Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h |
diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h |
index df15db748397dfd954cae78b00374f1f59d43b9a..7a371065974e896725b56e5ef5a39b96a28748d8 100644 |
--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h |
+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h |
@@ -123,6 +123,16 @@ public: |
WillNotThrowException |
}; |
+ // This covers the possible values of a violation's 'resource', as defined in |
+ // https://w3c.github.io/webappsec-csp/#violation-resource. By the time we |
+ // generate a report, we're guaranteed that the value isn't 'null', so we don't |
+ // need that state in this enum. |
+ enum ViolationType { |
+ InlineViolation, |
+ EvalViolation, |
+ URLViolation |
+ }; |
+ |
static PassRefPtrWillBeRawPtr<ContentSecurityPolicy> create() |
{ |
return adoptRefWillBeNoop(new ContentSecurityPolicy()); |
@@ -226,7 +236,7 @@ public: |
// If a frame is passed in, the report will be sent using it as a context. If no frame is |
// passed in, the report will be sent via this object's |m_executionContext| (or dropped |
// on the floor if no such context is available). |
- void reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<String>& reportEndpoints, const String& header, LocalFrame* = nullptr); |
+ void reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<String>& reportEndpoints, const String& header, ViolationType, LocalFrame* = nullptr); |
void reportBlockedScriptExecutionToInspector(const String& directiveText) const; |