third_party/WebKit/Source/core/frame/csp/RemoteContentSecurityPolicy.cpp - Issue 2190183002: Forward CSP violation reporting from RenderFrameProxy to RenderFrameImpl.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: third_party/WebKit/Source/core/frame/csp/RemoteContentSecurityPolicy.cpp

Issue 2190183002: Forward CSP violation reporting from RenderFrameProxy to RenderFrameImpl. Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Sanitize report endpoints from IPC against actual CSP contents. Created 4 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/RemoteContentSecurityPolicy.h ('k') | third_party/WebKit/Source/web/AssertMatchingEnums.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2016 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "core/frame/csp/RemoteContentSecurityPolicy.h"

	6

	7 #include "core/frame/RemoteFrameClient.h"

	8 #include "wtf/Assertions.h"

	9 #include "wtf/Compiler.h"

	10

	11 namespace blink {

	12

	13 // static

	14 RemoteContentSecurityPolicy* RemoteContentSecurityPolicy::create(RemoteFrameClie nt* remoteFrameClient)

	15 {

	16 return new RemoteContentSecurityPolicy(remoteFrameClient);

	17 }

	18

	19 RemoteContentSecurityPolicy::RemoteContentSecurityPolicy(RemoteFrameClient* remo teFrameClient)

	20 : m_remoteFrameClient(remoteFrameClient)

	21 {

	22 DCHECK(remoteFrameClient);

	23 }

	24

	25 RemoteContentSecurityPolicy::~RemoteContentSecurityPolicy() {}

	26

	27 DEFINE_TRACE(RemoteContentSecurityPolicy)

	28 {

	29 visitor->trace(m_remoteFrameClient);

	30 ContentSecurityPolicy::trace(visitor);

	31 }

	32

	33 void RemoteContentSecurityPolicy::reportViolation(const String& directiveText, c onst String& effectiveDirective, const String& consoleMessage, const KURL& block edURL, const Vector<String>& reportEndpoints, const String& header, ViolationTyp e violationType, LocalFrame* contextFrame, RedirectStatus redirectStatus, int co ntextLine)

	34 {

	35 DCHECK(violationType == URLViolation \|\| blockedURL.isEmpty());

	36 DCHECK(!contextFrame);

	37

	38 // We don't want to disclose line numbers to a remote frame.

	39 ALLOW_UNUSED_LOCAL(contextLine);

	40

	41 m_remoteFrameClient->forwardContentSecurityPolicyViolation(

	42 directiveText,

	43 effectiveDirective,

	44 consoleMessage,

	45 blockedURL,

	46 reportEndpoints,

	47 header,

	48 violationType,

	49 redirectStatus == RedirectStatus::FollowedRedirect);

	50 }

	51

	52 } // namespace blink

OLD	NEW