| Index: Source/core/frame/ContentSecurityPolicy.cpp
|
| diff --git a/Source/core/frame/ContentSecurityPolicy.cpp b/Source/core/frame/ContentSecurityPolicy.cpp
|
| index 47d0658d74128a63320d72f947e0333dbda4d804..bd2de552633180811cfdd21af0720d2a92149e03 100644
|
| --- a/Source/core/frame/ContentSecurityPolicy.cpp
|
| +++ b/Source/core/frame/ContentSecurityPolicy.cpp
|
| @@ -2186,6 +2186,11 @@ void ContentSecurityPolicy::reportReportOnlyInMeta(const String& header) const
|
| logToConsole("The report-only Content Security Policy '" + header + "' was delivered via a <meta> element, which is disallowed. The policy has been ignored.");
|
| }
|
|
|
| +void ContentSecurityPolicy::reportMetaOutsideHead(const String& header) const
|
| +{
|
| + logToConsole("The Content Security Policy '" + header + "' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.");
|
| +}
|
| +
|
| void ContentSecurityPolicy::reportInvalidInReportOnly(const String& name) const
|
| {
|
| logToConsole("The Content Security Policy directive '" + name + "' is ignored when delivered in a report-only policy.");
|
|
|
Chromium Code Reviews
Issue 132563006:
CSP 1.1: <meta> delivery should be ignored outside <head>. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master