OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 2168 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2179 void ContentSecurityPolicy::reportInvalidReferrer(const String& invalidValue) co
nst | 2179 void ContentSecurityPolicy::reportInvalidReferrer(const String& invalidValue) co
nst |
2180 { | 2180 { |
2181 logToConsole("The 'referrer' Content Security Policy directive has the inval
id value \"" + invalidValue + "\". Valid values are \"always\", \"default\", \"n
ever\", and \"origin\"."); | 2181 logToConsole("The 'referrer' Content Security Policy directive has the inval
id value \"" + invalidValue + "\". Valid values are \"always\", \"default\", \"n
ever\", and \"origin\"."); |
2182 } | 2182 } |
2183 | 2183 |
2184 void ContentSecurityPolicy::reportReportOnlyInMeta(const String& header) const | 2184 void ContentSecurityPolicy::reportReportOnlyInMeta(const String& header) const |
2185 { | 2185 { |
2186 logToConsole("The report-only Content Security Policy '" + header + "' was d
elivered via a <meta> element, which is disallowed. The policy has been ignored.
"); | 2186 logToConsole("The report-only Content Security Policy '" + header + "' was d
elivered via a <meta> element, which is disallowed. The policy has been ignored.
"); |
2187 } | 2187 } |
2188 | 2188 |
| 2189 void ContentSecurityPolicy::reportMetaOutsideHead(const String& header) const |
| 2190 { |
| 2191 logToConsole("The Content Security Policy '" + header + "' was delivered via
a <meta> element outside the document's <head>, which is disallowed. The policy
has been ignored."); |
| 2192 } |
| 2193 |
2189 void ContentSecurityPolicy::reportInvalidInReportOnly(const String& name) const | 2194 void ContentSecurityPolicy::reportInvalidInReportOnly(const String& name) const |
2190 { | 2195 { |
2191 logToConsole("The Content Security Policy directive '" + name + "' is ignore
d when delivered in a report-only policy."); | 2196 logToConsole("The Content Security Policy directive '" + name + "' is ignore
d when delivered in a report-only policy."); |
2192 } | 2197 } |
2193 | 2198 |
2194 void ContentSecurityPolicy::reportUnsupportedDirective(const String& name) const | 2199 void ContentSecurityPolicy::reportUnsupportedDirective(const String& name) const |
2195 { | 2200 { |
2196 DEFINE_STATIC_LOCAL(String, allow, ("allow")); | 2201 DEFINE_STATIC_LOCAL(String, allow, ("allow")); |
2197 DEFINE_STATIC_LOCAL(String, options, ("options")); | 2202 DEFINE_STATIC_LOCAL(String, options, ("options")); |
2198 DEFINE_STATIC_LOCAL(String, policyURI, ("policy-uri")); | 2203 DEFINE_STATIC_LOCAL(String, policyURI, ("policy-uri")); |
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2303 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. | 2308 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. |
2304 return !m_violationReportsSent.contains(report.impl()->hash()); | 2309 return !m_violationReportsSent.contains(report.impl()->hash()); |
2305 } | 2310 } |
2306 | 2311 |
2307 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 2312 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
2308 { | 2313 { |
2309 m_violationReportsSent.add(report.impl()->hash()); | 2314 m_violationReportsSent.add(report.impl()->hash()); |
2310 } | 2315 } |
2311 | 2316 |
2312 } // namespace WebCore | 2317 } // namespace WebCore |
OLD | NEW |