OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 2171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2182 void ContentSecurityPolicy::reportInvalidReferrer(const String& invalidValue) co
nst | 2182 void ContentSecurityPolicy::reportInvalidReferrer(const String& invalidValue) co
nst |
2183 { | 2183 { |
2184 logToConsole("The 'referrer' Content Security Policy directive has the inval
id value \"" + invalidValue + "\". Valid values are \"always\", \"default\", \"n
ever\", and \"origin\"."); | 2184 logToConsole("The 'referrer' Content Security Policy directive has the inval
id value \"" + invalidValue + "\". Valid values are \"always\", \"default\", \"n
ever\", and \"origin\"."); |
2185 } | 2185 } |
2186 | 2186 |
2187 void ContentSecurityPolicy::reportReportOnlyInMeta(const String& header) const | 2187 void ContentSecurityPolicy::reportReportOnlyInMeta(const String& header) const |
2188 { | 2188 { |
2189 logToConsole("The report-only Content Security Policy '" + header + "' was d
elivered via a <meta> element, which is disallowed. The policy has been ignored.
"); | 2189 logToConsole("The report-only Content Security Policy '" + header + "' was d
elivered via a <meta> element, which is disallowed. The policy has been ignored.
"); |
2190 } | 2190 } |
2191 | 2191 |
| 2192 void ContentSecurityPolicy::reportMetaOutsideHead(const String& header) const |
| 2193 { |
| 2194 logToConsole("The Content Security Policy '" + header + "' was delivered via
a <meta> element outside the document's <head>, which is disallowed. The policy
has been ignored."); |
| 2195 } |
| 2196 |
2192 void ContentSecurityPolicy::reportInvalidInReportOnly(const String& name) const | 2197 void ContentSecurityPolicy::reportInvalidInReportOnly(const String& name) const |
2193 { | 2198 { |
2194 logToConsole("The Content Security Policy directive '" + name + "' is ignore
d when delivered in a report-only policy."); | 2199 logToConsole("The Content Security Policy directive '" + name + "' is ignore
d when delivered in a report-only policy."); |
2195 } | 2200 } |
2196 | 2201 |
2197 void ContentSecurityPolicy::reportUnsupportedDirective(const String& name) const | 2202 void ContentSecurityPolicy::reportUnsupportedDirective(const String& name) const |
2198 { | 2203 { |
2199 DEFINE_STATIC_LOCAL(String, allow, ("allow")); | 2204 DEFINE_STATIC_LOCAL(String, allow, ("allow")); |
2200 DEFINE_STATIC_LOCAL(String, options, ("options")); | 2205 DEFINE_STATIC_LOCAL(String, options, ("options")); |
2201 DEFINE_STATIC_LOCAL(String, policyURI, ("policy-uri")); | 2206 DEFINE_STATIC_LOCAL(String, policyURI, ("policy-uri")); |
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2306 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. | 2311 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. |
2307 return !m_violationReportsSent.contains(report.impl()->hash()); | 2312 return !m_violationReportsSent.contains(report.impl()->hash()); |
2308 } | 2313 } |
2309 | 2314 |
2310 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 2315 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
2311 { | 2316 { |
2312 m_violationReportsSent.add(report.impl()->hash()); | 2317 m_violationReportsSent.add(report.impl()->hash()); |
2313 } | 2318 } |
2314 | 2319 |
2315 } // namespace WebCore | 2320 } // namespace WebCore |
OLD | NEW |