Index: third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h |
diff --git a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h |
index 257ccb0ef2b40cd38faa8a21fed5e6c7c6b2a1b6..ba269c0f8fb846955080b9abfc138a4b6e8193ae 100644 |
--- a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h |
+++ b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h |
@@ -66,6 +66,8 @@ public: |
bool allowStyleHash(const CSPHashValue&, ContentSecurityPolicy::InlineType) const; |
bool allowDynamic() const; |
+ bool allowRequestWithoutMetadata(WebURLRequest::RequestContext, const KURL&, const IntegrityMetadataSet&, ContentSecurityPolicy::ReportingStatus) const; |
jww
2016/06/11 22:45:12
nit: I'd prefer that this have 'Integrity' somewhe
Sergey Shekyan
2016/06/20 07:12:00
I renamed it to "allowRequestWithoutIntegrity". Tr
|
+ |
bool strictMixedContentChecking() const { return m_strictMixedContentCheckingEnforced; } |
void reportMixedContent(const KURL& mixedURL, ResourceRequest::RedirectStatus) const; |
@@ -75,6 +77,7 @@ public: |
bool didSetReferrerPolicy() const { return m_didSetReferrerPolicy; } |
bool isReportOnly() const { return m_reportOnly; } |
const Vector<String>& reportEndpoints() const { return m_reportEndpoints; } |
+ const Vector<String>& requireSRIForTokens() const { return m_requireSRIFor; } |
bool isFrameAncestorsEnforced() const { return m_frameAncestors.get() && !m_reportOnly; } |
// Used to copy plugin-types into a plugin document in a nested |
@@ -92,6 +95,7 @@ private: |
CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, ContentSecurityPolicyHeaderSource); |
bool parseDirective(const UChar* begin, const UChar* end, String& name, String& value); |
+ void parseRequireSRIFor(const String& name, const String& value); |
void parseReportURI(const String& name, const String& value); |
void parsePluginTypes(const String& name, const String& value); |
void parseReflectedXSS(const String& name, const String& value); |
@@ -121,6 +125,7 @@ private: |
bool checkSource(SourceListDirective*, const KURL&, ResourceRequest::RedirectStatus) const; |
bool checkMediaType(MediaListDirective*, const String& type, const String& typeAttribute) const; |
bool checkAncestors(SourceListDirective*, LocalFrame*) const; |
+ bool checkIntegrityPresence(WebURLRequest::RequestContext, const IntegrityMetadataSet&) const; |
void setEvalDisabledErrorMessage(const String& errorMessage) { m_evalDisabledErrorMessage = errorMessage; } |
@@ -130,6 +135,7 @@ private: |
bool checkSourceAndReportViolation(SourceListDirective*, const KURL&, const String& effectiveDirective, ResourceRequest::RedirectStatus) const; |
bool checkMediaTypeAndReportViolation(MediaListDirective*, const String& type, const String& typeAttribute, const String& consoleMessage) const; |
bool checkAncestorsAndReportViolation(SourceListDirective*, LocalFrame*, const KURL&) const; |
+ bool checkIntegrityPresenceAndReportViolation(WebURLRequest::RequestContext, const KURL&, const IntegrityMetadataSet&) const; |
bool denyIfEnforcingPolicy() const { return m_reportOnly; } |
@@ -167,6 +173,8 @@ private: |
Member<SourceListDirective> m_scriptSrc; |
Member<SourceListDirective> m_styleSrc; |
+ Vector<String> m_requireSRIFor; |
+ |
Vector<String> m_reportEndpoints; |
String m_evalDisabledErrorMessage; |