| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/system_info_ui.h" | 5 #include "chrome/browser/ui/webui/system_info_ui.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 52 // content::URLDataSource implementation. | 52 // content::URLDataSource implementation. |
| 53 std::string GetSource() const override; | 53 std::string GetSource() const override; |
| 54 void StartDataRequest( | 54 void StartDataRequest( |
| 55 const std::string& path, | 55 const std::string& path, |
| 56 int render_process_id, | 56 int render_process_id, |
| 57 int render_frame_id, | 57 int render_frame_id, |
| 58 const content::URLDataSource::GotDataCallback& callback) override; | 58 const content::URLDataSource::GotDataCallback& callback) override; |
| 59 std::string GetMimeType(const std::string&) const override { | 59 std::string GetMimeType(const std::string&) const override { |
| 60 return "text/html"; | 60 return "text/html"; |
| 61 } | 61 } |
| 62 bool ShouldAddContentSecurityPolicy() const override { return false; } | 62 std::string GetContentSecurityPolicyScriptSrc() const override { |
| 63 // Add 'unsafe-inline' to script-src. |
| 64 return "script-src 'self' chrome://resources 'unsafe-eval' " |
| 65 "'unsafe-inline';"; |
| 66 } |
| 67 |
| 68 std::string GetContentSecurityPolicyObjectSrc() const override { |
| 69 // Add style-src. |
| 70 return "object-src 'none'; style-src 'self' chrome://resources " |
| 71 "'unsafe-inline';"; |
| 72 } |
| 63 | 73 |
| 64 private: | 74 private: |
| 65 ~SystemInfoUIHTMLSource() override {} | 75 ~SystemInfoUIHTMLSource() override {} |
| 66 | 76 |
| 67 void SysInfoComplete(std::unique_ptr<SystemLogsResponse> response); | 77 void SysInfoComplete(std::unique_ptr<SystemLogsResponse> response); |
| 68 void RequestComplete(); | 78 void RequestComplete(); |
| 69 void WaitForData(); | 79 void WaitForData(); |
| 70 | 80 |
| 71 // Stored data from StartDataRequest() | 81 // Stored data from StartDataRequest() |
| 72 std::string path_; | 82 std::string path_; |
| (...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 188 | 198 |
| 189 SystemInfoUI::SystemInfoUI(content::WebUI* web_ui) : WebUIController(web_ui) { | 199 SystemInfoUI::SystemInfoUI(content::WebUI* web_ui) : WebUIController(web_ui) { |
| 190 SystemInfoHandler* handler = new SystemInfoHandler(); | 200 SystemInfoHandler* handler = new SystemInfoHandler(); |
| 191 web_ui->AddMessageHandler(handler); | 201 web_ui->AddMessageHandler(handler); |
| 192 SystemInfoUIHTMLSource* html_source = new SystemInfoUIHTMLSource(); | 202 SystemInfoUIHTMLSource* html_source = new SystemInfoUIHTMLSource(); |
| 193 | 203 |
| 194 // Set up the chrome://system/ source. | 204 // Set up the chrome://system/ source. |
| 195 Profile* profile = Profile::FromWebUI(web_ui); | 205 Profile* profile = Profile::FromWebUI(web_ui); |
| 196 content::URLDataSource::Add(profile, html_source); | 206 content::URLDataSource::Add(profile, html_source); |
| 197 } | 207 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2003963004:
Enable CSP on more WebUI pages (Closed)
Base URL: https://chromium.googlesource.com/a/chromium/src.git@master