| Index: Source/core/dom/ScriptLoader.cpp
|
| diff --git a/Source/core/dom/ScriptLoader.cpp b/Source/core/dom/ScriptLoader.cpp
|
| index 69e0c6555209801044ea05c7cad837ee80c5a82f..d90456fe89014aa6ccca3d66c13baf85e6d62312 100644
|
| --- a/Source/core/dom/ScriptLoader.cpp
|
| +++ b/Source/core/dom/ScriptLoader.cpp
|
| @@ -308,7 +308,7 @@ void ScriptLoader::executeScript(const ScriptSourceCode& sourceCode)
|
|
|
| Frame* frame = contextDocument->frame();
|
|
|
| - bool shouldBypassMainWorldContentSecurityPolicy = (frame && frame->script().shouldBypassMainWorldContentSecurityPolicy()) || elementDocument->contentSecurityPolicy()->allowScriptNonce(m_element->fastGetAttribute(HTMLNames::nonceAttr));
|
| + bool shouldBypassMainWorldContentSecurityPolicy = (frame && frame->script().shouldBypassMainWorldContentSecurityPolicy()) || elementDocument->contentSecurityPolicy()->allowScriptNonce(m_element->fastGetAttribute(HTMLNames::nonceAttr)) || elementDocument->contentSecurityPolicy()->allowScriptHash(sourceCode.source());
|
|
|
| if (!m_isExternalScript && (!shouldBypassMainWorldContentSecurityPolicy && !elementDocument->contentSecurityPolicy()->allowInlineScript(elementDocument->url(), m_startLineNumber)))
|
| return;
|
|
|
Chromium Code Reviews
Issue 26481005:
Implementation of script hashes for CSP. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master