Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp |
diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp |
index b924b89306c650fab13f5122e361166e49b58628..0b77665761e656d2ee69414bcf77db67d256b598 100644 |
--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp |
+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp |
@@ -324,11 +324,10 @@ void ContentSecurityPolicy::reportAccumulatedHeaders( |
// navigation got committed. See comments in |
// addAndReportPolicyFromHeaderValue for more details and context. |
DCHECK(client); |
- for (const auto& policy : m_policies) { |
- client->didAddContentSecurityPolicy( |
- policy->header(), policy->headerType(), policy->headerSource(), |
- {policy->exposeForNavigationalChecks()}); |
- } |
+ WebVector<WebContentSecurityPolicyPolicy> policies(m_policies.size()); |
+ for (size_t i = 0; i < m_policies.size(); ++i) |
+ policies[i] = m_policies[i]->exposeForNavigationalChecks(); |
+ client->didAddContentSecurityPolicies(policies); |
} |
void ContentSecurityPolicy::addAndReportPolicyFromHeaderValue( |
@@ -345,15 +344,13 @@ void ContentSecurityPolicy::addAndReportPolicyFromHeaderValue( |
// 2) enforce CSP in the browser process (long-term - see |
// https://crbug.com/376522). |
// TODO(arthursonzogni): policies are actually replicated (1) and some of |
- // them are (or will) be enforced on the browser process (2). Stop doing (1) |
- // when (2) is finished. |
+ // them are enforced on the browser process (2). Stop doing (1) when (2) is |
+ // finished. |
- // Zero, one or several policies could be produced by only one header. |
- std::vector<blink::WebContentSecurityPolicyPolicy> policies; |
+ WebVector<WebContentSecurityPolicyPolicy> policies(m_policies.size()); |
for (size_t i = previousPolicyCount; i < m_policies.size(); ++i) |
- policies.push_back(m_policies[i]->exposeForNavigationalChecks()); |
- document()->frame()->client()->didAddContentSecurityPolicy( |
- header, type, source, policies); |
+ policies[i] = m_policies[i]->exposeForNavigationalChecks(); |
+ document()->frame()->client()->didAddContentSecurityPolicies(policies); |
alexmos
2017/03/25 01:46:27
Presumably, |policies| should only contain the new
arthursonzogni
2017/03/27 12:03:52
Yes, you are absolutely right. I made this mistake
|
} |
} |