| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "core/frame/csp/CSPSourceList.h" | 5 #include "core/frame/csp/CSPSourceList.h" |
| 6 | 6 |
| 7 #include "core/frame/csp/CSPSource.h" | 7 #include "core/frame/csp/CSPSource.h" |
| 8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
| 9 #include "platform/ParsingUtilities.h" | 9 #include "platform/ParsingUtilities.h" |
| 10 #include "platform/weborigin/KURL.h" | 10 #include "platform/weborigin/KURL.h" |
| (...skipping 159 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 170 if (equalIgnoringCase("'unsafe-inline'", begin, end - begin)) { | 170 if (equalIgnoringCase("'unsafe-inline'", begin, end - begin)) { |
| 171 addSourceUnsafeInline(); | 171 addSourceUnsafeInline(); |
| 172 return true; | 172 return true; |
| 173 } | 173 } |
| 174 | 174 |
| 175 if (equalIgnoringCase("'unsafe-eval'", begin, end - begin)) { | 175 if (equalIgnoringCase("'unsafe-eval'", begin, end - begin)) { |
| 176 addSourceUnsafeEval(); | 176 addSourceUnsafeEval(); |
| 177 return true; | 177 return true; |
| 178 } | 178 } |
| 179 | 179 |
| 180 if (equalIgnoringCase("'unsafe-dynamic'", begin, end - begin)) { | 180 if (equalIgnoringCase("'strict-dynamic'", begin, end - begin)) { |
| 181 addSourceUnsafeDynamic(); | 181 addSourceStrictDynamic(); |
| 182 return true; | 182 return true; |
| 183 } | 183 } |
| 184 | 184 |
| 185 if (equalIgnoringCase("'unsafe-hashed-attributes'", begin, end - begin)) { | 185 if (equalIgnoringCase("'unsafe-hashed-attributes'", begin, end - begin)) { |
| 186 addSourceUnsafeHashedAttributes(); | 186 addSourceUnsafeHashedAttributes(); |
| 187 return true; | 187 return true; |
| 188 } | 188 } |
| 189 | 189 |
| 190 String nonce; | 190 String nonce; |
| 191 if (!parseNonce(begin, end, nonce)) | 191 if (!parseNonce(begin, end, nonce)) |
| (...skipping 305 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 497 void CSPSourceList::addSourceUnsafeInline() | 497 void CSPSourceList::addSourceUnsafeInline() |
| 498 { | 498 { |
| 499 m_allowInline = true; | 499 m_allowInline = true; |
| 500 } | 500 } |
| 501 | 501 |
| 502 void CSPSourceList::addSourceUnsafeEval() | 502 void CSPSourceList::addSourceUnsafeEval() |
| 503 { | 503 { |
| 504 m_allowEval = true; | 504 m_allowEval = true; |
| 505 } | 505 } |
| 506 | 506 |
| 507 void CSPSourceList::addSourceUnsafeDynamic() | 507 void CSPSourceList::addSourceStrictDynamic() |
| 508 { | 508 { |
| 509 m_allowDynamic = true; | 509 m_allowDynamic = true; |
| 510 } | 510 } |
| 511 | 511 |
| 512 void CSPSourceList::addSourceUnsafeHashedAttributes() | 512 void CSPSourceList::addSourceUnsafeHashedAttributes() |
| 513 { | 513 { |
| 514 m_allowHashedAttributes = true; | 514 m_allowHashedAttributes = true; |
| 515 } | 515 } |
| 516 | 516 |
| 517 void CSPSourceList::addSourceNonce(const String& nonce) | 517 void CSPSourceList::addSourceNonce(const String& nonce) |
| (...skipping 17 matching lines...) Expand all Loading... |
| 535 return false; | 535 return false; |
| 536 } | 536 } |
| 537 | 537 |
| 538 DEFINE_TRACE(CSPSourceList) | 538 DEFINE_TRACE(CSPSourceList) |
| 539 { | 539 { |
| 540 visitor->trace(m_policy); | 540 visitor->trace(m_policy); |
| 541 visitor->trace(m_list); | 541 visitor->trace(m_list); |
| 542 } | 542 } |
| 543 | 543 |
| 544 } // namespace blink | 544 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2082613002:
Rename 'unsafe-dynamic' to 'strict-dynamic' (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master