Index: content/browser/frame_host/frame_tree_node.h |
diff --git a/content/browser/frame_host/frame_tree_node.h b/content/browser/frame_host/frame_tree_node.h |
index 7a4a0b9e20425f5b7d359840ccbc2d57f2dffbfc..7368c7f4a8611b23f72650560f58bb3dde748569 100644 |
--- a/content/browser/frame_host/frame_tree_node.h |
+++ b/content/browser/frame_host/frame_tree_node.h |
@@ -17,6 +17,7 @@ |
#include "content/browser/frame_host/render_frame_host_impl.h" |
#include "content/browser/frame_host/render_frame_host_manager.h" |
#include "content/common/content_export.h" |
+#include "content/common/content_security_policy/content_security_policy.h" |
#include "content/common/frame_owner_properties.h" |
#include "content/common/frame_replication_state.h" |
#include "third_party/WebKit/public/platform/WebInsecureRequestPolicy.h" |
@@ -167,8 +168,11 @@ class CONTENT_EXPORT FrameTreeNode { |
// Clear any feature policy header associated with the frame. |
void ResetFeaturePolicyHeader(); |
- // Add CSP header to replication state and notify proxies about the update. |
- void AddContentSecurityPolicy(const ContentSecurityPolicyHeader& header); |
+ // Add CSP header to replication state, notify proxies about the update and |
+ // enforce it on the browser. |
+ void AddContentSecurityPolicy( |
+ const ContentSecurityPolicyHeader& header, |
+ const std::vector<ContentSecurityPolicy>& policies); |
// Discards previous CSP headers and notifies proxies about the update. |
// Typically invoked after committing navigation to a new document (since the |
@@ -400,6 +404,9 @@ class CONTENT_EXPORT FrameTreeNode { |
// to the core logic of FrameTreeNode. |
FrameTreeNodeBlameContext blame_context_; |
+ // A set of Content-Security-Policies to enforce on the browser-side. |
+ std::vector<ContentSecurityPolicy> csp_policies_; |
+ |
DISALLOW_COPY_AND_ASSIGN(FrameTreeNode); |
}; |