Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1097)

Unified Diff: third_party/WebKit/Source/core/fetch/ScriptResource.h

Issue 1675183003: Fix SRI bypass by loading same resource twice in same origin. (Closed) Base URL: https://chromium.googlesource.com/chromium/src@master
Patch Set: Rebase on ToT Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: third_party/WebKit/Source/core/fetch/ScriptResource.h
diff --git a/third_party/WebKit/Source/core/fetch/ScriptResource.h b/third_party/WebKit/Source/core/fetch/ScriptResource.h
index c49f1c07077d1fb6f3ce63acb8ece9abc06d57d6..9f0b9a207af26f57f7cd7ad1164ec08f6fbbb5ba 100644
--- a/third_party/WebKit/Source/core/fetch/ScriptResource.h
+++ b/third_party/WebKit/Source/core/fetch/ScriptResource.h
@@ -34,6 +34,12 @@
namespace blink {
+enum class ScriptIntegrityDisposition {
+ NotChecked = 0,
+ Failed,
+ Passed
+};
+
class FetchRequest;
class ScriptResource;
@@ -74,8 +80,9 @@ public:
void setIntegrityMetadata(const IntegrityMetadataSet& metadata) { m_integrityMetadata = metadata; }
const IntegrityMetadataSet& integrityMetadata() const { return m_integrityMetadata; }
- void setIntegrityAlreadyChecked(bool checked) { m_integrityChecked = checked; }
- bool integrityAlreadyChecked() { return m_integrityChecked; }
+ // The argument must never be |NotChecked|.
+ void setIntegrityDisposition(ScriptIntegrityDisposition);
+ ScriptIntegrityDisposition integrityDisposition() { return m_integrityDisposition; }
bool mustRefetchDueToIntegrityMetadata(const FetchRequest&) const override;
private:
@@ -92,7 +99,7 @@ private:
ScriptResource(const ResourceRequest&, const String& charset);
- bool m_integrityChecked;
+ ScriptIntegrityDisposition m_integrityDisposition;
IntegrityMetadataSet m_integrityMetadata;
CompressibleString m_script;
« no previous file with comments | « third_party/WebKit/Source/core/dom/PendingScript.cpp ('k') | third_party/WebKit/Source/core/fetch/ScriptResource.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698