Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set wasm-unsafe-eval in CSP? #3447

Closed
twschiller opened this issue May 22, 2022 · 1 comment
Closed

Set wasm-unsafe-eval in CSP? #3447

twschiller opened this issue May 22, 2022 · 1 comment
Labels
mv3
Milestone
1.6.4

Comments

@twschiller
Copy link
Contributor

twschiller commented May 22, 2022
edited
Loading

Context

@fregante could you help look into this?
@twschiller twschiller added this to the 1.6.4 milestone May 22, 2022
@fregante
Copy link
Contributor

fregante commented May 24, 2022
edited
Loading

emscripten is that tool that compiles into WebAssembly (AKA Wasm), so yes in theory it does affect us.

From what I understand, they're adding a wasm-specific unsafe-eval key so that you can enable unsafe-eval for exclusively Wasm, but not JavaScript. The motivation paragraph here should be clear on this:

Since we already have an all-encompassing unsafe-eval, we don't need to specify the wasm-unsafe-eval subset.

If unsafe-eval were to be disabled in MV3, then we'll be able to switch to wasm-unsafe-eval

@fregante fregante removed their assignment May 24, 2022
@twschiller twschiller added the mv3 label May 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
mv3
Milestone
1.6.4
Development

No branches or pull requests
2 participants
@fregante @twschiller