New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 648589 link

Starred by 2 users
Status: Fixed
Owner:
sunyunjia@chromium.org
Closed: Sep 2016
Cc:
tkent@chromium.org
dtapu...@chromium.org
rnimmagadda@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 1
Type: Bug-Regression



Sign in to add a comment

Error with <input type="range"> & Content Security Policy

Reported by a...@scirra.com, Sep 20 2016 
UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2865.0 Safari/537.36

Example URL:
https://dl.dropboxusercontent.com/u/15217362/bugs/range-csp.html

Steps to reproduce the problem:
Use <input type="range"> in a page which specifies a CSP of style-src 'self'

What is the expected behavior?
No error messages logged

What went wrong?
Chrome logs the following error message:

Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-+E0udDquYztAidv9j+PSo6X9KlNmcgWUHZm+Ff36dhA='), or a nonce ('nonce-...') is required to enable inline execution.

Does it occur on multiple sites: Yes

Is it a problem with a plugin? No 

Did this work before? Yes Chrome 53 stable is not affected

Does this work in other browsers? No Edge reports similar error; Firefox works OK

Chrome version: 55.0.2865.0  Channel: n/a
OS Version: 10.0
Flash Version: Shockwave Flash 23.0 r0

Comment 1 by dtapu...@chromium.org, Sep 20 2016

Cc: tkent@chromium.org dtapu...@chromium.org
Components: -Blink Blink>Forms
Owner: sunyunjia@chromium.org
Status: Assigned (was: Unconfirmed)
sunyunjia@ can you investigate if this was caused by  https://codereview.chromium.org/2209773002

Comment 2 by tkent@chromium.org, Sep 20 2016

Components: -Blink>Forms Blink>Forms>Range Blink>SecurityFeature
Labels: Needs-Bisect

Comment 3 by ajha@chromium.org, Sep 21 2016

Labels: -Type-Bug -Pri-2 -Needs-Bisect hasbisect-per-revision M-54 OS-Linux OS-Mac Pri-1 Type-Bug-Regression
Issue is reproducible on the latest canary(55.0.2866.0) on Windows-10, Mac OS 10.11.6 and Linux Ubuntu 14.04 as well.

Regressed in M-54.

Last good build: 54.0.2836.0
First bad build: 54.0.2837.0

Changelog:
You are probably looking for a change made after 413615 (known good), but no later than 413616 (first known bad).
CHANGELOG URL:
The script might not always return single CL as suspectas some perf builds might get missing due to failure.
  https://chromium.googlesource.com/chromium/src/+log/2d0f1c99df0653ac847639193c59579918ba74ca..cb18694aff180e913277a346a37e74835935b37d

sunyunjia@: Could you please take a look at this.

Thank you!

Comment 4 by sunyunjia@chromium.org, Sep 21 2016

Status: Started (was: Assigned)
Project Member

Comment 5 by bugdroid1@chromium.org, Sep 22 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/bf99fb1ccc22a6b037045f6174d8a113d97f1ef7

commit bf99fb1ccc22a6b037045f6174d8a113d97f1ef7
Author: sunyunjia <sunyunjia@chromium.org>
Date: Thu Sep 22 21:00:45 2016

Allows inline style in User-Agent shadow trees under CSP

When a page specifies a CSP of style-src 'self', it does not allow inline style
changes. However, the node under User-Agent shadow trees should be an exception
as developers are not allowed to modify the inline-style, but blink may need
it. So we add shadow dom elements as an exception under CSP.

BUG= 648589 

Review-Url: https://codereview.chromium.org/2359813002
Cr-Commit-Position: refs/heads/master@{#420456}

[add] https://crrev.com/bf99fb1ccc22a6b037045f6174d8a113d97f1ef7/third_party/WebKit/LayoutTests/fast/events/touch/touch-action-range-input-csp.html
[modify] https://crrev.com/bf99fb1ccc22a6b037045f6174d8a113d97f1ef7/third_party/WebKit/Source/core/dom/Element.cpp
[modify] https://crrev.com/bf99fb1ccc22a6b037045f6174d8a113d97f1ef7/third_party/WebKit/Source/core/html/forms/RangeInputType.cpp

Comment 6 by sunyunjia@chromium.org, Sep 22 2016

Status: Fixed (was: Started)

