Index: Source/core/frame/ContentSecurityPolicy.cpp |
diff --git a/Source/core/frame/ContentSecurityPolicy.cpp b/Source/core/frame/ContentSecurityPolicy.cpp |
index 4c3cbe42472a78353ff0c53ffac601e356ea6179..970ab2fc211375856023f3fc5efe4338a3702d4e 100644 |
--- a/Source/core/frame/ContentSecurityPolicy.cpp |
+++ b/Source/core/frame/ContentSecurityPolicy.cpp |
@@ -1386,6 +1386,10 @@ void CSPDirectiveList::setCSPDirective(const String& name, const String& value, |
void CSPDirectiveList::applySandboxPolicy(const String& name, const String& sandboxPolicy) |
{ |
+ if (m_reportOnly) { |
+ m_policy->reportInvalidInReportOnly(name); |
+ return; |
+ } |
if (m_haveSandboxPolicy) { |
m_policy->reportDuplicateDirective(name); |
return; |
@@ -1911,6 +1915,11 @@ void ContentSecurityPolicy::reportViolation(const String& directiveText, const S |
didSendViolationReport(stringifiedReport); |
} |
+void ContentSecurityPolicy::reportInvalidInReportOnly(const String& name) const |
+{ |
+ logToConsole("The Content Security Policy directive '" + name + "' is ignored when delivered in a report-only policy."); |
+} |
+ |
void ContentSecurityPolicy::reportUnsupportedDirective(const String& name) const |
{ |
DEFINE_STATIC_LOCAL(String, allow, ("allow")); |