Index: content/common/content_security_policy/csp_context.h |
diff --git a/content/common/content_security_policy/csp_context.h b/content/common/content_security_policy/csp_context.h |
index 040a98b08632db7188b937671f0924c87c0d6c71..9af5fb0a32c0ca240623c45e515a0393074e964a 100644 |
--- a/content/common/content_security_policy/csp_context.h |
+++ b/content/common/content_security_policy/csp_context.h |
@@ -15,6 +15,8 @@ |
namespace content { |
+struct CSPViolationParams; |
+ |
class CONTENT_EXPORT CSPContext { |
public: |
CSPContext(); |
@@ -30,14 +32,7 @@ class CONTENT_EXPORT CSPContext { |
bool ProtocolMatchesSelf(const GURL& url); |
virtual void LogToConsole(const std::string& message); |
- virtual void ReportViolation( |
- const std::string& directive_text, |
- const std::string& effective_directive, |
- const std::string& message, |
- const GURL& blocked_url, |
- const std::vector<std::string>& report_end_points, |
- const std::string& header, |
- blink::WebContentSecurityPolicyType disposition); |
+ virtual void ReportViolation(const CSPViolationParams& violation_params); |
bool SelfSchemeShouldBypassCSP(); |
@@ -51,5 +46,47 @@ class CONTENT_EXPORT CSPContext { |
DISALLOW_COPY_AND_ASSIGN(CSPContext); |
}; |
+// Used in CSPContext::ReportViolation() |
+struct CONTENT_EXPORT CSPViolationParams { |
+ CSPViolationParams(); |
+ CSPViolationParams(const std::string& directive, |
+ const std::string& effective_directive, |
+ const std::string& console_message, |
+ const GURL& blocked_url, |
+ const std::vector<std::string>& report_endpoints, |
+ const std::string& header, |
+ const blink::WebContentSecurityPolicyType& disposition, |
+ bool followed_redirect); |
+ CSPViolationParams(const CSPViolationParams& other); |
+ ~CSPViolationParams(); |
+ |
+ // The name of the directive that infringe the policy. |directive| might be a |
+ // directive that serves as a fallback to the |effective_directive|. |
+ std::string directive; |
+ |
+ // The name the effective directive that was checked against. |
+ std::string effective_directive; |
+ |
+ // The console message that was displayed to the user. |
+ std::string console_message; |
+ |
+ // The URL that was blocked by the policy. |
+ GURL blocked_url; |
+ |
+ // The set of URI where a JSON-formatted report of the violation should be |
+ // sent. |
+ std::vector<std::string> report_endpoints; |
+ |
+ // The raw content security policy header that was infringed. |
+ std::string header; |
+ |
+ // Each policy has an associated disposition, which is either "enforce" or |
+ // "report". |
+ blink::WebContentSecurityPolicyType disposition; |
+ |
+ // Whether or not the violation happens after a redirection. |
alexmos
2017/02/14 06:57:20
nit: s/redirection/redirect/
arthursonzogni
2017/02/15 09:26:10
Done.
|
+ bool followed_redirect; |
+}; |
+ |
} // namespace content |
#endif // CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_ |