Index: Source/core/dom/Document.cpp |
diff --git a/Source/core/dom/Document.cpp b/Source/core/dom/Document.cpp |
index b4e3993c274ca1c784bec08c5c1de641e2402c42..04b5169ba76967a44a7e4fd78aab0ddc4508ca49 100644 |
--- a/Source/core/dom/Document.cpp |
+++ b/Source/core/dom/Document.cpp |
@@ -132,6 +132,7 @@ |
#include "core/html/HTMLImport.h" |
#include "core/html/HTMLInputElement.h" |
#include "core/html/HTMLLinkElement.h" |
+#include "core/html/HTMLMetaElement.h" |
#include "core/html/HTMLNameCollection.h" |
#include "core/html/HTMLScriptElement.h" |
#include "core/html/HTMLStyleElement.h" |
@@ -2876,27 +2877,31 @@ CSSStyleSheet* Document::elementSheet() |
return m_elemSheet.get(); |
} |
-void Document::processHttpEquiv(const AtomicString& equiv, const AtomicString& content) |
+void Document::processHttpEquiv(const AtomicString& equiv, const AtomicString& content, bool inDocumentHead) |
{ |
ASSERT(!equiv.isNull() && !content.isNull()); |
- if (equalIgnoringCase(equiv, "default-style")) |
+ if (equalIgnoringCase(equiv, "default-style")) { |
processHttpEquivDefaultStyle(content); |
- else if (equalIgnoringCase(equiv, "refresh")) |
+ } else if (equalIgnoringCase(equiv, "refresh")) { |
processHttpEquivRefresh(content); |
- else if (equalIgnoringCase(equiv, "set-cookie")) |
+ } else if (equalIgnoringCase(equiv, "set-cookie")) { |
processHttpEquivSetCookie(content); |
- else if (equalIgnoringCase(equiv, "content-language")) |
+ } else if (equalIgnoringCase(equiv, "content-language")) { |
setContentLanguage(content); |
- else if (equalIgnoringCase(equiv, "x-dns-prefetch-control")) |
+ } else if (equalIgnoringCase(equiv, "x-dns-prefetch-control")) { |
parseDNSPrefetchControlHeader(content); |
- else if (equalIgnoringCase(equiv, "x-frame-options")) |
+ } else if (equalIgnoringCase(equiv, "x-frame-options")) { |
processHttpEquivXFrameOptions(content); |
- else if (equalIgnoringCase(equiv, "content-security-policy") |
+ } else if (equalIgnoringCase(equiv, "content-security-policy") |
|| equalIgnoringCase(equiv, "content-security-policy-report-only") |
|| equalIgnoringCase(equiv, "x-webkit-csp") |
- || equalIgnoringCase(equiv, "x-webkit-csp-report-only")) |
- processHttpEquivContentSecurityPolicy(equiv, content); |
+ || equalIgnoringCase(equiv, "x-webkit-csp-report-only")) { |
+ if (inDocumentHead) |
+ processHttpEquivContentSecurityPolicy(equiv, content); |
+ else |
+ contentSecurityPolicy()->reportMetaOutsideHead(content); |
+ } |
} |
void Document::processHttpEquivContentSecurityPolicy(const AtomicString& equiv, const AtomicString& content) |