OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv
ed. | 5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv
ed. |
6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> | 6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> |
7 * | 7 * |
8 * This library is free software; you can redistribute it and/or | 8 * This library is free software; you can redistribute it and/or |
9 * modify it under the terms of the GNU Library General Public | 9 * modify it under the terms of the GNU Library General Public |
10 * License as published by the Free Software Foundation; either | 10 * License as published by the Free Software Foundation; either |
(...skipping 357 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
368 Document* elementDocument = &(m_element->document()); | 368 Document* elementDocument = &(m_element->document()); |
369 Document* contextDocument = elementDocument->contextDocument(); | 369 Document* contextDocument = elementDocument->contextDocument(); |
370 if (!contextDocument) | 370 if (!contextDocument) |
371 return true; | 371 return true; |
372 | 372 |
373 LocalFrame* frame = contextDocument->frame(); | 373 LocalFrame* frame = contextDocument->frame(); |
374 | 374 |
375 const ContentSecurityPolicy* csp = elementDocument->contentSecurityPolicy(); | 375 const ContentSecurityPolicy* csp = elementDocument->contentSecurityPolicy(); |
376 bool shouldBypassMainWorldCSP = (frame && frame->script().shouldBypassMainWo
rldCSP()) | 376 bool shouldBypassMainWorldCSP = (frame && frame->script().shouldBypassMainWo
rldCSP()) |
377 || csp->allowScriptWithNonce(m_element->fastGetAttribute(HTMLNames::nonc
eAttr)) | 377 || csp->allowScriptWithNonce(m_element->fastGetAttribute(HTMLNames::nonc
eAttr)) |
378 || csp->allowScriptWithHash(sourceCode.source().toString()) | 378 || csp->allowScriptWithHash(sourceCode.source().toString(), ContentSecur
ityPolicy::InlineType::Block) |
379 || (!isParserInserted() && csp->allowDynamic()); | 379 || (!isParserInserted() && csp->allowDynamic()); |
380 | 380 |
381 if (!m_isExternalScript && (!shouldBypassMainWorldCSP && !csp->allowInlineSc
ript(elementDocument->url(), m_startLineNumber, sourceCode.source().toString()))
) { | 381 if (!m_isExternalScript && (!shouldBypassMainWorldCSP && !csp->allowInlineSc
ript(elementDocument->url(), m_startLineNumber, sourceCode.source().toString()))
) { |
382 return false; | 382 return false; |
383 } | 383 } |
384 | 384 |
385 if (m_isExternalScript) { | 385 if (m_isExternalScript) { |
386 ScriptResource* resource = m_resource ? m_resource.get() : sourceCode.re
source(); | 386 ScriptResource* resource = m_resource ? m_resource.get() : sourceCode.re
source(); |
387 if (resource) { | 387 if (resource) { |
388 if (!resource->mimeTypeAllowedByNosniff()) { | 388 if (!resource->mimeTypeAllowedByNosniff()) { |
(...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
523 if (isHTMLScriptLoader(element)) | 523 if (isHTMLScriptLoader(element)) |
524 return toHTMLScriptElement(element)->loader(); | 524 return toHTMLScriptElement(element)->loader(); |
525 | 525 |
526 if (isSVGScriptLoader(element)) | 526 if (isSVGScriptLoader(element)) |
527 return toSVGScriptElement(element)->loader(); | 527 return toSVGScriptElement(element)->loader(); |
528 | 528 |
529 return 0; | 529 return 0; |
530 } | 530 } |
531 | 531 |
532 } // namespace blink | 532 } // namespace blink |
OLD | NEW |