| Index: content/browser/webui/url_data_manager_backend.cc
|
| diff --git a/content/browser/webui/url_data_manager_backend.cc b/content/browser/webui/url_data_manager_backend.cc
|
| index 1bcbdb76e9eaae056a461d785afb8dba9f71657a..69040d04bdfe246e3baa7396551439f77082f5b8 100644
|
| --- a/content/browser/webui/url_data_manager_backend.cc
|
| +++ b/content/browser/webui/url_data_manager_backend.cc
|
| @@ -47,10 +47,12 @@ namespace content {
|
|
|
| namespace {
|
|
|
| +// TODO(jacobr) remove https://www.google.com when the dependency on the
|
| +// Google Charts API is removed from the Dart Observatory.
|
| // TODO(tsepez) remove unsafe-eval when bidichecker_packaged.js fixed.
|
| const char kChromeURLContentSecurityPolicyHeaderBase[] =
|
| "Content-Security-Policy: script-src chrome://resources "
|
| - "'self' 'unsafe-eval'; ";
|
| + "'self' https://www.google.com 'unsafe-eval'; ";
|
|
|
| const char kChromeURLXFrameOptionsHeader[] = "X-Frame-Options: DENY";
|
|
|
|
|
Chromium Code Reviews
Issue 143883018:
Fix DartObservatory failure due to security policy settings. (Closed)
Base URL: svn://svn.chromium.org/chrome/branches/dart/1700/src