Index: content/browser/frame_host/frame_tree_node.h |
diff --git a/content/browser/frame_host/frame_tree_node.h b/content/browser/frame_host/frame_tree_node.h |
index edb1033140aeb2b5cc1bd089bf67661f0a3e7a27..0c13684f6f31b6e6a37c59bb476f3be98e0732ef 100644 |
--- a/content/browser/frame_host/frame_tree_node.h |
+++ b/content/browser/frame_host/frame_tree_node.h |
@@ -17,7 +17,7 @@ |
#include "content/browser/frame_host/render_frame_host_impl.h" |
#include "content/browser/frame_host/render_frame_host_manager.h" |
#include "content/common/content_export.h" |
-#include "content/common/content_security_policy/csp_policy.h" |
+#include "content/common/content_security_policy/csp_context.h" |
#include "content/common/frame_owner_properties.h" |
#include "content/common/frame_replication_state.h" |
#include "third_party/WebKit/public/platform/WebInsecureRequestPolicy.h" |
@@ -178,6 +178,14 @@ class CONTENT_EXPORT FrameTreeNode { |
// new document comes with a fresh set of CSP http headers). |
void ResetContentSecurityPolicy(); |
+ const std::vector<CSPPolicy>& ContentSecurityPolicies() const { |
nasko
2017/02/11 00:01:23
This should be hacker_case(), as it is a simple ac
arthursonzogni
2017/02/13 16:33:20
Okay, I didn't know about this coding style rule.
|
+ return csp_policies_; |
+ } |
+ |
+ // Return the Content-Security-Policy context associated to this frame. |
+ // Never null. |
+ CSPContext* ContentSecurityPolicyContext() { return csp_context_.get(); } |
nasko
2017/02/11 00:01:23
Same here, hacker_case().
arthursonzogni
2017/02/13 16:33:20
Done.
|
+ |
// Sets the current insecure request policy, and notifies proxies about the |
// update. |
void SetInsecureRequestPolicy(blink::WebInsecureRequestPolicy policy); |
@@ -406,6 +414,10 @@ class CONTENT_EXPORT FrameTreeNode { |
// A set of Content-Security-Policies to enforce on the browser-side. |
std::vector<CSPPolicy> csp_policies_; |
+ // Used to check if a frame is allowed to navigate to an URL according to a |
+ // set of content-security-policy. |
+ std::unique_ptr<CSPContext> csp_context_; |
alexmos
2017/02/10 22:59:53
I'm wondering whether it'd be better to associate
clamy
2017/02/13 13:23:28
Can the frame navigate while the RFH is in pending
alexmos
2017/02/14 05:44:28
Yes, I wasn't sure how much was disallowed in unlo
nasko
2017/02/15 21:28:44
I also think that the CSP is better off associated
|
+ |
DISALLOW_COPY_AND_ASSIGN(FrameTreeNode); |
}; |