Index: third_party/WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp |
diff --git a/third_party/WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp b/third_party/WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp |
index ef8e865ff9caefbeb9abfe19f19a210b6ed930ae..6c35d005c8e7f42f7e7a8c14459559b05149476b 100644 |
--- a/third_party/WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp |
+++ b/third_party/WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp |
@@ -42,6 +42,7 @@ |
#include "core/dom/MessagePort.h" |
#include "core/frame/LocalDOMWindow.h" |
#include "core/frame/UseCounter.h" |
+#include "core/frame/csp/ContentSecurityPolicy.h" |
#include "modules/EventTargetModules.h" |
#include "modules/serviceworkers/ServiceWorker.h" |
#include "modules/serviceworkers/ServiceWorkerContainerClient.h" |
@@ -246,6 +247,14 @@ void ServiceWorkerContainer::registerServiceWorkerImpl(ExecutionContext* executi |
return; |
} |
+ ContentSecurityPolicy* csp = executionContext->contentSecurityPolicy(); |
+ if (csp) { |
+ if (!csp->allowWorkerContextFromSource(scriptURL, ContentSecurityPolicy::DidNotRedirect, ContentSecurityPolicy::SendReport)) { |
+ callbacks->onError(WebServiceWorkerError(WebServiceWorkerError::ErrorTypeSecurity, String("Failed to register a ServiceWorker: The provided scriptURL ('" + scriptURL.getString() + "') violates the Content Security Policy."))); |
+ return; |
+ } |
+ } |
+ |
m_provider->registerServiceWorker(patternURL, scriptURL, callbacks.leakPtr()); |
} |