Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp |
diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp |
index 2df252450035ef6b9a2f5743622acb5fed441688..5ca583b9d6541b03f1d9fa0deade27166062e22c 100644 |
--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp |
+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp |
@@ -841,16 +841,6 @@ static void gatherSecurityPolicyViolationEventData(SecurityPolicyViolationEventI |
void ContentSecurityPolicy::reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<String>& reportEndpoints, const String& header, ViolationType violationType, LocalFrame* contextFrame, RedirectStatus redirectStatus, int contextLine) |
{ |
ASSERT(violationType == URLViolation || blockedURL.isEmpty()); |
- |
- // TODO(lukasza): Support sending reports from OOPIFs - https://crbug.com/611232 |
- // (or move CSP child-src and frame-src checks to the browser process - see |
- // https://crbug.com/376522). |
- if (!m_executionContext && !contextFrame) { |
- DCHECK(equalIgnoringCase(effectiveDirective, ContentSecurityPolicy::ChildSrc) |
- || equalIgnoringCase(effectiveDirective, ContentSecurityPolicy::FrameSrc)); |
- return; |
- } |
- |
ASSERT((m_executionContext && !contextFrame) || (equalIgnoringCase(effectiveDirective, ContentSecurityPolicy::FrameAncestors) && contextFrame)); |
// FIXME: Support sending reports from worker. |
@@ -1125,4 +1115,15 @@ void ContentSecurityPolicy::didSendViolationReport(const String& report) |
m_violationReportsSent.add(report.impl()->hash()); |
} |
+bool ContentSecurityPolicy::coversReportEndpoint(const String& reportEndpointToVerify) |
+{ |
+ for (const auto& policyList : m_policies) { |
+ for (const String& actualReportEndpoint : policyList->reportEndpoints()) { |
+ if (actualReportEndpoint == reportEndpointToVerify) |
+ return true; |
+ } |
+ } |
+ return false; |
+} |
+ |
} // namespace blink |