| Index: Source/core/frame/ContentSecurityPolicy.cpp
|
| diff --git a/Source/core/frame/ContentSecurityPolicy.cpp b/Source/core/frame/ContentSecurityPolicy.cpp
|
| index b3e3a1b0a210ec1bc934ed13e8e01d8dd0a0e857..5414ba717ea678f3b58df5eb6a5afd0a020a705d 100644
|
| --- a/Source/core/frame/ContentSecurityPolicy.cpp
|
| +++ b/Source/core/frame/ContentSecurityPolicy.cpp
|
| @@ -2189,6 +2189,11 @@ void ContentSecurityPolicy::reportReportOnlyInMeta(const String& header) const
|
| logToConsole("The report-only Content Security Policy '" + header + "' was delivered via a <meta> element, which is disallowed. The policy has been ignored.");
|
| }
|
|
|
| +void ContentSecurityPolicy::reportMetaOutsideHead(const String& header) const
|
| +{
|
| + logToConsole("The Content Security Policy '" + header + "' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.");
|
| +}
|
| +
|
| void ContentSecurityPolicy::reportInvalidInReportOnly(const String& name) const
|
| {
|
| logToConsole("The Content Security Policy directive '" + name + "' is ignored when delivered in a report-only policy.");
|
|
|
Chromium Code Reviews
Issue 132563006:
CSP 1.1: <meta> delivery should be ignored outside <head>. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master