| Index: chrome/browser/ui/webui/system_info_ui.cc
|
| diff --git a/chrome/browser/ui/webui/system_info_ui.cc b/chrome/browser/ui/webui/system_info_ui.cc
|
| index 7aa85064f3ed80f6e9d09f6b65feaa2129992668..11631235af9b81e29c735dca1d50890b0a5e56b0 100644
|
| --- a/chrome/browser/ui/webui/system_info_ui.cc
|
| +++ b/chrome/browser/ui/webui/system_info_ui.cc
|
| @@ -59,7 +59,15 @@ class SystemInfoUIHTMLSource : public content::URLDataSource{
|
| std::string GetMimeType(const std::string&) const override {
|
| return "text/html";
|
| }
|
| - bool ShouldAddContentSecurityPolicy() const override { return false; }
|
| + std::string GetContentSecurityPolicyScriptSrc() const override {
|
| + // 'unsafe-inline' is added to script-src.
|
| + return "script-src 'self' chrome://resources 'unsafe-eval' "
|
| + "'unsafe-inline';";
|
| + }
|
| +
|
| + std::string GetContentSecurityPolicyStyleSrc() const override {
|
| + return "style-src 'self' chrome://resources 'unsafe-inline';";
|
| + }
|
|
|
| private:
|
| ~SystemInfoUIHTMLSource() override {}
|
|
|
Chromium Code Reviews
Issue 2003963004:
Enable CSP on more WebUI pages (Closed)
Base URL: https://chromium.googlesource.com/a/chromium/src.git@master