| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/webui/web_ui_data_source_impl.h" | 5 #include "content/browser/webui/web_ui_data_source_impl.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 59 } | 59 } |
| 60 bool AllowCaching() const override { return false; } | 60 bool AllowCaching() const override { return false; } |
| 61 bool ShouldAddContentSecurityPolicy() const override { | 61 bool ShouldAddContentSecurityPolicy() const override { |
| 62 return parent_->add_csp_; | 62 return parent_->add_csp_; |
| 63 } | 63 } |
| 64 std::string GetContentSecurityPolicyObjectSrc() const override { | 64 std::string GetContentSecurityPolicyObjectSrc() const override { |
| 65 if (parent_->object_src_set_) | 65 if (parent_->object_src_set_) |
| 66 return parent_->object_src_; | 66 return parent_->object_src_; |
| 67 return URLDataSource::GetContentSecurityPolicyObjectSrc(); | 67 return URLDataSource::GetContentSecurityPolicyObjectSrc(); |
| 68 } | 68 } |
| 69 std::string GetContentSecurityPolicyFrameSrc() const override { | 69 std::string GetContentSecurityPolicyChildSrc() const override { |
| 70 if (parent_->frame_src_set_) | 70 if (parent_->frame_src_set_) |
| 71 return parent_->frame_src_; | 71 return parent_->frame_src_; |
| 72 return URLDataSource::GetContentSecurityPolicyFrameSrc(); | 72 return URLDataSource::GetContentSecurityPolicyChildSrc(); |
| 73 } | 73 } |
| 74 bool ShouldDenyXFrameOptions() const override { | 74 bool ShouldDenyXFrameOptions() const override { |
| 75 return parent_->deny_xframe_options_; | 75 return parent_->deny_xframe_options_; |
| 76 } | 76 } |
| 77 | 77 |
| 78 private: | 78 private: |
| 79 WebUIDataSourceImpl* parent_; | 79 WebUIDataSourceImpl* parent_; |
| 80 }; | 80 }; |
| 81 | 81 |
| 82 WebUIDataSourceImpl::WebUIDataSourceImpl(const std::string& source_name) | 82 WebUIDataSourceImpl::WebUIDataSourceImpl(const std::string& source_name) |
| (...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 162 void WebUIDataSourceImpl::DisableContentSecurityPolicy() { | 162 void WebUIDataSourceImpl::DisableContentSecurityPolicy() { |
| 163 add_csp_ = false; | 163 add_csp_ = false; |
| 164 } | 164 } |
| 165 | 165 |
| 166 void WebUIDataSourceImpl::OverrideContentSecurityPolicyObjectSrc( | 166 void WebUIDataSourceImpl::OverrideContentSecurityPolicyObjectSrc( |
| 167 const std::string& data) { | 167 const std::string& data) { |
| 168 object_src_set_ = true; | 168 object_src_set_ = true; |
| 169 object_src_ = data; | 169 object_src_ = data; |
| 170 } | 170 } |
| 171 | 171 |
| 172 void WebUIDataSourceImpl::OverrideContentSecurityPolicyFrameSrc( | 172 void WebUIDataSourceImpl::OverrideContentSecurityPolicyChildSrc( |
| 173 const std::string& data) { | 173 const std::string& data) { |
| 174 frame_src_set_ = true; | 174 frame_src_set_ = true; |
| 175 frame_src_ = data; | 175 frame_src_ = data; |
| 176 } | 176 } |
| 177 | 177 |
| 178 void WebUIDataSourceImpl::DisableDenyXFrameOptions() { | 178 void WebUIDataSourceImpl::DisableDenyXFrameOptions() { |
| 179 deny_xframe_options_ = false; | 179 deny_xframe_options_ = false; |
| 180 } | 180 } |
| 181 | 181 |
| 182 std::string WebUIDataSourceImpl::GetSource() const { | 182 std::string WebUIDataSourceImpl::GetSource() const { |
| (...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 252 } | 252 } |
| 253 | 253 |
| 254 void WebUIDataSourceImpl::SendLocalizedStringsAsJSON( | 254 void WebUIDataSourceImpl::SendLocalizedStringsAsJSON( |
| 255 const URLDataSource::GotDataCallback& callback) { | 255 const URLDataSource::GotDataCallback& callback) { |
| 256 std::string template_data; | 256 std::string template_data; |
| 257 webui::AppendJsonJS(&localized_strings_, &template_data); | 257 webui::AppendJsonJS(&localized_strings_, &template_data); |
| 258 callback.Run(base::RefCountedString::TakeString(&template_data)); | 258 callback.Run(base::RefCountedString::TakeString(&template_data)); |
| 259 } | 259 } |
| 260 | 260 |
| 261 } // namespace content | 261 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2012393003:
Replace frame-src with child-src in WebUI CSP (Closed)
Base URL: https://chromium.googlesource.com/a/chromium/src.git@csp