| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2009 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 2228 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2239 } else if (metric == "npnNegotiatedProtocol") { | 2239 } else if (metric == "npnNegotiatedProtocol") { |
| 2240 feature = UseCounter::ChromeLoadTimesNpnNegotiatedProtocol; | 2240 feature = UseCounter::ChromeLoadTimesNpnNegotiatedProtocol; |
| 2241 } else if (metric == "wasAlternateProtocolAvailable") { | 2241 } else if (metric == "wasAlternateProtocolAvailable") { |
| 2242 feature = UseCounter::ChromeLoadTimesWasAlternateProtocolAvailable; | 2242 feature = UseCounter::ChromeLoadTimesWasAlternateProtocolAvailable; |
| 2243 } else if (metric == "connectionInfo") { | 2243 } else if (metric == "connectionInfo") { |
| 2244 feature = UseCounter::ChromeLoadTimesConnectionInfo; | 2244 feature = UseCounter::ChromeLoadTimesConnectionInfo; |
| 2245 } | 2245 } |
| 2246 UseCounter::count(frame(), feature); | 2246 UseCounter::count(frame(), feature); |
| 2247 } | 2247 } |
| 2248 | 2248 |
| 2249 void WebLocalFrameImpl::reportContentSecurityPolicyViolation( |
| 2250 const WebString& directiveText, |
| 2251 const WebString& effectiveDirective, |
| 2252 const WebString& consoleMessage, |
| 2253 const WebURL& blockedURL, |
| 2254 const WebVector<WebString>& reportEndpoints, |
| 2255 const WebString& header, |
| 2256 WebContentSecurityPolicyViolationType violationType, |
| 2257 bool followedRedirect) |
| 2258 { |
| 2259 Vector<String> coreReportEndpoints; |
| 2260 coreReportEndpoints.reserveInitialCapacity(reportEndpoints.size()); |
| 2261 for (const WebString& reportEndpoint : reportEndpoints) |
| 2262 coreReportEndpoints.append(reportEndpoint); |
| 2263 |
| 2264 auto redirectStatus = followedRedirect |
| 2265 ? ResourceRequest::RedirectStatus::FollowedRedirect |
| 2266 : ResourceRequest::RedirectStatus::NoRedirect; |
| 2267 |
| 2268 // This method has no |contextLine| parameter, because source information |
| 2269 // should not be disclosed cross-site and therefore caller of this method |
| 2270 // (by design) does not have access to the line number associated with this |
| 2271 // Content Security Policy violation. |
| 2272 int contextLine = 0; |
| 2273 |
| 2274 ContentSecurityPolicy* policy = m_frame->securityContext()->contentSecurityP
olicy(); |
| 2275 policy->logToConsole(ConsoleMessage::create( |
| 2276 SecurityMessageSource, |
| 2277 ErrorMessageLevel, |
| 2278 consoleMessage)); |
| 2279 policy->reportViolation( |
| 2280 directiveText, |
| 2281 effectiveDirective, |
| 2282 consoleMessage, |
| 2283 blockedURL, |
| 2284 coreReportEndpoints, |
| 2285 header, |
| 2286 static_cast<ContentSecurityPolicy::ViolationType>(violationType), |
| 2287 nullptr, // contextFrame |
| 2288 redirectStatus, |
| 2289 contextLine); |
| 2290 } |
| 2291 |
| 2249 } // namespace blink | 2292 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2190183002:
Forward CSP violation reporting from RenderFrameProxy to RenderFrameImpl.
Base URL: https://chromium.googlesource.com/chromium/src.git@master