Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(506)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/frame/ContentSecurityPolicy.h

Issue 132563006: CSP 1.1: <meta> delivery should be ignored outside <head>. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« Source/core/dom/Document.h ('K') | « Source/core/dom/Document.cpp ('k') | Source/core/frame/ContentSecurityPolicy.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2011 Google, Inc. All rights reserved. 2 * Copyright (C) 2011 Google, Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after
139 void reportInvalidPathCharacter(const String& directiveName, const String& v alue, const char) const; 139 void reportInvalidPathCharacter(const String& directiveName, const String& v alue, const char) const;
140 void reportInvalidPluginTypes(const String&) const; 140 void reportInvalidPluginTypes(const String&) const;
141 void reportInvalidSandboxFlags(const String&) const; 141 void reportInvalidSandboxFlags(const String&) const;
142 void reportInvalidSourceExpression(const String& directiveName, const String & source) const; 142 void reportInvalidSourceExpression(const String& directiveName, const String & source) const;
143 void reportInvalidReflectedXSS(const String&) const; 143 void reportInvalidReflectedXSS(const String&) const;
144 void reportMissingReportURI(const String&) const; 144 void reportMissingReportURI(const String&) const;
145 void reportUnsupportedDirective(const String&) const; 145 void reportUnsupportedDirective(const String&) const;
146 void reportInvalidInReportOnly(const String&) const; 146 void reportInvalidInReportOnly(const String&) const;
147 void reportInvalidReferrer(const String&) const; 147 void reportInvalidReferrer(const String&) const;
148 void reportReportOnlyInMeta(const String&) const; 148 void reportReportOnlyInMeta(const String&) const;
149 void reportMetaOutsideHead(const String&) const;
149 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL> & reportURIs, const String& header); 150 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL> & reportURIs, const String& header);
150 151
151 void reportBlockedScriptExecutionToInspector(const String& directiveText) co nst; 152 void reportBlockedScriptExecutionToInspector(const String& directiveText) co nst;
152 153
153 const KURL url() const; 154 const KURL url() const;
154 KURL completeURL(const String&) const; 155 KURL completeURL(const String&) const;
155 SecurityOrigin* securityOrigin() const; 156 SecurityOrigin* securityOrigin() const;
156 void enforceSandboxFlags(SandboxFlags) const; 157 void enforceSandboxFlags(SandboxFlags) const;
157 String evalDisabledErrorMessage() const; 158 String evalDisabledErrorMessage() const;
158 String styleEvalDisabledErrorMessage() const; 159 String styleEvalDisabledErrorMessage() const;
(...skipping 22 matching lines...) Expand all
181 // We put the hash functions used on the policy object so that we only need 182 // We put the hash functions used on the policy object so that we only need
182 // to calculate a hash once and then distribute it to all of the directives 183 // to calculate a hash once and then distribute it to all of the directives
183 // for validation. 184 // for validation.
184 uint8_t m_scriptHashAlgorithmsUsed; 185 uint8_t m_scriptHashAlgorithmsUsed;
185 uint8_t m_styleHashAlgorithmsUsed; 186 uint8_t m_styleHashAlgorithmsUsed;
186 }; 187 };
187 188
188 } 189 }
189 190
190 #endif 191 #endif
OLDNEW
« Source/core/dom/Document.h ('K') | « Source/core/dom/Document.cpp ('k') | Source/core/frame/ContentSecurityPolicy.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698