CSP: group policies in didAddContentSecurityPolicy.

third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
index b924b89306c650fab13f5122e361166e49b58628..0b77665761e656d2ee69414bcf77db67d256b598 100644
--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
@@ -324,11 +324,10 @@ void ContentSecurityPolicy::reportAccumulatedHeaders(
   // navigation got committed.  See comments in
   // addAndReportPolicyFromHeaderValue for more details and context.
   DCHECK(client);
-  for (const auto& policy : m_policies) {
-    client->didAddContentSecurityPolicy(
-        policy->header(), policy->headerType(), policy->headerSource(),
-        {policy->exposeForNavigationalChecks()});
-  }
+  WebVector<WebContentSecurityPolicyPolicy> policies(m_policies.size());
+  for (size_t i = 0; i < m_policies.size(); ++i)
+    policies[i] = m_policies[i]->exposeForNavigationalChecks();
+  client->didAddContentSecurityPolicies(policies);
 }
 
 void ContentSecurityPolicy::addAndReportPolicyFromHeaderValue(
@@ -345,15 +344,13 @@ void ContentSecurityPolicy::addAndReportPolicyFromHeaderValue(
     // 2) enforce CSP in the browser process (long-term - see
     // https://crbug.com/376522).
     // TODO(arthursonzogni): policies are actually replicated (1) and some of
-    // them are (or will) be enforced on the browser process (2). Stop doing (1)
-    // when (2) is finished.
+    // them are enforced on the browser process (2). Stop doing (1) when (2) is
+    // finished.
 
-    // Zero, one or several policies could be produced by only one header.
-    std::vector<blink::WebContentSecurityPolicyPolicy> policies;
+    WebVector<WebContentSecurityPolicyPolicy> policies(m_policies.size());
     for (size_t i = previousPolicyCount; i < m_policies.size(); ++i)
-      policies.push_back(m_policies[i]->exposeForNavigationalChecks());
-    document()->frame()->client()->didAddContentSecurityPolicy(
-        header, type, source, policies);
+      policies[i] = m_policies[i]->exposeForNavigationalChecks();
+    document()->frame()->client()->didAddContentSecurityPolicies(policies);

[alexmos, 2017/03/25 01:46:27]

Presumably, |policies| should only contain the newly added policies, not all
policies?  I'm asking because |policies| is allocated with the size of all
policies, but only the new ones are initialized.  E.g., if we had 3 policies and
we're adding a new one here, it seems |policies| will have four entries with
only the fourth one initialized.  Does that need to be fixed?

[arthursonzogni, 2017/03/27 12:03:52]

Yes, you are absolutely right. I made this mistake in one of the latest patch
when I switched from a std::vector to the WebVector. Thanks!

   }
 }