third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp - Issue 2331213002: Add `disposition` to SecurityPolicyViolationEvent

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

Issue 2331213002: Add `disposition` to SecurityPolicyViolationEvent (Closed)

Patch Set: Fix a typo in rebased test expectation Created 4 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

index 20fd403634bfeb45b58118b95618255ee188787f..3ff396642f61a6722b5b1cf7f35136afc2fc77c1 100644

--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

@@ -1055,6 +1055,7 @@ static void gatherSecurityPolicyViolationEventData(

const KURL& blockedURL,

const String& header,

RedirectStatus redirectStatus,

+ ContentSecurityPolicyHeaderType headerType,

ContentSecurityPolicy::ViolationType violationType,

int contextLine) {

if (equalIgnoringCase(effectiveDirective,

@@ -1083,6 +1084,9 @@ static void gatherSecurityPolicyViolationEventData(

init.setViolatedDirective(directiveText);

init.setEffectiveDirective(effectiveDirective);

init.setOriginalPolicy(header);

+ init.setDisposition(headerType == ContentSecurityPolicyHeaderTypeEnforce

+ ? "enforce"

+ : "report");

init.setSourceFile(String());

init.setLineNumber(contextLine);

init.setColumnNumber(0);

@@ -1108,6 +1112,7 @@ void ContentSecurityPolicy::reportViolation(

const KURL& blockedURL,

const Vector<String>& reportEndpoints,

const String& header,

+ ContentSecurityPolicyHeaderType headerType,

ViolationType violationType,

LocalFrame* contextFrame,

RedirectStatus redirectStatus,

@@ -1141,7 +1146,7 @@ void ContentSecurityPolicy::reportViolation(

SecurityPolicyViolationEventInit violationData;

gatherSecurityPolicyViolationEventData(

violationData, document, directiveText, effectiveDirective, blockedURL,

- header, redirectStatus, violationType, contextLine);

+ header, redirectStatus, headerType, violationType, contextLine);

// TODO(mkwst): Obviously, we shouldn't hit this check, as extension-loaded

// resources should be allowed regardless. We apparently do, however, so

@@ -1169,6 +1174,7 @@ void ContentSecurityPolicy::reportViolation(

cspReport->setString("effective-directive",

violationData.effectiveDirective());

cspReport->setString("original-policy", violationData.originalPolicy());

+ cspReport->setString("disposition", violationData.disposition());

cspReport->setString("blocked-uri", violationData.blockedURI());

if (violationData.lineNumber())

cspReport->setInteger("line-number", violationData.lineNumber());

« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h ('k') | no next file » | no next file with comments »