Codebase Browser
chromium
Go to App

chromium/components/policy/resources/templates/policy_definitions/Miscellaneous/StrictMimetypeCheckForWorkerScriptsEnabled.yaml 

caption: Enable strict MIME type checking for worker scripts
default: true
desc: "This policy enables strict MIME type checking for worker scripts.\n\n     \
  \ When enabled or unset, then worker scripts will use strict MIME type checking\
  \ for JavaScript, which is the new default behaviour. Worker scripts with legacy\
  \ MIME types will be rejected.\n\n      When disabled, then worker scripts will\
  \ use lax MIME type checking, so that worker scripts with legacy MIME types, e.g.\
  \ <ph name=\"MIMETYPE_TEXT_ASCII\">text/ascii</ph>, will continue to be loaded and\
  \ executed.\n\n      Browsers traditionally used lax MIME type checking, so that\
  \ resources with a number of legacy MIME types were supported. E.g. for JavaScript\
  \ resources, <ph name=\"MIMETYPE_TEXT_ASCII\">text/ascii</ph> is a legacy supported\
  \ MIME type. This may cause security issues, by allowing to load resources as scripts\
  \ that were never intended to be used as such. Chrome will transition to use strict\
  \ MIME type checking in the near future. The enabled policy will track the default\
  \ behaviour. Disabling this policy allows administrators to retain the legacy behaviour,\
  \ if desired.\n\n      See https://html.spec.whatwg.org/multipage/scripting.html#scriptingLanguage\
  \ for details about JavaScript / ECMAScript media types.\n      "
example_value: false
features:
  dynamic_refresh: true
  per_profile: true
future_on:
- fuchsia
items:
- caption: Scripts for workers (Web Workers, Service Workers, etc.) require a JavaScript
    MIME type, like <ph name="MIMETYPE_TEXT_JAVASCRIPT">text/javascript</ph>. Worker
    scripts with legacy MIME types, like <ph name="MIMETYPE_TEXT_ASCII">text/ascii</ph>,
    will be rejected.
  value: true
- caption: Scripts for workers (Web Workers, Service Workers, etc.) use lax MIME type
    checking. Worker scripts with legacy MIME types, like <ph name="MIMETYPE_TEXT_ASCII">text/ascii</ph>,
    will work.
  value: false
owners:
- [email protected]
- [email protected]
schema:
  type: boolean
supported_on:
- chrome.*:107-
- chrome_os:107-
- android:107-
tags: []
type: main