| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "core/dom/RemoteSecurityContext.h" | 5 #include "core/dom/RemoteSecurityContext.h" |
| 6 | 6 |
| 7 #include "core/frame/csp/ContentSecurityPolicy.h" | 7 #include "core/frame/RemoteFrameClient.h" |
| 8 #include "core/frame/csp/RemoteContentSecurityPolicy.h" |
| 8 #include "platform/weborigin/SecurityOrigin.h" | 9 #include "platform/weborigin/SecurityOrigin.h" |
| 9 #include "wtf/Assertions.h" | 10 #include "wtf/Assertions.h" |
| 10 | 11 |
| 11 namespace blink { | 12 namespace blink { |
| 12 | 13 |
| 13 RemoteSecurityContext::RemoteSecurityContext() | 14 RemoteSecurityContext::RemoteSecurityContext(RemoteFrameClient* remoteFrameClien
t) |
| 14 : SecurityContext() | 15 : SecurityContext() |
| 16 , m_remoteFrameClient(remoteFrameClient) |
| 15 { | 17 { |
| 16 // RemoteSecurityContext's origin is expected to stay uninitialized until | 18 // RemoteSecurityContext's origin is expected to stay uninitialized until |
| 17 // we set it using replicated origin data from the browser process. | 19 // we set it using replicated origin data from the browser process. |
| 18 DCHECK(!getSecurityOrigin()); | 20 DCHECK(!getSecurityOrigin()); |
| 19 | 21 |
| 22 // Caller needs to pass a non-null |remoteFrameClient|. |
| 23 DCHECK(remoteFrameClient); |
| 24 |
| 20 // Start with a clean slate. | 25 // Start with a clean slate. |
| 21 setContentSecurityPolicy(ContentSecurityPolicy::create()); | 26 setContentSecurityPolicy(RemoteContentSecurityPolicy::create(m_remoteFrameCl
ient)); |
| 22 | 27 |
| 23 // FIXME: Document::initSecurityContext has a few other things we may | 28 // FIXME: Document::initSecurityContext has a few other things we may |
| 24 // eventually want here, such as enforcing a setting to | 29 // eventually want here, such as enforcing a setting to |
| 25 // grantUniversalAccess(). | 30 // grantUniversalAccess(). |
| 26 } | 31 } |
| 27 | 32 |
| 28 RemoteSecurityContext* RemoteSecurityContext::create() | 33 RemoteSecurityContext* RemoteSecurityContext::create(RemoteFrameClient* remoteFr
ameClient) |
| 29 { | 34 { |
| 30 return new RemoteSecurityContext(); | 35 return new RemoteSecurityContext(remoteFrameClient); |
| 31 } | 36 } |
| 32 | 37 |
| 33 DEFINE_TRACE(RemoteSecurityContext) | 38 DEFINE_TRACE(RemoteSecurityContext) |
| 34 { | 39 { |
| 40 visitor->trace(m_remoteFrameClient); |
| 35 SecurityContext::trace(visitor); | 41 SecurityContext::trace(visitor); |
| 36 } | 42 } |
| 37 | 43 |
| 38 void RemoteSecurityContext::setReplicatedOrigin(PassRefPtr<SecurityOrigin> origi
n) | 44 void RemoteSecurityContext::setReplicatedOrigin(PassRefPtr<SecurityOrigin> origi
n) |
| 39 { | 45 { |
| 40 DCHECK(origin); | 46 DCHECK(origin); |
| 41 setSecurityOrigin(origin); | 47 setSecurityOrigin(origin); |
| 42 contentSecurityPolicy()->setupSelf(*getSecurityOrigin()); | 48 contentSecurityPolicy()->setupSelf(*getSecurityOrigin()); |
| 43 } | 49 } |
| 44 | 50 |
| 45 void RemoteSecurityContext::resetReplicatedContentSecurityPolicy() | 51 void RemoteSecurityContext::resetReplicatedContentSecurityPolicy() |
| 46 { | 52 { |
| 47 DCHECK(getSecurityOrigin()); | 53 DCHECK(getSecurityOrigin()); |
| 48 setContentSecurityPolicy(ContentSecurityPolicy::create()); | 54 setContentSecurityPolicy(RemoteContentSecurityPolicy::create(m_remoteFrameCl
ient)); |
| 49 contentSecurityPolicy()->setupSelf(*getSecurityOrigin()); | 55 contentSecurityPolicy()->setupSelf(*getSecurityOrigin()); |
| 50 } | 56 } |
| 51 | 57 |
| 52 } // namespace blink | 58 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2190183002:
Forward CSP violation reporting from RenderFrameProxy to RenderFrameImpl.
Base URL: https://chromium.googlesource.com/chromium/src.git@master