Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(98)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/frame/ContentSecurityPolicy.h

Issue 132563006: CSP 1.1: <meta> delivery should be ignored outside <head>. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: rebase. Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Source/core/dom/Document.cpp ('k') | Source/core/frame/ContentSecurityPolicy.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2011 Google, Inc. All rights reserved. 2 * Copyright (C) 2011 Google, Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
(...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after
141 void reportInvalidPathCharacter(const String& directiveName, const String& v alue, const char) const; 141 void reportInvalidPathCharacter(const String& directiveName, const String& v alue, const char) const;
142 void reportInvalidPluginTypes(const String&) const; 142 void reportInvalidPluginTypes(const String&) const;
143 void reportInvalidSandboxFlags(const String&) const; 143 void reportInvalidSandboxFlags(const String&) const;
144 void reportInvalidSourceExpression(const String& directiveName, const String & source) const; 144 void reportInvalidSourceExpression(const String& directiveName, const String & source) const;
145 void reportInvalidReflectedXSS(const String&) const; 145 void reportInvalidReflectedXSS(const String&) const;
146 void reportMissingReportURI(const String&) const; 146 void reportMissingReportURI(const String&) const;
147 void reportUnsupportedDirective(const String&) const; 147 void reportUnsupportedDirective(const String&) const;
148 void reportInvalidInReportOnly(const String&) const; 148 void reportInvalidInReportOnly(const String&) const;
149 void reportInvalidReferrer(const String&) const; 149 void reportInvalidReferrer(const String&) const;
150 void reportReportOnlyInMeta(const String&) const; 150 void reportReportOnlyInMeta(const String&) const;
151 void reportMetaOutsideHead(const String&) const;
151 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL> & reportURIs, const String& header); 152 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL> & reportURIs, const String& header);
152 153
153 void reportBlockedScriptExecutionToInspector(const String& directiveText) co nst; 154 void reportBlockedScriptExecutionToInspector(const String& directiveText) co nst;
154 155
155 const KURL url() const; 156 const KURL url() const;
156 KURL completeURL(const String&) const; 157 KURL completeURL(const String&) const;
157 SecurityOrigin* securityOrigin() const; 158 SecurityOrigin* securityOrigin() const;
158 void enforceSandboxFlags(SandboxFlags) const; 159 void enforceSandboxFlags(SandboxFlags) const;
159 String evalDisabledErrorMessage() const; 160 String evalDisabledErrorMessage() const;
160 String styleEvalDisabledErrorMessage() const; 161 String styleEvalDisabledErrorMessage() const;
(...skipping 23 matching lines...) Expand all
184 // We put the hash functions used on the policy object so that we only need 185 // We put the hash functions used on the policy object so that we only need
185 // to calculate a hash once and then distribute it to all of the directives 186 // to calculate a hash once and then distribute it to all of the directives
186 // for validation. 187 // for validation.
187 uint8_t m_scriptHashAlgorithmsUsed; 188 uint8_t m_scriptHashAlgorithmsUsed;
188 uint8_t m_styleHashAlgorithmsUsed; 189 uint8_t m_styleHashAlgorithmsUsed;
189 }; 190 };
190 191
191 } 192 }
192 193
193 #endif 194 #endif
OLDNEW
« no previous file with comments | « Source/core/dom/Document.cpp ('k') | Source/core/frame/ContentSecurityPolicy.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698