| Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
|
| diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
|
| index ca6bc3274980c931c40bed8fc18a9ea044f9ee81..5ece8ffb732042f411c68803e2f4c4a3b1e06a09 100644
|
| --- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
|
| +++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
|
| @@ -178,71 +178,88 @@ class CORE_EXPORT ContentSecurityPolicy
|
| SecurityViolationReportingPolicy =
|
| SecurityViolationReportingPolicy::kReport) const;
|
|
|
| - bool AllowObjectFromSource(
|
| - const KURL&,
|
| - RedirectStatus = RedirectStatus::kNoRedirect,
|
| - SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| - bool AllowFrameFromSource(
|
| - const KURL&,
|
| - RedirectStatus = RedirectStatus::kNoRedirect,
|
| - SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| - bool AllowImageFromSource(
|
| - const KURL&,
|
| - RedirectStatus = RedirectStatus::kNoRedirect,
|
| - SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| + bool AllowObjectFromSource(const KURL&,
|
| + RedirectStatus = RedirectStatus::kNoRedirect,
|
| + SecurityViolationReportingPolicy =
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
| + bool AllowFrameFromSource(const KURL&,
|
| + RedirectStatus = RedirectStatus::kNoRedirect,
|
| + SecurityViolationReportingPolicy =
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
| + bool AllowImageFromSource(const KURL&,
|
| + RedirectStatus = RedirectStatus::kNoRedirect,
|
| + SecurityViolationReportingPolicy =
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
| bool AllowFontFromSource(const KURL&,
|
| RedirectStatus = RedirectStatus::kNoRedirect,
|
| SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| - bool AllowMediaFromSource(
|
| - const KURL&,
|
| - RedirectStatus = RedirectStatus::kNoRedirect,
|
| - SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| - bool AllowConnectToSource(
|
| - const KURL&,
|
| - RedirectStatus = RedirectStatus::kNoRedirect,
|
| - SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
| + bool AllowMediaFromSource(const KURL&,
|
| + RedirectStatus = RedirectStatus::kNoRedirect,
|
| + SecurityViolationReportingPolicy =
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
| + bool AllowConnectToSource(const KURL&,
|
| + RedirectStatus = RedirectStatus::kNoRedirect,
|
| + SecurityViolationReportingPolicy =
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
| bool AllowFormAction(const KURL&,
|
| RedirectStatus = RedirectStatus::kNoRedirect,
|
| SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
| bool AllowBaseURI(const KURL&,
|
| RedirectStatus = RedirectStatus::kNoRedirect,
|
| SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
| bool AllowWorkerContextFromSource(
|
| const KURL&,
|
| RedirectStatus = RedirectStatus::kNoRedirect,
|
| SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
|
|
| bool AllowManifestFromSource(
|
| const KURL&,
|
| RedirectStatus = RedirectStatus::kNoRedirect,
|
| SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
|
|
| // Passing 'String()' into the |nonce| arguments in the following methods
|
| // represents an unnonced resource load.
|
| - bool AllowScriptFromSource(
|
| - const KURL&,
|
| - const String& nonce,
|
| - const IntegrityMetadataSet& hashes,
|
| - ParserDisposition,
|
| - RedirectStatus = RedirectStatus::kNoRedirect,
|
| - SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| - bool AllowStyleFromSource(
|
| - const KURL&,
|
| - const String& nonce,
|
| - RedirectStatus = RedirectStatus::kNoRedirect,
|
| - SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| + bool AllowScriptFromSource(const KURL&,
|
| + const String& nonce,
|
| + const IntegrityMetadataSet& hashes,
|
| + ParserDisposition,
|
| + RedirectStatus = RedirectStatus::kNoRedirect,
|
| + SecurityViolationReportingPolicy =
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
| + bool AllowStyleFromSource(const KURL&,
|
| + const String& nonce,
|
| + RedirectStatus = RedirectStatus::kNoRedirect,
|
| + SecurityViolationReportingPolicy =
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
| bool AllowInlineScript(Element*,
|
| const String& context_url,
|
| const String& nonce,
|
| @@ -287,7 +304,9 @@ class CORE_EXPORT ContentSecurityPolicy
|
| const KURL&,
|
| RedirectStatus = RedirectStatus::kNoRedirect,
|
| SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
|
|
| bool AllowRequest(WebURLRequest::RequestContext,
|
| const KURL&,
|
| @@ -296,7 +315,9 @@ class CORE_EXPORT ContentSecurityPolicy
|
| ParserDisposition,
|
| RedirectStatus = RedirectStatus::kNoRedirect,
|
| SecurityViolationReportingPolicy =
|
| - SecurityViolationReportingPolicy::kReport) const;
|
| + SecurityViolationReportingPolicy::kReport,
|
| + ContentSecurityPolicyHeaderType =
|
| + kContentSecurityPolicyHeaderTypeEnforce) const;
|
|
|
| void UsesScriptHashAlgorithms(uint8_t content_security_policy_hash_algorithm);
|
| void UsesStyleHashAlgorithms(uint8_t content_security_policy_hash_algorithm);
|
| @@ -413,6 +434,12 @@ class CORE_EXPORT ContentSecurityPolicy
|
| FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceInline);
|
| FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceSinglePolicy);
|
| FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceMultiplePolicy);
|
| + FRIEND_TEST_ALL_PREFIXES(FrameFetchContextTest,
|
| + RedirectChecksReportedAndEnforcedCSP);
|
| + FRIEND_TEST_ALL_PREFIXES(FrameFetchContextTest,
|
| + AllowResponseChecksReportedAndEnforcedCSP);
|
| + FRIEND_TEST_ALL_PREFIXES(FrameFetchContextTest,
|
| + PopulateResourceRequestChecksReportOnlyCSP);
|
|
|
| ContentSecurityPolicy();
|
|
|
|
|
Chromium Code Reviews
Issue 2790693002:
Split CSP into pre- and post-upgrade checks (Closed)
