Source/web/WebSharedWorkerImpl.cpp - Issue 1128813003: Give shared workers their own content security policies

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: Source/web/WebSharedWorkerImpl.cpp

Issue 1128813003: Give shared workers their own content security policies (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: rebase Created 5 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: Source/web/WebSharedWorkerImpl.cpp

diff --git a/Source/web/WebSharedWorkerImpl.cpp b/Source/web/WebSharedWorkerImpl.cpp

index a3e270508c21cffab6c5c8387a1222b2423bb9dc..4382dca91a58da0730e10d3c5769f4bbd215eaf1 100644

--- a/Source/web/WebSharedWorkerImpl.cpp

+++ b/Source/web/WebSharedWorkerImpl.cpp

@@ -104,6 +104,7 @@ public:

{

m_identifier = identifier;

m_appCacheID = response.appCacheID();

+ processContentSecurityPolicy(response);

(*m_receiveResponseCallback)();

}

@@ -124,8 +125,12 @@ public:

long long appCacheID() const { return m_appCacheID; }

private:

- Loader() : m_scriptLoader(WorkerScriptLoader::create()), m_identifier(0), m_appCacheID(0)

+ Loader()

+ : m_scriptLoader(WorkerScriptLoader::create())

+ , m_identifier(0)

+ , m_appCacheID(0)

{

+ setContentSecurityPolicy(ContentSecurityPolicy::create());

}

RefPtr<WorkerScriptLoader> m_scriptLoader;

@@ -373,8 +378,6 @@ void WebSharedWorkerImpl::startWorkerContext(const WebURL& url, const WebString&

{

m_url = url;

m_name = name;

- m_contentSecurityPolicy = contentSecurityPolicy;

- m_policyType = policyType;

initializeLoader();

}

@@ -414,7 +417,7 @@ void WebSharedWorkerImpl::onScriptLoaderFinished()

provideLocalFileSystemToWorker(workerClients.get(), LocalFileSystemClient::create());

WebSecurityOrigin webSecurityOrigin(m_loadingDocument->securityOrigin());

provideContentSettingsClientToWorker(workerClients.get(), adoptPtr(client()->createWorkerContentSettingsClientProxy(webSecurityOrigin)));

- OwnPtr<WorkerThreadStartupData> startupData = WorkerThreadStartupData::create(m_url, m_loadingDocument->userAgent(m_url), m_mainScriptLoader->script(), nullptr, startMode, m_contentSecurityPolicy, static_cast<ContentSecurityPolicyHeaderType>(m_policyType), starterOrigin, workerClients.release());

+ OwnPtr<WorkerThreadStartupData> startupData = WorkerThreadStartupData::create(m_url, m_loadingDocument->userAgent(m_url), m_mainScriptLoader->script(), nullptr, startMode, m_mainScriptLoader->contentSecurityPolicy()->deprecatedHeader(), static_cast<ContentSecurityPolicyHeaderType>(m_mainScriptLoader->contentSecurityPolicy()->deprecatedHeaderType()), starterOrigin, workerClients.release());

m_loaderProxy = WorkerLoaderProxy::create(this);

setWorkerThread(SharedWorkerThread::create(m_name, m_loaderProxy, *this, startupData.release()));

InspectorInstrumentation::scriptImported(m_loadingDocument.get(), m_mainScriptLoader->identifier(), m_mainScriptLoader->script());

« Source/core/workers/WorkerScriptLoaderClient.cpp ('K') | « Source/web/WebSharedWorkerImpl.h ('k') | no next file » | no next file with comments »