Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(176)

Unified Diff: third_party/WebKit/Source/web/LocalFrameClientImpl.cpp

Issue 2655463006: PlzNavigate: Enforce 'frame-src' CSP on the browser. (Closed)
Patch Set: Addressed comments @alexmos. Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: third_party/WebKit/Source/web/LocalFrameClientImpl.cpp
diff --git a/third_party/WebKit/Source/web/LocalFrameClientImpl.cpp b/third_party/WebKit/Source/web/LocalFrameClientImpl.cpp
index 88f3598d04025b551f9f9f5f5b45302634dbbead..9b9a39bb7a0c3e1db7a61f14db9711b54da3cade 100644
--- a/third_party/WebKit/Source/web/LocalFrameClientImpl.cpp
+++ b/third_party/WebKit/Source/web/LocalFrameClientImpl.cpp
@@ -525,7 +525,9 @@ NavigationPolicy LocalFrameClientImpl::decidePolicyForNavigation(
NavigationPolicy policy,
bool replacesCurrentHistoryItem,
bool isClientRedirect,
- HTMLFormElement* form) {
+ HTMLFormElement* form,
+ ContentSecurityPolicyDisposition
+ shouldCheckMainWorldContentSecurityPolicy) {
if (!m_webFrame->client())
return NavigationPolicyIgnore;
@@ -562,6 +564,9 @@ NavigationPolicy LocalFrameClientImpl::decidePolicyForNavigation(
navigationInfo.isHistoryNavigationInNewChildFrame =
isHistoryNavigationInNewChildFrame;
navigationInfo.isClientRedirect = isClientRedirect;
+ navigationInfo.shouldBypassMainWorldCSP =
+ shouldCheckMainWorldContentSecurityPolicy ==
+ DoNotCheckContentSecurityPolicy;
// Caching could be disabled for requests initiated by DevTools.
// TODO(ananta)
// We should extract the network cache state into a global component which

Powered by Google App Engine
This is Rietveld 408576698