| Index: Source/core/frame/ContentSecurityPolicy.h
|
| diff --git a/Source/core/frame/ContentSecurityPolicy.h b/Source/core/frame/ContentSecurityPolicy.h
|
| index 8ce1c87bf29a749edc42c0ad8b64ff1d0d6b41d1..8b7b688536749865070a00e614b6cd0868d6e951 100644
|
| --- a/Source/core/frame/ContentSecurityPolicy.h
|
| +++ b/Source/core/frame/ContentSecurityPolicy.h
|
| @@ -69,6 +69,11 @@ public:
|
| Enforce,
|
| };
|
|
|
| + enum HeaderSource {
|
| + HeaderSourceHTTP,
|
| + HeaderSourceMeta
|
| + };
|
| +
|
| enum ReportingStatus {
|
| SendReport,
|
| SuppressReport
|
| @@ -81,7 +86,7 @@ public:
|
| };
|
|
|
| void didReceiveHeaders(const ContentSecurityPolicyResponseHeaders&);
|
| - void didReceiveHeader(const String&, HeaderType);
|
| + void didReceiveHeader(const String&, HeaderType, HeaderSource);
|
|
|
| // These functions are wrong because they assume that there is only one header.
|
| // FIXME: Replace them with functions that return vectors.
|
| @@ -136,6 +141,7 @@ public:
|
| void reportUnsupportedDirective(const String&) const;
|
| void reportInvalidInReportOnly(const String&) const;
|
| void reportInvalidReferrer(const String&) const;
|
| + void reportReportOnlyInMeta(const String&) const;
|
| void reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL>& reportURIs, const String& header);
|
|
|
| void reportBlockedScriptExecutionToInspector(const String& directiveText) const;
|
| @@ -156,7 +162,7 @@ private:
|
| explicit ContentSecurityPolicy(ExecutionContextClient*);
|
|
|
| void logToConsole(const String& message) const;
|
| - void addPolicyFromHeaderValue(const String&, HeaderType);
|
| + void addPolicyFromHeaderValue(const String&, HeaderType, HeaderSource);
|
|
|
| bool shouldSendViolationReport(const String&) const;
|
| void didSendViolationReport(const String&);
|
|
|
Chromium Code Reviews
Issue 143113003:
CSP 1.1: Ignore report-only inside <meta>. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk