Index: content/browser/frame_host/csp_context_impl.cc |
diff --git a/content/browser/frame_host/csp_context_impl.cc b/content/browser/frame_host/csp_context_impl.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..358d43f8b0302bf8adfb100d10f5c0f38a1fa351 |
--- /dev/null |
+++ b/content/browser/frame_host/csp_context_impl.cc |
@@ -0,0 +1,47 @@ |
+// Copyright 2017 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include <algorithm> |
+ |
+#include "content/browser/frame_host/csp_context_impl.h" |
+#include "content/browser/frame_host/frame_tree_node.h" |
+#include "url/url_util.h" |
+ |
+namespace content { |
+ |
+CSPContextImpl::CSPContextImpl(FrameTreeNode* frame_tree_node) |
+ : frame_tree_node_(frame_tree_node) { |
+ DCHECK(frame_tree_node_); |
+} |
+ |
+void CSPContextImpl::LogToConsole(const std::string& message) { |
+ RenderFrameHostImpl* current_frame_host = |
+ frame_tree_node_->render_manager()->current_frame_host(); |
nasko
2017/02/11 00:01:23
nit: No need to indirect through render_manager()
arthursonzogni
2017/02/13 16:33:20
Done.
|
+ |
+ if (!current_frame_host) |
alexmos
2017/02/10 22:59:53
Is this null check needed?
arthursonzogni
2017/02/13 16:33:20
It is probably not needed indeed for this case(i.e
alexmos
2017/02/14 06:57:19
I haven't ever seen any code null-checking current
arthursonzogni
2017/02/15 09:26:09
You are probably right. I will remove the "if (!cu
|
+ return; |
+ |
+ current_frame_host->AddMessageToConsole(CONSOLE_MESSAGE_LEVEL_ERROR, message); |
nasko
2017/02/11 00:01:23
Is the log level always ERROR?
arthursonzogni
2017/02/13 16:33:20
Yes, see all calls to ContentSecurityPolicy::logTo
|
+} |
+ |
+void CSPContextImpl::ReportViolation( |
+ const CSPViolationParams& violation_params) { |
+ frame_tree_node_->current_frame_host()->ContentSecurityPolicyViolation( |
+ violation_params); |
+} |
+ |
+bool CSPContextImpl::SchemeShouldBypass(const base::StringPiece& scheme) { |
alexmos
2017/02/10 22:59:53
Perhaps name this SchemeShouldBypassCSP, so it's c
arthursonzogni
2017/02/13 16:33:20
Done.
|
+ // Blink uses its SchemeRegistry to check if a scheme should be bypassed. |
+ // It can't be used on the browser process. It is used for two things: |
+ // 1) Bypassing the "chrome-extension" scheme when chrome is built with the |
+ // extensions support. |
+ // 2) Bypassing arbitrary scheme for testing purpose only in blink and in V8. |
+ // TODO(arthursonzogni): url::GetBypassingCSPScheme() is used instead of the |
+ // blink::SchemeRegistry. It contains 1) but not 2). |
+ const auto& bypassing_scheme = url::GetCSPBypassingSchemes(); |
alexmos
2017/02/10 22:59:53
nit: s/bypassing_scheme/bypassing_schemes/
arthursonzogni
2017/02/13 16:33:20
Done.
|
+ return std::find(bypassing_scheme.begin(), bypassing_scheme.end(), scheme) != |
+ bypassing_scheme.end(); |
+} |
+ |
+} // namespace content |