CSP: Don't override the location set in reportViolationWithLocation.

CSP: Don't override the location set in reportViolationWithLocation.

When a CSP violation is reported through reportViolationWithLocation,
the |contextLine| provided was always replaced in
gatherSecurityPolicyViolationEventData by the current context's line
number.

What does this CL?
* Transmit the full source location in ReportViolation instead of only
  the line number.
* When a source location is provided, it is always used, never replaced.

Review-Url: https://codereview.chromium.org/2785463002
Cr-Commit-Position: refs/heads/master@{#460334}
Committed: https://chromium.googlesource.com/chromium/src/+/a9b00b963270f09b359251568257001734442383

[arthursonzogni, 2017-03-28 12:01:11]

The CQ bit was checked by arthursonzogni@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2017-03-28 12:01:28]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[arthursonzogni, 2017-03-28 12:09:05]

Patchset #1 (id:1) has been deleted

[arthursonzogni, 2017-03-28 12:09:37]

The CQ bit was checked by arthursonzogni@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2017-03-28 12:09:58]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2017-03-28 12:36:42]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2017-03-28 12:36:43]

Dry run: Try jobs failed on following builders:
  chromeos_daisy_chromium_compile_only_ng on master.tryserver.chromium.linux
(JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.linux/builders/chromeos_daisy_...)

[arthursonzogni, 2017-03-28 12:51:10]

The CQ bit was checked by arthursonzogni@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2017-03-28 12:51:29]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[arthursonzogni, 2017-03-28 13:14:57]

Patchset #1 (id:20001) has been deleted

[commit-bot: I haz the power, 2017-03-28 13:17:36]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2017-03-28 13:17:37]

Dry run: Try jobs failed on following builders:
  chromeos_daisy_chromium_compile_only_ng on master.tryserver.chromium.linux
(JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.linux/builders/chromeos_daisy_...)

[arthursonzogni, 2017-03-28 14:05:22]

The CQ bit was checked by arthursonzogni@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2017-03-28 14:05:52]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[arthursonzogni, 2017-03-28 15:32:38]

arthursonzogni@chromium.org changed reviewers:
+ mkwst@chromium.org

[arthursonzogni, 2017-03-28 15:32:38]

Hi Mike,

Please take a look!

I did this CL to add the |sourceLocation| parameter to the reportViolation
method in ContentSecurityPolicy. Only the line number of the source location was
transmitted before.
I make use of it in the latest patchset in:
https://codereview.chromium.org/2761153003/

I think I have found a problem in the code. Even if the |contextLine| is
provided to the function, the context's line number is used instead. It looks
weird. I fixed it. Some layout test expectations have changed because of that.
Let me know if you think it is a bug or something done on purpose ;-)

[commit-bot: I haz the power, 2017-03-28 16:26:22]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2017-03-28 16:26:22]

Dry run: This issue passed the CQ dry run.

[Mike West, 2017-03-29 08:35:46]

LGTM, thanks!

[arthursonzogni, 2017-03-29 09:30:58]

The CQ bit was checked by arthursonzogni@chromium.org

[commit-bot: I haz the power, 2017-03-29 09:31:11]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2017-03-29 09:37:15]

CQ is committing da patch.

Bot data: {"patchset_id": 60001, "attempt_start_ts": 1490779858918530,
"parent_rev": "d392fbe7235460ea17422fa98af5084698867afe", "commit_rev":
"a9b00b963270f09b359251568257001734442383"}

[commit-bot: I haz the power, 2017-03-29 09:38:11]

Description was changed from

==========
CSP: Don't override the location set in reportViolationWithLocation.

When a CSP violation is reported through reportViolationWithLocation,
the |contextLine| provided was always replaced in
gatherSecurityPolicyViolationEventData by the current context's line
number.

What does this CL?
* Transmit the full source location in ReportViolation instead of only
  the line number.
* When a source location is provided, it is always used, never replaced.
==========

to

==========
CSP: Don't override the location set in reportViolationWithLocation.

When a CSP violation is reported through reportViolationWithLocation,
the |contextLine| provided was always replaced in
gatherSecurityPolicyViolationEventData by the current context's line
number.

What does this CL?
* Transmit the full source location in ReportViolation instead of only
  the line number.
* When a source location is provided, it is always used, never replaced.

Review-Url: https://codereview.chromium.org/2785463002
Cr-Commit-Position: refs/heads/master@{#460334}
Committed:
https://chromium.googlesource.com/chromium/src/+/a9b00b963270f09b359251568257...
==========

[commit-bot: I haz the power, 2017-03-29 09:38:12]

Committed patchset #2 (id:60001) as
https://chromium.googlesource.com/chromium/src/+/a9b00b963270f09b359251568257...