OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2006, 2007, 2008 Apple Inc. All rights reserved. | 2 * Copyright (C) 2006, 2007, 2008 Apple Inc. All rights reserved. |
3 * Copyright (C) 2011 Google Inc. All rights reserved. | 3 * Copyright (C) 2011 Google Inc. All rights reserved. |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
7 * are met: | 7 * are met: |
8 * | 8 * |
9 * 1. Redistributions of source code must retain the above copyright | 9 * 1. Redistributions of source code must retain the above copyright |
10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
(...skipping 430 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
441 SecurityMessageSource, ErrorMessageLevel, message, response.url(), | 441 SecurityMessageSource, ErrorMessageLevel, message, response.url(), |
442 mainResourceIdentifier()); | 442 mainResourceIdentifier()); |
443 frame()->document()->addConsoleMessage(consoleMessage); | 443 frame()->document()->addConsoleMessage(consoleMessage); |
444 | 444 |
445 cancelLoadAfterXFrameOptionsOrCSPDenied(response); | 445 cancelLoadAfterXFrameOptionsOrCSPDenied(response); |
446 return; | 446 return; |
447 } | 447 } |
448 } | 448 } |
449 } | 449 } |
450 | 450 |
| 451 if (RuntimeEnabledFeatures::embedderCSPEnforcementEnabled() && |
| 452 !frameLoader()->requiredCSP().isEmpty()) { |
| 453 SecurityOrigin* parentSecurityOrigin = |
| 454 frame()->tree().parent()->securityContext()->getSecurityOrigin(); |
| 455 if (ContentSecurityPolicy::shouldEnforceEmbeddersPolicy( |
| 456 response, parentSecurityOrigin)) { |
| 457 m_contentSecurityPolicy->addPolicyFromHeaderValue( |
| 458 frameLoader()->requiredCSP(), ContentSecurityPolicyHeaderTypeEnforce, |
| 459 ContentSecurityPolicyHeaderSourceHTTP); |
| 460 } else { |
| 461 cancelLoadAfterXFrameOptionsOrCSPDenied(response); |
| 462 return; |
| 463 } |
| 464 } |
| 465 |
451 DCHECK(!m_frame->page()->defersLoading()); | 466 DCHECK(!m_frame->page()->defersLoading()); |
452 | 467 |
453 m_response = response; | 468 m_response = response; |
454 | 469 |
455 if (isArchiveMIMEType(m_response.mimeType()) && | 470 if (isArchiveMIMEType(m_response.mimeType()) && |
456 m_mainResource->getDataBufferingPolicy() != BufferData) | 471 m_mainResource->getDataBufferingPolicy() != BufferData) |
457 m_mainResource->setDataBufferingPolicy(BufferData); | 472 m_mainResource->setDataBufferingPolicy(BufferData); |
458 | 473 |
459 if (!shouldContinueForResponse()) { | 474 if (!shouldContinueForResponse()) { |
460 InspectorInstrumentation::continueWithPolicyIgnore( | 475 InspectorInstrumentation::continueWithPolicyIgnore( |
(...skipping 300 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
761 m_writer ? m_writer->encoding() : emptyAtom, true, | 776 m_writer ? m_writer->encoding() : emptyAtom, true, |
762 ForceSynchronousParsing); | 777 ForceSynchronousParsing); |
763 if (!source.isNull()) | 778 if (!source.isNull()) |
764 m_writer->appendReplacingData(source); | 779 m_writer->appendReplacingData(source); |
765 endWriting(m_writer.get()); | 780 endWriting(m_writer.get()); |
766 } | 781 } |
767 | 782 |
768 DEFINE_WEAK_IDENTIFIER_MAP(DocumentLoader); | 783 DEFINE_WEAK_IDENTIFIER_MAP(DocumentLoader); |
769 | 784 |
770 } // namespace blink | 785 } // namespace blink |
OLD | NEW |