From 00070455fdb084e9f8593424c6724e8d571f8d03 Mon Sep 17 00:00:00 2001 From: Timothy Flynn Date: Wed, 26 Nov 2025 19:14:56 -0500 Subject: [PATCH] LibWeb: Parse the correct header list for CSP-Report-Only Fixes a regression from a copy-paste mistake in commit: ed27eea09105e4be93385a84b172723b7a1c112f The regressed CSP tests aren't able to be imported, unfortunately. They do not work with the file-based test-web infra. --- Libraries/LibWeb/ContentSecurityPolicy/Policy.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Libraries/LibWeb/ContentSecurityPolicy/Policy.cpp b/Libraries/LibWeb/ContentSecurityPolicy/Policy.cpp index 9a41fe3d94e..97665388d3d 100644 --- a/Libraries/LibWeb/ContentSecurityPolicy/Policy.cpp +++ b/Libraries/LibWeb/ContentSecurityPolicy/Policy.cpp @@ -118,7 +118,7 @@ GC::Ref Policy::parse_a_responses_content_security_policies(GC::Heap // response’s header list: auto report_policy_tokens_or_failure = response->header_list()->extract_header_list_values("Content-Security-Policy-Report-Only"sv); - if (auto const* report_policy_tokens = enforce_policy_tokens_or_failure.get_pointer>()) { + if (auto const* report_policy_tokens = report_policy_tokens_or_failure.get_pointer>()) { for (auto const& report_policy_token : *report_policy_tokens) { // 1. Let policy be the result of parsing token, with a source of "header", and a disposition of "report". auto policy = parse_a_serialized_csp(heap, report_policy_token, Policy::Source::Header, Policy::Disposition::Report);