Comment 7 by tkent@chromium.org, Sep 22 2016

Labels: Merge-Request-54

Comment 8 by dimu@chromium.org, Sep 23 2016

Labels: -Merge-Request-54 Merge-Approved-54 Hotlist-Merge-Approved
Your change meets the bar and is auto-approved for M54 (branch: 2840)

Comment 9 by tkent@chromium.org, Sep 25 2016 

sunyunjia@, please merge the fix to M54 branch.
Project Member

Comment 10 by bugdroid1@chromium.org, Sep 26 2016

Labels: -merge-approved-54 merge-merged-2840
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/aa31201e326904bb4fe00014391e936dfab93ecb

commit aa31201e326904bb4fe00014391e936dfab93ecb
Author: Majid Valipour <majidvp@chromium.org>
Date: Mon Sep 26 13:50:56 2016

Allows inline style in User-Agent shadow trees under CSP

When a page specifies a CSP of style-src 'self', it does not allow inline style
changes. However, the node under User-Agent shadow trees should be an exception
as developers are not allowed to modify the inline-style, but blink may need
it. So we add shadow dom elements as an exception under CSP.

BUG= 648589 

Review-Url: https://codereview.chromium.org/2359813002
Cr-Commit-Position: refs/heads/master@{#420456}
(cherry picked from commit bf99fb1ccc22a6b037045f6174d8a113d97f1ef7)

Review URL: https://codereview.chromium.org/2366353002 .

Cr-Commit-Position: refs/branch-heads/2840@{#524}
Cr-Branched-From: 1ae106dbab4bddd85132d5b75c670794311f4c57-refs/heads/master@{#414607}

[add] https://crrev.com/aa31201e326904bb4fe00014391e936dfab93ecb/third_party/WebKit/LayoutTests/fast/events/touch/touch-action-range-input-csp.html
[modify] https://crrev.com/aa31201e326904bb4fe00014391e936dfab93ecb/third_party/WebKit/Source/core/dom/Element.cpp
[modify] https://crrev.com/aa31201e326904bb4fe00014391e936dfab93ecb/third_party/WebKit/Source/core/html/forms/RangeInputType.cpp

Comment 11 by dtapu...@chromium.org, Sep 27 2016

Labels: Hotlist-Input-Dev

Comment 12 by rnimmagadda@chromium.org, Sep 28 2016

Cc: rnimmagadda@chromium.org
Labels: TE-Verified-54.0.2840.41 TE-Verified-M54
Verified the fix on Windows 7, MAC (10.11.6) & Ubuntu Trusty (14.04) for Google Chrome Beta Version - 54.0.2840.41

Screen-recording is attached.

TE-Verified Labels are added.
648589.mov
944 KB Download
Project Member

Comment 13 by bugdroid1@chromium.org, Oct 27 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/aa31201e326904bb4fe00014391e936dfab93ecb

commit aa31201e326904bb4fe00014391e936dfab93ecb
Author: Majid Valipour <majidvp@chromium.org>
Date: Mon Sep 26 13:50:56 2016

Allows inline style in User-Agent shadow trees under CSP

When a page specifies a CSP of style-src 'self', it does not allow inline style
changes. However, the node under User-Agent shadow trees should be an exception
as developers are not allowed to modify the inline-style, but blink may need
it. So we add shadow dom elements as an exception under CSP.

BUG= 648589 

Review-Url: https://codereview.chromium.org/2359813002
Cr-Commit-Position: refs/heads/master@{#420456}
(cherry picked from commit bf99fb1ccc22a6b037045f6174d8a113d97f1ef7)

Review URL: https://codereview.chromium.org/2366353002 .

Cr-Commit-Position: refs/branch-heads/2840@{#524}
Cr-Branched-From: 1ae106dbab4bddd85132d5b75c670794311f4c57-refs/heads/master@{#414607}

[add] https://crrev.com/aa31201e326904bb4fe00014391e936dfab93ecb/third_party/WebKit/LayoutTests/fast/events/touch/touch-action-range-input-csp.html
[modify] https://crrev.com/aa31201e326904bb4fe00014391e936dfab93ecb/third_party/WebKit/Source/core/dom/Element.cpp
[modify] https://crrev.com/aa31201e326904bb4fe00014391e936dfab93ecb/third_party/WebKit/Source/core/html/forms/RangeInputType.cpp

Sign in to add a comment