| Index: third_party/WebKit/Source/core/dom/DocumentInit.cpp
|
| diff --git a/third_party/WebKit/Source/core/dom/DocumentInit.cpp b/third_party/WebKit/Source/core/dom/DocumentInit.cpp
|
| index 19d9eb60be68cea26400c506b69b71865ad1288c..0ac3139e5fd37d342bb0014552ab3b297a9cbf45 100644
|
| --- a/third_party/WebKit/Source/core/dom/DocumentInit.cpp
|
| +++ b/third_party/WebKit/Source/core/dom/DocumentInit.cpp
|
| @@ -96,13 +96,13 @@ SandboxFlags DocumentInit::getSandboxFlags() const {
|
| FrameLoader* loader = &frameForSecurityContext()->loader();
|
| SandboxFlags flags = loader->effectiveSandboxFlags();
|
|
|
| - // If the load was blocked by X-Frame-Options or CSP, force the Document's
|
| - // origin to be unique, so that the blocked document appears to be a normal
|
| - // cross-origin document's load per CSP spec:
|
| - // https://www.w3.org/TR/CSP2/#directive-frame-ancestors
|
| + // If the load was blocked by CSP, force the Document's origin to be unique,
|
| + // so that the blocked document appears to be a normal cross-origin document's
|
| + // load per CSP spec: https://www.w3.org/TR/CSP3/#directive-frame-ancestors.
|
| if (loader->documentLoader() &&
|
| - loader->documentLoader()->wasBlockedAfterXFrameOptionsOrCSP())
|
| + loader->documentLoader()->wasBlockedAfterCSP()) {
|
| flags |= SandboxOrigin;
|
| + }
|
|
|
| return flags;
|
| }
|
|
|
Chromium Code Reviews
Issue 2488743003:
(Re-)introduce AncestorThrottle to handle 'X-Frame-Options'. (Closed)
