Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(182)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h

Issue 2002943002: CSP violation reports should report the pre-redirect URL. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebase. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp ('k') | third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2011 Google, Inc. All rights reserved. 2 * Copyright (C) 2011 Google, Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
(...skipping 220 matching lines...) Expand 10 before | Expand all | Expand 10 after
231 void reportInvalidInReportOnly(const String&); 231 void reportInvalidInReportOnly(const String&);
232 void reportInvalidDirectiveInMeta(const String& directiveName); 232 void reportInvalidDirectiveInMeta(const String& directiveName);
233 void reportInvalidReferrer(const String&); 233 void reportInvalidReferrer(const String&);
234 void reportReportOnlyInMeta(const String&); 234 void reportReportOnlyInMeta(const String&);
235 void reportMetaOutsideHead(const String&); 235 void reportMetaOutsideHead(const String&);
236 void reportValueForEmptyDirective(const String& directiveName, const String& value); 236 void reportValueForEmptyDirective(const String& directiveName, const String& value);
237 237
238 // If a frame is passed in, the report will be sent using it as a context. I f no frame is 238 // If a frame is passed in, the report will be sent using it as a context. I f no frame is
239 // passed in, the report will be sent via this object's |m_executionContext| (or dropped 239 // passed in, the report will be sent via this object's |m_executionContext| (or dropped
240 // on the floor if no such context is available). 240 // on the floor if no such context is available).
241 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL, const Vector<Strin g>& reportEndpoints, const String& header, ViolationType, LocalFrame* = nullptr) ; 241 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL, const Vector<Strin g>& reportEndpoints, const String& header, ViolationType, LocalFrame* = nullptr, RedirectStatus = RedirectStatus::FollowedRedirect);
242 242
243 // Called when mixed content is detected on a page; will trigger a violation report if 243 // Called when mixed content is detected on a page; will trigger a violation report if
244 // the 'block-all-mixed-content' directive is specified for a policy. 244 // the 'block-all-mixed-content' directive is specified for a policy.
245 void reportMixedContent(const KURL& mixedURL); 245 void reportMixedContent(const KURL& mixedURL, RedirectStatus);
246 246
247 void reportBlockedScriptExecutionToInspector(const String& directiveText) co nst; 247 void reportBlockedScriptExecutionToInspector(const String& directiveText) co nst;
248 248
249 const KURL url() const; 249 const KURL url() const;
250 void enforceSandboxFlags(SandboxFlags); 250 void enforceSandboxFlags(SandboxFlags);
251 void enforceStrictMixedContentChecking(); 251 void enforceStrictMixedContentChecking();
252 void treatAsPublicAddress(); 252 void treatAsPublicAddress();
253 String evalDisabledErrorMessage() const; 253 String evalDisabledErrorMessage() const;
254 254
255 void setInsecureRequestsPolicy(SecurityContext::InsecureRequestsPolicy); 255 void setInsecureRequestsPolicy(SecurityContext::InsecureRequestsPolicy);
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after
304 String m_disableEvalErrorMessage; 304 String m_disableEvalErrorMessage;
305 SecurityContext::InsecureRequestsPolicy m_insecureRequestsPolicy; 305 SecurityContext::InsecureRequestsPolicy m_insecureRequestsPolicy;
306 306
307 Member<CSPSource> m_selfSource; 307 Member<CSPSource> m_selfSource;
308 String m_selfProtocol; 308 String m_selfProtocol;
309 }; 309 };
310 310
311 } // namespace blink 311 } // namespace blink
312 312
313 #endif 313 #endif
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp ('k') | third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698