Index: third_party/WebKit/Source/core/frame/csp/RemoteContentSecurityPolicy.h |
diff --git a/third_party/WebKit/Source/core/frame/csp/RemoteContentSecurityPolicy.h b/third_party/WebKit/Source/core/frame/csp/RemoteContentSecurityPolicy.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..09e2123e77fea3cb78ebc2ecf91963321bbaade6 |
--- /dev/null |
+++ b/third_party/WebKit/Source/core/frame/csp/RemoteContentSecurityPolicy.h |
@@ -0,0 +1,43 @@ |
+// Copyright 2016 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef RemoteContentSecurityPolicy_h |
+#define RemoteContentSecurityPolicy_h |
+ |
+#include "core/frame/csp/ContentSecurityPolicy.h" |
+#include "platform/heap/Handle.h" |
+ |
+namespace blink { |
+ |
+class RemoteFrameClient; |
+ |
+// RemoteContentSecurityPolicy is a class that specializes some aspects of CSP |
+// handling for cases when CSP is associated with a RemoteSecurityContext / |
+// RemoteFrame. Such cases can occur when frame-src, parent-src or plugin-types |
+// directives need to consult CSP from a parent frame and when the parent frame |
+// is an OOPIF. An example of specialized behavior is |
+// RemoteContentSecurityPolicy::reportViolation which needs to forward |
+// processing of CSP violations into the renderer process associated with the |
+// remote frame. |
+// |
+// TODO(lukasza): This class should no longer be needed once frame-src, |
+// parent-src, plugin-types (and other similar directive) checks are moved to |
+// the browser process (https://crbug.com/376522). |
+class RemoteContentSecurityPolicy : public ContentSecurityPolicy { |
+public: |
+ static RemoteContentSecurityPolicy* create(RemoteFrameClient*); |
+ ~RemoteContentSecurityPolicy() override; |
+ DECLARE_VIRTUAL_TRACE(); |
+ |
+ void reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<String>& reportEndpoints, const String& header, ViolationType, LocalFrame*, RedirectStatus, int contextLine) override; |
+ |
+private: |
+ explicit RemoteContentSecurityPolicy(RemoteFrameClient*); |
+ |
+ Member<RemoteFrameClient> m_remoteFrameClient; |
+}; |
+ |
+} // namespace blink |
+ |
+#endif |