Index: third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h |
diff --git a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h |
index b305e5b816001596b461bfa223679f74d6d976da..0092a5759292bc1dc291bbc86eaaaf6127f8848c 100644 |
--- a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h |
+++ b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h |
@@ -22,6 +22,8 @@ namespace blink { |
class ContentSecurityPolicy; |
+typedef HeapVector<Member<SourceListDirective>> SourceListDirectiveVector; |
+ |
class CORE_EXPORT CSPDirectiveList |
: public GarbageCollectedFinalized<CSPDirectiveList> { |
WTF_MAKE_NONCOPYABLE(CSPDirectiveList); |
@@ -156,6 +158,10 @@ class CORE_EXPORT CSPDirectiveList |
bool shouldSendCSPHeader(Resource::Type) const; |
+ // The algorithm is described here: |
+ // https://w3c.github.io/webappsec-csp/embedded/#subsume-policy |
+ bool subsumes(CSPDirectiveListVector); |
+ |
DECLARE_TRACE(); |
private: |
@@ -265,6 +271,10 @@ class CORE_EXPORT CSPDirectiveList |
bool denyIfEnforcingPolicy() const { return isReportOnly(); } |
+ static SourceListDirectiveVector getSourceList( |
+ const char* name, |
+ CSPDirectiveListVector policies); |
+ |
Member<ContentSecurityPolicy> m_policy; |
String m_header; |