Index: third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h |
diff --git a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h |
index 257ccb0ef2b40cd38faa8a21fed5e6c7c6b2a1b6..50c938757911beac334c0e46a096b786180bda5a 100644 |
--- a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h |
+++ b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h |
@@ -66,6 +66,8 @@ public: |
bool allowStyleHash(const CSPHashValue&, ContentSecurityPolicy::InlineType) const; |
bool allowDynamic() const; |
+ bool allowRequestWithoutIntegrity(WebURLRequest::RequestContext, const KURL&, ResourceRequest::RedirectStatus, ContentSecurityPolicy::ReportingStatus) const; |
+ |
bool strictMixedContentChecking() const { return m_strictMixedContentCheckingEnforced; } |
void reportMixedContent(const KURL& mixedURL, ResourceRequest::RedirectStatus) const; |
@@ -75,6 +77,7 @@ public: |
bool didSetReferrerPolicy() const { return m_didSetReferrerPolicy; } |
bool isReportOnly() const { return m_reportOnly; } |
const Vector<String>& reportEndpoints() const { return m_reportEndpoints; } |
+ uint8_t requireSRIForTokens() const { return m_requireSRIFor; } |
bool isFrameAncestorsEnforced() const { return m_frameAncestors.get() && !m_reportOnly; } |
// Used to copy plugin-types into a plugin document in a nested |
@@ -89,9 +92,16 @@ public: |
private: |
FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, IsMatchingNoncePresent); |
+ enum RequireSRIForToken { |
+ None = 0, |
+ Script = 1 << 0, |
+ Style = 1 << 1 |
+ }; |
+ |
CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, ContentSecurityPolicyHeaderSource); |
bool parseDirective(const UChar* begin, const UChar* end, String& name, String& value); |
+ void parseRequireSRIFor(const String& name, const String& value); |
void parseReportURI(const String& name, const String& value); |
void parsePluginTypes(const String& name, const String& value); |
void parseReflectedXSS(const String& name, const String& value); |
@@ -121,6 +131,7 @@ private: |
bool checkSource(SourceListDirective*, const KURL&, ResourceRequest::RedirectStatus) const; |
bool checkMediaType(MediaListDirective*, const String& type, const String& typeAttribute) const; |
bool checkAncestors(SourceListDirective*, LocalFrame*) const; |
+ bool checkRequestWithoutIntegrity(WebURLRequest::RequestContext) const; |
void setEvalDisabledErrorMessage(const String& errorMessage) { m_evalDisabledErrorMessage = errorMessage; } |
@@ -130,6 +141,7 @@ private: |
bool checkSourceAndReportViolation(SourceListDirective*, const KURL&, const String& effectiveDirective, ResourceRequest::RedirectStatus) const; |
bool checkMediaTypeAndReportViolation(MediaListDirective*, const String& type, const String& typeAttribute, const String& consoleMessage) const; |
bool checkAncestorsAndReportViolation(SourceListDirective*, LocalFrame*, const KURL&) const; |
+ bool checkRequestWithoutIntegrityAndReportViolation(WebURLRequest::RequestContext, const KURL&, ResourceRequest::RedirectStatus) const; |
bool denyIfEnforcingPolicy() const { return m_reportOnly; } |
@@ -167,6 +179,8 @@ private: |
Member<SourceListDirective> m_scriptSrc; |
Member<SourceListDirective> m_styleSrc; |
+ uint8_t m_requireSRIFor; |
+ |
Vector<String> m_reportEndpoints; |
String m_evalDisabledErrorMessage; |