| Index: third_party/WebKit/Source/core/dom/RemoteSecurityContext.cpp
|
| diff --git a/third_party/WebKit/Source/core/dom/RemoteSecurityContext.cpp b/third_party/WebKit/Source/core/dom/RemoteSecurityContext.cpp
|
| index dfc8610b5d16338674713bbee2e62aa45096c0f2..045fb89c3ffefc039d8a84831c673710f015f41b 100644
|
| --- a/third_party/WebKit/Source/core/dom/RemoteSecurityContext.cpp
|
| +++ b/third_party/WebKit/Source/core/dom/RemoteSecurityContext.cpp
|
| @@ -4,34 +4,40 @@
|
|
|
| #include "core/dom/RemoteSecurityContext.h"
|
|
|
| -#include "core/frame/csp/ContentSecurityPolicy.h"
|
| +#include "core/frame/RemoteFrameClient.h"
|
| +#include "core/frame/csp/RemoteContentSecurityPolicy.h"
|
| #include "platform/weborigin/SecurityOrigin.h"
|
| #include "wtf/Assertions.h"
|
|
|
| namespace blink {
|
|
|
| -RemoteSecurityContext::RemoteSecurityContext()
|
| +RemoteSecurityContext::RemoteSecurityContext(RemoteFrameClient* remoteFrameClient)
|
| : SecurityContext()
|
| + , m_remoteFrameClient(remoteFrameClient)
|
| {
|
| // RemoteSecurityContext's origin is expected to stay uninitialized until
|
| // we set it using replicated origin data from the browser process.
|
| DCHECK(!getSecurityOrigin());
|
|
|
| + // Caller needs to pass a non-null |remoteFrameClient|.
|
| + DCHECK(remoteFrameClient);
|
| +
|
| // Start with a clean slate.
|
| - setContentSecurityPolicy(ContentSecurityPolicy::create());
|
| + setContentSecurityPolicy(RemoteContentSecurityPolicy::create(m_remoteFrameClient));
|
|
|
| // FIXME: Document::initSecurityContext has a few other things we may
|
| // eventually want here, such as enforcing a setting to
|
| // grantUniversalAccess().
|
| }
|
|
|
| -RemoteSecurityContext* RemoteSecurityContext::create()
|
| +RemoteSecurityContext* RemoteSecurityContext::create(RemoteFrameClient* remoteFrameClient)
|
| {
|
| - return new RemoteSecurityContext();
|
| + return new RemoteSecurityContext(remoteFrameClient);
|
| }
|
|
|
| DEFINE_TRACE(RemoteSecurityContext)
|
| {
|
| + visitor->trace(m_remoteFrameClient);
|
| SecurityContext::trace(visitor);
|
| }
|
|
|
| @@ -45,7 +51,7 @@ void RemoteSecurityContext::setReplicatedOrigin(PassRefPtr<SecurityOrigin> origi
|
| void RemoteSecurityContext::resetReplicatedContentSecurityPolicy()
|
| {
|
| DCHECK(getSecurityOrigin());
|
| - setContentSecurityPolicy(ContentSecurityPolicy::create());
|
| + setContentSecurityPolicy(RemoteContentSecurityPolicy::create(m_remoteFrameClient));
|
| contentSecurityPolicy()->setupSelf(*getSecurityOrigin());
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 2190183002:
Forward CSP violation reporting from RenderFrameProxy to RenderFrameImpl.
Base URL: https://chromium.googlesource.com/chromium/src.git@master