Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(802)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/renderer/render_frame_proxy.cc

Issue 2190183002: Forward CSP violation reporting from RenderFrameProxy to RenderFrameImpl. Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Sanitize report endpoints from IPC against actual CSP contents. Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/renderer/render_frame_proxy.h ('k') | third_party/WebKit/LayoutTests/FlagExpectations/site-per-process » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/renderer/render_frame_proxy.cc
diff --git a/content/renderer/render_frame_proxy.cc b/content/renderer/render_frame_proxy.cc
index d25f170c488f5405f9daa2ac366fae829cd8482e..4ecc79b1a99f0ed18d332d62d9cd3da7f5a39161 100644
--- a/content/renderer/render_frame_proxy.cc
+++ b/content/renderer/render_frame_proxy.cc
@@ -12,7 +12,7 @@
#include "base/lazy_instance.h"
#include "content/child/web_url_request_util.h"
#include "content/child/webmessageportchannel_impl.h"
-#include "content/common/content_security_policy_header.h"
+#include "content/common/content_security_policy_structs.h"
#include "content/common/frame_messages.h"
#include "content/common/frame_owner_properties.h"
#include "content/common/frame_replication_state.h"
@@ -500,4 +500,31 @@ void RenderFrameProxy::frameFocused() {
Send(new FrameHostMsg_FrameFocused(routing_id_));
}
+void RenderFrameProxy::forwardContentSecurityPolicyViolation(
+ const blink::WebString& directive_text,
+ const blink::WebString& effective_directive,
+ const blink::WebString& console_message,
+ const blink::WebURL& blocked_url,
+ const blink::WebVector<blink::WebString>& report_endpoints,
+ const blink::WebString& header,
+ blink::WebContentSecurityPolicyViolationType violation_type,
+ bool followed_redirect) {
+ content::ContentSecurityPolicyViolation violation;
+ violation.directive_text = directive_text.utf8();
+ violation.effective_directive = effective_directive.utf8();
+ violation.console_message = console_message.utf8();
+ violation.blocked_url = blocked_url;
+
+ violation.report_endpoints.reserve(report_endpoints.size());
+ for (const blink::WebString& report_endpoint : report_endpoints)
+ violation.report_endpoints.push_back(report_endpoint.utf8());
+
+ violation.header = header.utf8();
+ violation.violation_type = violation_type;
+ violation.followed_redirect = followed_redirect;
+
+ Send(new FrameHostMsg_ForwardContentSecurityPolicyViolation(
+ routing_id_, web_frame_->getSecurityOrigin(), violation));
+}
+
} // namespace
« no previous file with comments | « content/renderer/render_frame_proxy.h ('k') | third_party/WebKit/LayoutTests/FlagExpectations/site-per-process » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698