| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2013 Google Inc. All rights reserved. | 2 * Copyright (C) 2013 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 664 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 675 ContentSecurityPolicy::ReportingStatus cspReporting = | 675 ContentSecurityPolicy::ReportingStatus cspReporting = |
| 676 forPreload ? ContentSecurityPolicy::SuppressReport | 676 forPreload ? ContentSecurityPolicy::SuppressReport |
| 677 : ContentSecurityPolicy::SendReport; | 677 : ContentSecurityPolicy::SendReport; |
| 678 | 678 |
| 679 if (m_document) { | 679 if (m_document) { |
| 680 DCHECK(m_document->contentSecurityPolicy()); | 680 DCHECK(m_document->contentSecurityPolicy()); |
| 681 if (!shouldBypassMainWorldCSP && | 681 if (!shouldBypassMainWorldCSP && |
| 682 !m_document->contentSecurityPolicy()->allowRequest( | 682 !m_document->contentSecurityPolicy()->allowRequest( |
| 683 resourceRequest.requestContext(), url, | 683 resourceRequest.requestContext(), url, |
| 684 options.contentSecurityPolicyNonce, options.integrityMetadata, | 684 options.contentSecurityPolicyNonce, options.integrityMetadata, |
| 685 redirectStatus, cspReporting)) | 685 options.parserDisposition, redirectStatus, cspReporting)) |
| 686 return ResourceRequestBlockedReasonCSP; | 686 return ResourceRequestBlockedReasonCSP; |
| 687 } | 687 } |
| 688 | 688 |
| 689 if (type == Resource::Script || type == Resource::ImportResource) { | 689 if (type == Resource::Script || type == Resource::ImportResource) { |
| 690 DCHECK(frame()); | 690 DCHECK(frame()); |
| 691 if (!frame()->loader().client()->allowScriptFromSource( | 691 if (!frame()->loader().client()->allowScriptFromSource( |
| 692 !frame()->settings() || frame()->settings()->scriptEnabled(), | 692 !frame()->settings() || frame()->settings()->scriptEnabled(), |
| 693 url)) { | 693 url)) { |
| 694 frame()->loader().client()->didNotAllowScript(); | 694 frame()->loader().client()->didNotAllowScript(); |
| 695 // TODO(estark): Use a different ResourceRequestBlockedReason here, since | 695 // TODO(estark): Use a different ResourceRequestBlockedReason here, since |
| (...skipping 302 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 998 response); | 998 response); |
| 999 } | 999 } |
| 1000 | 1000 |
| 1001 DEFINE_TRACE(FrameFetchContext) { | 1001 DEFINE_TRACE(FrameFetchContext) { |
| 1002 visitor->trace(m_document); | 1002 visitor->trace(m_document); |
| 1003 visitor->trace(m_documentLoader); | 1003 visitor->trace(m_documentLoader); |
| 1004 FetchContext::trace(visitor); | 1004 FetchContext::trace(visitor); |
| 1005 } | 1005 } |
| 1006 | 1006 |
| 1007 } // namespace blink | 1007 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2401573003:
CSP: Fix 'strict-dynamic' with multiple policies. (Closed)
