Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(30)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ui/webui/options/options_ui.cc

Issue 7003007: Apply content-security-policy to the HTML options page. This is a (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/resources/webui.css ('k') | chrome/common/common_resources.grd » ('j') | chrome/common/jstemplate_builder.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ui/webui/options/options_ui.h" 5 #include "chrome/browser/ui/webui/options/options_ui.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <vector> 8 #include <vector>
9 9
10 #include "base/callback.h" 10 #include "base/callback.h"
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after
103 : DataSource(chrome::kChromeUISettingsHost, MessageLoop::current()) { 103 : DataSource(chrome::kChromeUISettingsHost, MessageLoop::current()) {
104 DCHECK(localized_strings); 104 DCHECK(localized_strings);
105 localized_strings_.reset(localized_strings); 105 localized_strings_.reset(localized_strings);
106 } 106 }
107 107
108 OptionsUIHTMLSource::~OptionsUIHTMLSource() {} 108 OptionsUIHTMLSource::~OptionsUIHTMLSource() {}
109 109
110 void OptionsUIHTMLSource::StartDataRequest(const std::string& path, 110 void OptionsUIHTMLSource::StartDataRequest(const std::string& path,
111 bool is_incognito, 111 bool is_incognito,
112 int request_id) { 112 int request_id) {
113 scoped_refptr<RefCountedBytes> html_bytes(new RefCountedBytes);
abarth-chromium 2011/05/10 21:11:45 It seems odd to call this html_bytes because somet
113 SetFontAndTextDirection(localized_strings_.get()); 114 SetFontAndTextDirection(localized_strings_.get());
114 115
115 static const base::StringPiece options_html( 116 if (path == "strings")
abarth-chromium 2011/05/10 21:11:45 I'm not sure whether this is the best name. Maybe
116 ResourceBundle::GetSharedInstance().GetRawDataResource( 117 {
abarth-chromium 2011/05/10 21:11:45 This { should be on the previous line per the styl
117 IDR_OPTIONS_HTML)); 118 std::string template_data;
118 const std::string full_html = jstemplate_builder::GetI18nTemplateHtml( 119 jstemplate_builder::AppendJsonJS(localized_strings_.get(), &template_data);
119 options_html, localized_strings_.get()); 120 html_bytes->data.resize(template_data.size());
120 121 std::copy(template_data.begin(),
121 scoped_refptr<RefCountedBytes> html_bytes(new RefCountedBytes); 122 template_data.end(),
122 html_bytes->data.resize(full_html.size()); 123 html_bytes->data.begin());
123 std::copy(full_html.begin(), full_html.end(), html_bytes->data.begin()); 124 } else {
125 static const base::StringPiece options_html(
126 ResourceBundle::GetSharedInstance().GetRawDataResource(
127 IDR_OPTIONS_HTML));
128 html_bytes->data.resize(options_html.size());
129 std::copy(options_html.begin(),
130 options_html.end(),
131 html_bytes->data.begin());
132 }
124 133
125 SendResponse(request_id, html_bytes); 134 SendResponse(request_id, html_bytes);
126 } 135 }
127 136
128 std::string OptionsUIHTMLSource::GetMimeType(const std::string&) const { 137 std::string OptionsUIHTMLSource::GetMimeType(const std::string& path) const {
138 if (path == "strings")
abarth-chromium 2011/05/10 21:11:45 This string appears twice. Maybe make it a named
139 return "application/javascript";
140
129 return "text/html"; 141 return "text/html";
130 } 142 }
131 143
132 //////////////////////////////////////////////////////////////////////////////// 144 ////////////////////////////////////////////////////////////////////////////////
133 // 145 //
134 // OptionsPageUIHandler 146 // OptionsPageUIHandler
135 // 147 //
136 //////////////////////////////////////////////////////////////////////////////// 148 ////////////////////////////////////////////////////////////////////////////////
137 149
138 OptionsPageUIHandler::OptionsPageUIHandler() { 150 OptionsPageUIHandler::OptionsPageUIHandler() {
(...skipping 186 matching lines...) Expand 10 before | Expand all | Expand 10 after
325 OptionsPageUIHandler* handler_raw) { 337 OptionsPageUIHandler* handler_raw) {
326 scoped_ptr<OptionsPageUIHandler> handler(handler_raw); 338 scoped_ptr<OptionsPageUIHandler> handler(handler_raw);
327 DCHECK(handler.get()); 339 DCHECK(handler.get());
328 // Add only if handler's service is enabled. 340 // Add only if handler's service is enabled.
329 if (handler->IsEnabled()) { 341 if (handler->IsEnabled()) {
330 handler->GetLocalizedValues(localized_strings); 342 handler->GetLocalizedValues(localized_strings);
331 // Add handler to the list and also pass the ownership. 343 // Add handler to the list and also pass the ownership.
332 AddMessageHandler(handler.release()->Attach(this)); 344 AddMessageHandler(handler.release()->Attach(this));
333 } 345 }
334 } 346 }
OLDNEW
« no previous file with comments | « chrome/browser/resources/webui.css ('k') | chrome/common/common_resources.grd » ('j') | chrome/common/jstemplate_builder.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698