third_party/WebKit/Source/core/loader/FrameFetchContext.h - Issue 2790693002: Split CSP into pre- and post-upgrade checks

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/WebKit/Source/core/loader/FrameFetchContext.h

Issue 2790693002: Split CSP into pre- and post-upgrade checks (Closed)

Patch Set: add unit tests Created 3 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/report-original-url.php ('K') | « third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicyTest.cpp ('k') | third_party/WebKit/Source/core/loader/FrameFetchContext.cpp » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/Source/core/loader/FrameFetchContext.h

diff --git a/third_party/WebKit/Source/core/loader/FrameFetchContext.h b/third_party/WebKit/Source/core/loader/FrameFetchContext.h

index e89a22029ff73b8296becf4c93618d33f240c059..0597f8a7d67f352d1c2201b495dbeb61cd9a6276 100644

--- a/third_party/WebKit/Source/core/loader/FrameFetchContext.h

+++ b/third_party/WebKit/Source/core/loader/FrameFetchContext.h

@@ -38,6 +38,7 @@

#include "platform/loader/fetch/FetchRequest.h"

#include "platform/loader/fetch/ResourceFetcher.h"

#include "platform/loader/fetch/ResourceRequest.h"

+#include "platform/network/ContentSecurityPolicyParsers.h"

#include "wtf/Forward.h"

namespace blink {

@@ -129,6 +130,13 @@ class CORE_EXPORT FrameFetchContext final : public FetchContext {

const ResourceLoaderOptions&,

SecurityViolationReportingPolicy,

FetchRequest::OriginRestriction) const override;

+ ResourceRequestBlockedReason CanFollowRedirect(

+ Resource::Type,

+ const ResourceRequest&,

+ const KURL&,

+ const ResourceLoaderOptions&,

+ SecurityViolationReportingPolicy,

+ FetchRequest::OriginRestriction) const override;

ResourceRequestBlockedReason AllowResponse(

Resource::Type,

const ResourceRequest&,

@@ -148,9 +156,12 @@ class CORE_EXPORT FrameFetchContext final : public FetchContext {

LogMessageType = kLogErrorMessage) const override;

SecurityOrigin* GetSecurityOrigin() const override;

- void PopulateResourceRequest(Resource::Type,

+ void PopulateResourceRequest(const KURL&,

+ Resource::Type,

const ClientHintsPreferences&,

const FetchRequest::ResourceWidth&,

+ const ResourceLoaderOptions&,

+ SecurityViolationReportingPolicy,

ResourceRequest&) override;

void SetFirstPartyCookieAndRequestorOrigin(ResourceRequest&) override;

@@ -197,6 +208,14 @@ class CORE_EXPORT FrameFetchContext final : public FetchContext {

void AddCSPHeaderIfNecessary(Resource::Type, ResourceRequest&);

+ ResourceRequestBlockedReason CheckCSPForRequest(

+ const ResourceRequest&,

+ const KURL&,

+ const ResourceLoaderOptions&,

+ SecurityViolationReportingPolicy,

+ ResourceRequest::RedirectStatus,

+ ContentSecurityPolicyHeaderType) const;

// FIXME: Oilpan: Ideally this should just be a traced Member but that will

// currently leak because ComputedStyle and its data are not on the heap.

// See crbug.com/383860 for details.