit | d8c2a7eaf1091db1eb3a0f96401977cda7f27d83 (patch) | |
| tree | a8665d972acc9ccd5b1ae60355778b74ad964cd7 /components/script | |
| parent | 53107ec157cd92818b107076922ab03493d08d58 (diff) | |
| download | servo-d8c2a7eaf1091db1eb3a0f96401977cda7f27d83.tar.gz servo-d8c2a7eaf1091db1eb3a0f96401977cda7f27d83.zip | |
Set cryptographic nonce metadata for module script fetch operations (#36776)
This fixes a bunch of CSP errors on reddit.com
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Diffstat (limited to 'components/script')
| -rw-r--r-- | components/script/script_module.rs | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/components/script/script_module.rs b/components/script/script_module.rs index c7697adeea6..0aa35a2eda8 100644 --- a/components/script/script_module.rs +++ b/components/script/script_module.rs @@ -1369,7 +1369,7 @@ pub(crate) unsafe extern "C" fn host_import_module_dynamically( true } -#[derive(Clone, JSTraceable, MallocSizeOf)] +#[derive(Clone, Debug, JSTraceable, MallocSizeOf)] /// <https://html.spec.whatwg.org/multipage/#script-fetch-options> pub(crate) struct ScriptFetchOptions { #[no_trace] @@ -1763,7 +1763,8 @@ fn fetch_single_module_script( .mode(mode) .insecure_requests_policy(global.insecure_requests_policy()) .has_trustworthy_ancestor_origin(global.has_trustworthy_ancestor_origin()) - .policy_container(global.policy_container().to_owned()); + .policy_container(global.policy_container().to_owned()) + .cryptographic_nonce_metadata(options.cryptographic_nonce.clone()); let context = Arc::new(Mutex::new(ModuleContext { owner, |