OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
127 ContentSecurityPolicyHeaderType, | 127 ContentSecurityPolicyHeaderType, |
128 ContentSecurityPolicyHeaderSource); | 128 ContentSecurityPolicyHeaderSource); |
129 void reportAccumulatedHeaders(FrameLoaderClient*) const; | 129 void reportAccumulatedHeaders(FrameLoaderClient*) const; |
130 | 130 |
131 std::unique_ptr<Vector<CSPHeaderAndType>> headers() const; | 131 std::unique_ptr<Vector<CSPHeaderAndType>> headers() const; |
132 | 132 |
133 // |element| will not be present for navigations to javascript URLs, | 133 // |element| will not be present for navigations to javascript URLs, |
134 // as those checks happen in the middle of the navigation algorithm, | 134 // as those checks happen in the middle of the navigation algorithm, |
135 // and we generally don't have access to the responsible element. | 135 // and we generally don't have access to the responsible element. |
136 bool allowJavaScriptURLs(Element*, | 136 bool allowJavaScriptURLs(Element*, |
| 137 const String& source, |
137 const String& contextURL, | 138 const String& contextURL, |
138 const WTF::OrdinalNumber& contextLine, | 139 const WTF::OrdinalNumber& contextLine, |
139 ReportingStatus = SendReport) const; | 140 ReportingStatus = SendReport) const; |
140 | 141 |
141 // |element| will be present almost all of the time, but because of | 142 // |element| will be present almost all of the time, but because of |
142 // strangeness around targeting handlers for '<body>', '<svg>', and | 143 // strangeness around targeting handlers for '<body>', '<svg>', and |
143 // '<frameset>', it will be 'nullptr' for handlers on those | 144 // '<frameset>', it will be 'nullptr' for handlers on those |
144 // elements. | 145 // elements. |
145 bool allowInlineEventHandler(Element*, | 146 bool allowInlineEventHandler(Element*, |
146 const String& source, | 147 const String& source, |
(...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
303 const DirectiveType& effectiveType, | 304 const DirectiveType& effectiveType, |
304 const String& consoleMessage, | 305 const String& consoleMessage, |
305 const KURL& blockedURL, | 306 const KURL& blockedURL, |
306 const Vector<String>& reportEndpoints, | 307 const Vector<String>& reportEndpoints, |
307 const String& header, | 308 const String& header, |
308 ContentSecurityPolicyHeaderType, | 309 ContentSecurityPolicyHeaderType, |
309 ViolationType, | 310 ViolationType, |
310 LocalFrame* = nullptr, | 311 LocalFrame* = nullptr, |
311 RedirectStatus = RedirectStatus::FollowedRedirect, | 312 RedirectStatus = RedirectStatus::FollowedRedirect, |
312 int contextLine = 0, | 313 int contextLine = 0, |
313 Element* = nullptr); | 314 Element* = nullptr, |
| 315 const String& source = emptyString); |
314 | 316 |
315 // Called when mixed content is detected on a page; will trigger a violation | 317 // Called when mixed content is detected on a page; will trigger a violation |
316 // report if the 'block-all-mixed-content' directive is specified for a | 318 // report if the 'block-all-mixed-content' directive is specified for a |
317 // policy. | 319 // policy. |
318 void reportMixedContent(const KURL& mixedURL, RedirectStatus); | 320 void reportMixedContent(const KURL& mixedURL, RedirectStatus); |
319 | 321 |
320 void reportBlockedScriptExecutionToInspector( | 322 void reportBlockedScriptExecutionToInspector( |
321 const String& directiveText) const; | 323 const String& directiveText) const; |
322 | 324 |
323 const KURL url() const; | 325 const KURL url() const; |
(...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
409 String m_disableEvalErrorMessage; | 411 String m_disableEvalErrorMessage; |
410 WebInsecureRequestPolicy m_insecureRequestPolicy; | 412 WebInsecureRequestPolicy m_insecureRequestPolicy; |
411 | 413 |
412 Member<CSPSource> m_selfSource; | 414 Member<CSPSource> m_selfSource; |
413 String m_selfProtocol; | 415 String m_selfProtocol; |
414 }; | 416 }; |
415 | 417 |
416 } // namespace blink | 418 } // namespace blink |
417 | 419 |
418 #endif | 420 #endif |
OLD | NEW |