chrome/renderer/chrome_content_renderer_client.cc - Issue 10792008: `chrome-extension` resources should bypass Content Security Policy. - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(8820)

My Issues | Starred Open | Closed | All

Unified Diff: chrome/renderer/chrome_content_renderer_client.cc

Issue 10792008: `chrome-extension` resources should bypass Content Security Policy. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Bad rebase. Created 8 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « chrome/browser/extensions/extension_resource_request_policy_apitest.cc ('k') | chrome/test/data/extensions/api_test/extension_resource_request_policy/web_accessible/accessible_resource_with_csp.html » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/renderer/chrome_content_renderer_client.cc

diff --git a/chrome/renderer/chrome_content_renderer_client.cc b/chrome/renderer/chrome_content_renderer_client.cc

index 3ca868a34edb163fa99ded36ff6c72c9e98b1096..a386ac0dcf94dfbad4c50a2e3da67bc21e5e79b9 100644

--- a/chrome/renderer/chrome_content_renderer_client.cc

+++ b/chrome/renderer/chrome_content_renderer_client.cc

@@ -240,6 +240,13 @@ void ChromeContentRendererClient::RenderThreadStarted() {

// chrome-extension-resource: resources should be allowed to receive CORS

// requests.

WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_resource_scheme);

+

+ // chrome-extension: resources should bypass Content Security Policy checks

+ // when included in protected resources.

+ WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(

+ extension_scheme);

+ WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(

+ extension_resource_scheme);

}

void ChromeContentRendererClient::RenderViewCreated(

« no previous file with comments | « chrome/browser/extensions/extension_resource_request_policy_apitest.cc ('k') | chrome/test/data/extensions/api_test/extension_resource_request_policy/web_accessible/accessible_resource_with_csp.html » ('j') | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698