net: Ignore subresource integrity with invalid base64 value by Gae24 · Pull Request #42931 · servo/servo

Gae24 · 2026-03-01T12:30:35Z

Found this while analysing module preload test failures. In particular a subtest of modulepreload.html was recently updated to catch this.
We need to ensure that SRI hash follows the base64 grammar specified by CSP.

Testing: Updated test expectations of a test

Gae24 · 2026-03-01T12:34:09Z

It's possible to defer this to the csp crate, but more changes will probably be needed.

TimvdLippe

Needs rebase for Cargo.lock

Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>

) Found this while analysing module preload test failures. In particular a subtest of `modulepreload.html` was recently [updated](web-platform-tests/wpt#57243) to catch this. We need to ensure that SRI hash follows the base64 grammar specified by CSP. Testing: Updated test expectations of a test --------- Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>

servo-highfive added the S-awaiting-review There is new code that needs to be reviewed. label Mar 1, 2026

TimvdLippe approved these changes Mar 1, 2026

View reviewed changes

servo-highfive added S-needs-rebase There are merge conflict errors. and removed S-awaiting-review There is new code that needs to be reviewed. labels Mar 1, 2026

Taym95 approved these changes Mar 1, 2026

View reviewed changes

Gae24 added 3 commits March 1, 2026 19:15

net: check that SRI digest is in base64 format

4376e44

Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>

add spec comments

d3a8084

Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>

update test expectations

60487e7

Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>

Gae24 force-pushed the non-base64-sri branch from 0cb5b25 to 60487e7 Compare March 1, 2026 18:15

servo-highfive added S-awaiting-review There is new code that needs to be reviewed. and removed S-needs-rebase There are merge conflict errors. labels Mar 1, 2026

TimvdLippe enabled auto-merge March 1, 2026 18:24

TimvdLippe added this pull request to the merge queue Mar 1, 2026

servo-highfive added the S-awaiting-merge The PR is in the process of compiling and running tests on the automated CI. label Mar 1, 2026

Merged via the queue into servo:main with commit 63d9116 Mar 1, 2026
33 checks passed

servo-highfive removed the S-awaiting-merge The PR is in the process of compiling and running tests on the automated CI. label Mar 1, 2026

Gae24 deleted the non-base64-sri branch March 8, 2026 19:31

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

net: Ignore subresource integrity with invalid base64 value#42931

net: Ignore subresource integrity with invalid base64 value#42931
TimvdLippe merged 3 commits into
servo:mainfrom
Gae24:non-base64-sri

Gae24 commented Mar 1, 2026

Uh oh!

Gae24 commented Mar 1, 2026

Uh oh!

TimvdLippe left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Uh oh!

Conversation

Gae24 commented Mar 1, 2026

Uh oh!

Gae24 commented Mar 1, 2026

Uh oh!

TimvdLippe left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants