Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(61)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/core/dom/ScriptLoader.cpp

Issue 1389383003: WIP: Introduce CompressibleString Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« third_party/WebKit/Source/bindings/core/v8/ScriptSourceCode.cpp ('K') | « third_party/WebKit/Source/bindings/core/v8/WorkerScriptController.cpp ('k') | third_party/WebKit/Source/core/fetch/ScriptResource.h » ('j') | third_party/WebKit/Source/core/fetch/ScriptResource.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org)
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) 3 * (C) 1999 Antti Koivisto (koivisto@kde.org)
4 * (C) 2001 Dirk Mueller (mueller@kde.org) 4 * (C) 2001 Dirk Mueller (mueller@kde.org)
5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv ed. 5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv ed.
6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> 6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org>
7 * 7 *
8 * This library is free software; you can redistribute it and/or 8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Library General Public 9 * modify it under the terms of the GNU Library General Public
10 * License as published by the Free Software Foundation; either 10 * License as published by the Free Software Foundation; either
(...skipping 329 matching lines...) Expand 10 before | Expand all | Expand 10 after
340 RefPtrWillBeRawPtr<Document> elementDocument(m_element->document()); 340 RefPtrWillBeRawPtr<Document> elementDocument(m_element->document());
341 RefPtrWillBeRawPtr<Document> contextDocument = elementDocument->contextDocum ent().get(); 341 RefPtrWillBeRawPtr<Document> contextDocument = elementDocument->contextDocum ent().get();
342 if (!contextDocument) 342 if (!contextDocument)
343 return true; 343 return true;
344 344
345 LocalFrame* frame = contextDocument->frame(); 345 LocalFrame* frame = contextDocument->frame();
346 346
347 const ContentSecurityPolicy* csp = elementDocument->contentSecurityPolicy(); 347 const ContentSecurityPolicy* csp = elementDocument->contentSecurityPolicy();
348 bool shouldBypassMainWorldCSP = (frame && frame->script().shouldBypassMainWo rldCSP()) 348 bool shouldBypassMainWorldCSP = (frame && frame->script().shouldBypassMainWo rldCSP())
349 || csp->allowScriptWithNonce(m_element->fastGetAttribute(HTMLNames::nonc eAttr)) 349 || csp->allowScriptWithNonce(m_element->fastGetAttribute(HTMLNames::nonc eAttr))
350 || csp->allowScriptWithHash(sourceCode.source()); 350 || csp->allowScriptWithHash(sourceCode.source()->toString());
351 351
352 if (!m_isExternalScript && (!shouldBypassMainWorldCSP && !csp->allowInlineSc ript(elementDocument->url(), m_startLineNumber, sourceCode.source()))) { 352 if (!m_isExternalScript && (!shouldBypassMainWorldCSP && !csp->allowInlineSc ript(elementDocument->url(), m_startLineNumber, sourceCode.source()->toString()) )) {
353 return false; 353 return false;
354 } 354 }
355 355
356 if (m_isExternalScript) { 356 if (m_isExternalScript) {
357 ScriptResource* resource = m_resource ? m_resource.get() : sourceCode.re source(); 357 ScriptResource* resource = m_resource ? m_resource.get() : sourceCode.re source();
358 if (resource && !resource->mimeTypeAllowedByNosniff()) { 358 if (resource && !resource->mimeTypeAllowedByNosniff()) {
359 contextDocument->addConsoleMessage(ConsoleMessage::create(SecurityMe ssageSource, ErrorMessageLevel, "Refused to execute script from '" + resource->u rl().elidedString() + "' because its MIME type ('" + resource->mimeType() + "') is not executable, and strict MIME type checking is enabled.")); 359 contextDocument->addConsoleMessage(ConsoleMessage::create(SecurityMe ssageSource, ErrorMessageLevel, "Refused to execute script from '" + resource->u rl().elidedString() + "' because its MIME type ('" + resource->mimeType() + "') is not executable, and strict MIME type checking is enabled."));
360 return false; 360 return false;
361 } 361 }
362 362
(...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after
497 if (isHTMLScriptLoader(element)) 497 if (isHTMLScriptLoader(element))
498 return toHTMLScriptElement(element)->loader(); 498 return toHTMLScriptElement(element)->loader();
499 499
500 if (isSVGScriptLoader(element)) 500 if (isSVGScriptLoader(element))
501 return toSVGScriptElement(element)->loader(); 501 return toSVGScriptElement(element)->loader();
502 502
503 return 0; 503 return 0;
504 } 504 }
505 505
506 } // namespace blink 506 } // namespace blink
OLDNEW
« third_party/WebKit/Source/bindings/core/v8/ScriptSourceCode.cpp ('K') | « third_party/WebKit/Source/bindings/core/v8/WorkerScriptController.cpp ('k') | third_party/WebKit/Source/core/fetch/ScriptResource.h » ('j') | third_party/WebKit/Source/core/fetch/ScriptResource.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698