third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp - Issue 2331213002: Add `disposition` to SecurityPolicyViolationEvent

Unified Diff: third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp

Issue 2331213002: Add `disposition` to SecurityPolicyViolationEvent (Closed)

Patch Set: Update SecurityPolicyViolationEventInit.idl, update test Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« third_party/WebKit/Source/core/events/SecurityPolicyViolationEvent.cpp ('K') | « third_party/WebKit/Source/core/events/SecurityPolicyViolationEventInit.idl ('k') | third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp

diff --git a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp

index ea4ffe40346258b946f66a33cc375fdf4d5f744a..1a643d47fa11090168d7ec39a064c4cd054962b8 100644

--- a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp

+++ b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp

@@ -80,21 +80,21 @@ void CSPDirectiveList::reportViolation(const String& directiveText, const String

{

String message = m_reportOnly ? "[Report Only] " + consoleMessage : consoleMessage;

m_policy->logToConsole(ConsoleMessage::create(SecurityMessageSource, ErrorMessageLevel, message));

- m_policy->reportViolation(directiveText, effectiveDirective, message, blockedURL, m_reportEndpoints, m_header, ContentSecurityPolicy::URLViolation, nullptr, redirectStatus);

+ m_policy->reportViolation(directiveText, effectiveDirective, message, blockedURL, m_reportEndpoints, m_header, m_headerType, ContentSecurityPolicy::URLViolation, nullptr, redirectStatus);

}

void CSPDirectiveList::reportViolationWithFrame(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, LocalFrame* frame) const

{

String message = m_reportOnly ? "[Report Only] " + consoleMessage : consoleMessage;

m_policy->logToConsole(ConsoleMessage::create(SecurityMessageSource, ErrorMessageLevel, message), frame);

- m_policy->reportViolation(directiveText, effectiveDirective, message, blockedURL, m_reportEndpoints, m_header, ContentSecurityPolicy::URLViolation, frame);

+ m_policy->reportViolation(directiveText, effectiveDirective, message, blockedURL, m_reportEndpoints, m_header, m_headerType, ContentSecurityPolicy::URLViolation, frame);

}

void CSPDirectiveList::reportViolationWithLocation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const String& contextURL, const WTF::OrdinalNumber& contextLine) const

{

String message = m_reportOnly ? "[Report Only] " + consoleMessage : consoleMessage;

m_policy->logToConsole(ConsoleMessage::create(SecurityMessageSource, ErrorMessageLevel, message, SourceLocation::capture(contextURL, contextLine.oneBasedInt(), 0)));

- m_policy->reportViolation(directiveText, effectiveDirective, message, blockedURL, m_reportEndpoints, m_header, ContentSecurityPolicy::InlineViolation, nullptr, RedirectStatus::NoRedirect, contextLine.oneBasedInt());

+ m_policy->reportViolation(directiveText, effectiveDirective, message, blockedURL, m_reportEndpoints, m_header, m_headerType, ContentSecurityPolicy::InlineViolation, nullptr, RedirectStatus::NoRedirect, contextLine.oneBasedInt());

}

void CSPDirectiveList::reportViolationWithState(const String& directiveText, const String& effectiveDirective, const String& message, const KURL& blockedURL, ScriptState* scriptState, const ContentSecurityPolicy::ExceptionStatus exceptionStatus) const

@@ -108,7 +108,7 @@ void CSPDirectiveList::reportViolationWithState(const String& directiveText, con

ConsoleMessage* consoleMessage = ConsoleMessage::create(SecurityMessageSource, ErrorMessageLevel, reportMessage);

m_policy->logToConsole(consoleMessage);

}

- m_policy->reportViolation(directiveText, effectiveDirective, message, blockedURL, m_reportEndpoints, m_header, ContentSecurityPolicy::EvalViolation);

+ m_policy->reportViolation(directiveText, effectiveDirective, message, blockedURL, m_reportEndpoints, m_header, m_headerType, ContentSecurityPolicy::EvalViolation);

}

bool CSPDirectiveList::checkEval(SourceListDirective* directive) const

@@ -144,7 +144,7 @@ bool CSPDirectiveList::checkDynamic(SourceListDirective* directive) const

void CSPDirectiveList::reportMixedContent(const KURL& mixedURL, ResourceRequest::RedirectStatus redirectStatus) const

{

if (strictMixedContentChecking())

- m_policy->reportViolation(ContentSecurityPolicy::BlockAllMixedContent, ContentSecurityPolicy::BlockAllMixedContent, String(), mixedURL, m_reportEndpoints, m_header, ContentSecurityPolicy::URLViolation, nullptr, redirectStatus);

+ m_policy->reportViolation(ContentSecurityPolicy::BlockAllMixedContent, ContentSecurityPolicy::BlockAllMixedContent, String(), mixedURL, m_reportEndpoints, m_header, m_headerType, ContentSecurityPolicy::URLViolation, nullptr, redirectStatus);

}

bool CSPDirectiveList::checkSource(SourceListDirective* directive, const KURL& url, ResourceRequest::RedirectStatus redirectStatus) const