Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp |
diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp |
index cb2a42ea2bf70b3d84f72c2792319eea1db45e52..630aba82540592027a145273720a2d546f16b6ea 100644 |
--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp |
+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp |
@@ -724,8 +724,9 @@ static void gatherSecurityPolicyViolationEventData(SecurityPolicyViolationEventI |
} |
} |
-void ContentSecurityPolicy::reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<String>& reportEndpoints, const String& header, LocalFrame* contextFrame) |
+void ContentSecurityPolicy::reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<String>& reportEndpoints, const String& header, ViolationType violationType, LocalFrame* contextFrame) |
{ |
+ ASSERT(violationType == URLViolation || blockedURL.isEmpty()); |
ASSERT((m_executionContext && !contextFrame) || (equalIgnoringCase(effectiveDirective, ContentSecurityPolicy::FrameAncestors) && contextFrame)); |
// FIXME: Support sending reports from worker. |
@@ -768,7 +769,17 @@ void ContentSecurityPolicy::reportViolation(const String& directiveText, const S |
cspReport->setString("violated-directive", violationData.violatedDirective()); |
cspReport->setString("effective-directive", violationData.effectiveDirective()); |
cspReport->setString("original-policy", violationData.originalPolicy()); |
- cspReport->setString("blocked-uri", violationData.blockedURI()); |
+ switch (violationType) { |
+ case InlineViolation: |
+ cspReport->setString("blocked-uri", "inline"); |
+ break; |
+ case EvalViolation: |
+ cspReport->setString("blocked-uri", "eval"); |
+ break; |
+ case URLViolation: |
+ cspReport->setString("blocked-uri", violationData.blockedURI()); |
+ break; |
+ } |
if (!violationData.sourceFile().isEmpty() && violationData.lineNumber()) { |
cspReport->setString("source-file", violationData.sourceFile()); |
cspReport->setNumber("line-number", violationData.lineNumber()); |