content/renderer/render_frame_impl.cc - Issue 1957783002: Replicate Content-Security-Policy into remote frame proxies.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/renderer/render_frame_impl.cc

Issue 1957783002: Replicate Content-Security-Policy into remote frame proxies. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Addressed most CR feedback from mkwst@, alexmos@ and dcheng@. Created 4 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « content/renderer/render_frame_impl.h ('k') | content/renderer/render_frame_proxy.h » ('j') | third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: content/renderer/render_frame_impl.cc

diff --git a/content/renderer/render_frame_impl.cc b/content/renderer/render_frame_impl.cc

index 8b82079aa7bc60fc6c74c3f5b813b6145973f607..a11c2a0559d00029cf170ca8eccf0f27654d3f14 100644

--- a/content/renderer/render_frame_impl.cc

+++ b/content/renderer/render_frame_impl.cc

@@ -50,6 +50,7 @@

#include "content/child/weburlresponse_extradata_impl.h"

#include "content/common/accessibility_messages.h"

#include "content/common/clipboard_messages.h"

+#include "content/common/content_security_policy_header.h"

#include "content/common/frame_messages.h"

#include "content/common/frame_replication_state.h"

#include "content/common/gpu/client/context_provider_command_buffer.h"

@@ -6014,6 +6015,20 @@ blink::ServiceRegistry* RenderFrameImpl::serviceRegistry() {

return &blink_service_registry_;

}

+void RenderFrameImpl::didAddContentSecurityPolicy(

+ const blink::WebString& header_value,

+ blink::WebContentSecurityPolicyType type,

+ blink::WebContentSecurityPolicySource source) {

+ if (!SiteIsolationPolicy::AreCrossProcessFramesPossible())

alexmos 2016/05/12 22:37:24 I think this is ok. One thought is that this migh

Łukasz Anforowicz 2016/05/13 17:29:15 This reminds me - there are other places where we

+ return;

+ ContentSecurityPolicyHeader header;

+ header.header_value = base::UTF16ToUTF8(base::StringPiece16(header_value));

+ header.type = type;

+ header.source = source;

+ Send(new FrameHostMsg_DidAddContentSecurityPolicy(routing_id_, header));

blink::WebPlugin* RenderFrameImpl::GetWebPluginForFind() {

if (!is_main_frame_)

return nullptr;