| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "config.h" | 5 #include "config.h" |
| 6 #include "core/frame/SubresourceIntegrity.h" | 6 #include "core/frame/SubresourceIntegrity.h" |
| 7 | 7 |
| 8 #include "core/HTMLNames.h" | 8 #include "core/HTMLNames.h" |
| 9 #include "core/dom/Document.h" | 9 #include "core/dom/Document.h" |
| 10 #include "core/dom/Element.h" | 10 #include "core/dom/Element.h" |
| (...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 101 DigestValue convertedHashVector; | 101 DigestValue convertedHashVector; |
| 102 convertedHashVector.append(reinterpret_cast<uint8_t*>(hashVector.dat
a()), hashVector.size()); | 102 convertedHashVector.append(reinterpret_cast<uint8_t*>(hashVector.dat
a()), hashVector.size()); |
| 103 | 103 |
| 104 if (DigestsEqual(digest, convertedHashVector)) { | 104 if (DigestsEqual(digest, convertedHashVector)) { |
| 105 UseCounter::count(document, UseCounter::SRIElementWithMatchingIn
tegrityAttribute); | 105 UseCounter::count(document, UseCounter::SRIElementWithMatchingIn
tegrityAttribute); |
| 106 return true; | 106 return true; |
| 107 } | 107 } |
| 108 } | 108 } |
| 109 } | 109 } |
| 110 | 110 |
| 111 digest.clear(); |
| 111 if (computeDigest(HashAlgorithmSha256, normalizedSource.data(), normalizedSo
urce.length(), digest)) { | 112 if (computeDigest(HashAlgorithmSha256, normalizedSource.data(), normalizedSo
urce.length(), digest)) { |
| 112 // This message exposes the digest of the resource to the console. | 113 // This message exposes the digest of the resource to the console. |
| 113 // Because this is only to the console, that's okay for now, but we | 114 // Because this is only to the console, that's okay for now, but we |
| 114 // need to be very careful not to expose this in exceptions or | 115 // need to be very careful not to expose this in exceptions or |
| 115 // JavaScript, otherwise it risks exposing information about the | 116 // JavaScript, otherwise it risks exposing information about the |
| 116 // resource cross-origin. | 117 // resource cross-origin. |
| 117 logErrorToConsole("Failed to find a valid digest in the 'integrity' attr
ibute for resource '" + resourceUrl.elidedString() + "' with computed SHA-256 in
tegrity '" + digestToString(digest) + "'. The resource has been blocked.", docum
ent); | 118 logErrorToConsole("Failed to find a valid digest in the 'integrity' attr
ibute for resource '" + resourceUrl.elidedString() + "' with computed SHA-256 in
tegrity '" + digestToString(digest) + "'. The resource has been blocked.", docum
ent); |
| 118 } else { | 119 } else { |
| 119 logErrorToConsole("There was an error computing an integrity value for r
esource '" + resourceUrl.elidedString() + "'. The resource has been blocked.", d
ocument); | 120 logErrorToConsole("There was an error computing an integrity value for r
esource '" + resourceUrl.elidedString() + "'. The resource has been blocked.", d
ocument); |
| 120 } | 121 } |
| (...skipping 152 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 273 metadataList.append(integrityMetadata); | 274 metadataList.append(integrityMetadata); |
| 274 } | 275 } |
| 275 | 276 |
| 276 if (metadataList.size() == 0 && error) | 277 if (metadataList.size() == 0 && error) |
| 277 return IntegrityParseNoValidResult; | 278 return IntegrityParseNoValidResult; |
| 278 | 279 |
| 279 return IntegrityParseValidResult; | 280 return IntegrityParseValidResult; |
| 280 } | 281 } |
| 281 | 282 |
| 282 } // namespace blink | 283 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1166773002:
Fix console messages in SRI errors. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master