third_party/WebKit/Source/web/WebLocalFrameImpl.cpp - Issue 2655463006: PlzNavigate: Enforce 'frame-src' CSP on the browser.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/WebKit/Source/web/WebLocalFrameImpl.cpp

Issue 2655463006: PlzNavigate: Enforce 'frame-src' CSP on the browser. (Closed)

Patch Set: Addressed comments @alexmos. Created 3 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« content/browser/frame_host/navigator_impl.cc ('K') | « third_party/WebKit/Source/web/WebLocalFrameImpl.h ('k') | third_party/WebKit/public/platform/WebContentSecurityPolicyStruct.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/Source/web/WebLocalFrameImpl.cpp

diff --git a/third_party/WebKit/Source/web/WebLocalFrameImpl.cpp b/third_party/WebKit/Source/web/WebLocalFrameImpl.cpp

index 75d3864d39fc5bd556736709e9f0dde073e3fd17..398a64d2e36f0bcdb7460a699b79f32b6b11a500 100644

--- a/third_party/WebKit/Source/web/WebLocalFrameImpl.cpp

+++ b/third_party/WebKit/Source/web/WebLocalFrameImpl.cpp

@@ -2052,6 +2052,34 @@ bool WebLocalFrameImpl::maybeRenderFallbackContent(

return true;

}

+// Called when a navigation is blocked because a Content Security Policy (CSP)

+// is infringed.

+void WebLocalFrameImpl::reportContentSecurityPolicyViolation(

+ const blink::WebContentSecurityPolicyViolation& violation) {

+ DCHECK(frame() && frame()->document());

+ Document* document = frame()->document();

+ Vector<String> reportEndpoints;

+ for (const WebString& endPoint : violation.reportEndpoints)

+ reportEndpoints.push_back(endPoint);

+ document->contentSecurityPolicy()->reportViolation(

+ violation.directive, /* directiveText */

+ ContentSecurityPolicy::getDirectiveType(

+ violation.effectiveDirective), /* effectiveType */

+ violation.consoleMessage, /* consoleMessage */

+ violation.blockedUrl, /* blockedUrl */

+ reportEndpoints, /* reportEndpoints */

+ violation.header, /* header */

+ static_cast<ContentSecurityPolicyHeaderType>(violation.disposition),

+ ContentSecurityPolicy::ViolationType::URLViolation, /* ViolationType */

+ nullptr, /* LocalFrame */

+ violation.afterRedirect ? RedirectStatus::FollowedRedirect

+ : RedirectStatus::NoRedirect,

+ // TODO(arthursonzogni, clamy) Provide the context line number here.

+ // See http://crbug.com/690946 //

alexmos 2017/03/01 02:22:28 nit: remove extra // at the end

+ 0, /* contextLine */

+ nullptr); /* Element */

bool WebLocalFrameImpl::isLoading() const {

if (!frame() || !frame()->document())

return false;