Index: content/common/content_security_policy/csp_context.h |
diff --git a/content/common/content_security_policy/csp_context.h b/content/common/content_security_policy/csp_context.h |
index bbc03017f23fb03b558f902263bf1b71a2f0c592..c51c50346c6d2dfa12ac6c511a02f9a0056d1ae6 100644 |
--- a/content/common/content_security_policy/csp_context.h |
+++ b/content/common/content_security_policy/csp_context.h |
@@ -15,6 +15,8 @@ |
namespace content { |
+struct CSPViolationParams; |
+ |
// A CSPContext represents the system on which the Content-Security-Policy are |
// enforced. One must define via its virtual methods how to report violations, |
// how to log messages on the console and what is the set of scheme that bypass |
@@ -35,14 +37,7 @@ class CONTENT_EXPORT CSPContext { |
bool ProtocolMatchesSelf(const GURL& url); |
virtual void LogToConsole(const std::string& message); |
- virtual void ReportViolation( |
- const std::string& directive_text, |
- const std::string& effective_directive, |
- const std::string& message, |
- const GURL& blocked_url, |
- const std::vector<std::string>& report_end_points, |
- const std::string& header, |
- blink::WebContentSecurityPolicyType disposition); |
+ virtual void ReportViolation(const CSPViolationParams& violation_params); |
bool SelfSchemeShouldBypassCSP(); |
@@ -56,5 +51,47 @@ class CONTENT_EXPORT CSPContext { |
DISALLOW_COPY_AND_ASSIGN(CSPContext); |
}; |
+// Used in CSPContext::ReportViolation() |
+struct CONTENT_EXPORT CSPViolationParams { |
+ CSPViolationParams(); |
+ CSPViolationParams(const std::string& directive, |
+ const std::string& effective_directive, |
+ const std::string& console_message, |
+ const GURL& blocked_url, |
+ const std::vector<std::string>& report_endpoints, |
+ const std::string& header, |
+ const blink::WebContentSecurityPolicyType& disposition, |
+ bool followed_redirect); |
alexmos
2017/02/24 06:40:27
after_redirect? (that's what it's named below now
arthursonzogni
2017/02/24 16:13:29
Done.
I tried to follow the naming of @lukasza in
|
+ CSPViolationParams(const CSPViolationParams& other); |
+ ~CSPViolationParams(); |
+ |
+ // The name of the directive that infringe the policy. |directive| might be a |
+ // directive that serves as a fallback to the |effective_directive|. |
+ std::string directive; |
+ |
+ // The name the effective directive that was checked against. |
+ std::string effective_directive; |
+ |
+ // The console message to be displayed to the user. |
+ std::string console_message; |
+ |
+ // The URL that was blocked by the policy. |
+ GURL blocked_url; |
+ |
+ // The set of URI where a JSON-formatted report of the violation should be |
+ // sent. |
+ std::vector<std::string> report_endpoints; |
+ |
+ // The raw content security policy header that was violated. |
+ std::string header; |
+ |
+ // Each policy has an associated disposition, which is either "enforce" or |
+ // "report". |
+ blink::WebContentSecurityPolicyType disposition; |
+ |
+ // Whether or not the violation happens after a redirect. |
+ bool after_redirect; |
+}; |
+ |
} // namespace content |
#endif // CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_ |