mirror of
https://github.com/servo/servo
synced 2026-05-09 16:42:16 +02:00
2366a67260
This PR resolves [#36592](https://github.com/servo/servo/issues/36592) by updating the `RequestBuilder` used in `script_module.rs` to include: - `insecure_requests_policy` - `has_trustworthy_ancestor_origin` - `policy_container` These fields are critical for enforcing proper fetch behavior under modern web security models, and were previously omitted from module script requests. This change ensures that scripts loaded via `<script type="module">` or dynamic `import()` correctly reflect the calling document’s security environment. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: --> - [X] `./mach build -d` does not report any errors - [X] `./mach test-tidy` does not report any errors - [X] These changes fix #36592 <!-- Either: --> - [X] There are tests for these changes Signed-off-by: Emmanuel Elom <elomemmanuel007@gmail.com>
63 KiB
63 KiB