Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(359)

Side by Side Diff: content/browser/frame_host/csp_context_impl.cc

Issue 2655463006: PlzNavigate: Enforce 'frame-src' CSP on the browser. (Closed)
Patch Set: Rebase. Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
(Empty)
1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include <algorithm>
6
7 #include "content/browser/frame_host/csp_context_impl.h"
8 #include "content/browser/frame_host/render_frame_host_impl.h"
9 #include "url/url_util.h"
10
11 namespace content {
12
13 CSPContextImpl::CSPContextImpl(RenderFrameHostImpl* render_frame)
14 : render_frame_(render_frame) {
15 DCHECK(render_frame_);
16 }
17
18 void CSPContextImpl::LogToConsole(const std::string& message) {
19 render_frame_->AddMessageToConsole(CONSOLE_MESSAGE_LEVEL_ERROR, message);
20 }
21
22 void CSPContextImpl::ReportViolation(
23 const CSPViolationParams& violation_params) {
24 render_frame_->ReportContentSecurityPolicyViolation(violation_params);
25 }
26
27 bool CSPContextImpl::SchemeShouldBypassCSP(const base::StringPiece& scheme) {
28 // Blink uses its SchemeRegistry to check if a scheme should be bypassed.
29 // It can't be used on the browser process. It is used for two things:
30 // 1) Bypassing the "chrome-extension" scheme when chrome is built with the
31 // extensions support.
32 // 2) Bypassing arbitrary scheme for testing purpose only in blink and in V8.
33 // TODO(arthursonzogni): url::GetBypassingCSPScheme() is used instead of the
34 // blink::SchemeRegistry. It contains 1) but not 2).
35 const auto& bypassing_schemes = url::GetCSPBypassingSchemes();
36 return std::find(bypassing_schemes.begin(), bypassing_schemes.end(),
37 scheme) != bypassing_schemes.end();
38 }
39
40 } // namespace content
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698