| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2006, 2007 Rob Buis | 2 * Copyright (C) 2006, 2007 Rob Buis |
| 3 * Copyright (C) 2008 Apple, Inc. All rights reserved. | 3 * Copyright (C) 2008 Apple, Inc. All rights reserved. |
| 4 * | 4 * |
| 5 * This library is free software; you can redistribute it and/or | 5 * This library is free software; you can redistribute it and/or |
| 6 * modify it under the terms of the GNU Library General Public | 6 * modify it under the terms of the GNU Library General Public |
| 7 * License as published by the Free Software Foundation; either | 7 * License as published by the Free Software Foundation; either |
| 8 * version 2 of the License, or (at your option) any later version. | 8 * version 2 of the License, or (at your option) any later version. |
| 9 * | 9 * |
| 10 * This library is distributed in the hope that it will be useful, | 10 * This library is distributed in the hope that it will be useful, |
| (...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 134 StyleElement::ProcessingResult StyleElement::CreateSheet(Element& element, | 134 StyleElement::ProcessingResult StyleElement::CreateSheet(Element& element, |
| 135 const String& text) { | 135 const String& text) { |
| 136 DCHECK(element.isConnected()); | 136 DCHECK(element.isConnected()); |
| 137 Document& document = element.GetDocument(); | 137 Document& document = element.GetDocument(); |
| 138 | 138 |
| 139 const ContentSecurityPolicy* csp = document.GetContentSecurityPolicy(); | 139 const ContentSecurityPolicy* csp = document.GetContentSecurityPolicy(); |
| 140 bool passes_content_security_policy_checks = | 140 bool passes_content_security_policy_checks = |
| 141 ShouldBypassMainWorldCSP(element) || | 141 ShouldBypassMainWorldCSP(element) || |
| 142 csp->AllowStyleWithHash(text, | 142 csp->AllowStyleWithHash(text, |
| 143 ContentSecurityPolicy::InlineType::kBlock) || | 143 ContentSecurityPolicy::InlineType::kBlock) || |
| 144 csp->AllowInlineStyle(&element, document.Url(), | 144 csp->AllowInlineStyle(&element, document.Url(), element.nonce(), |
| 145 element.FastGetAttribute(HTMLNames::nonceAttr), | |
| 146 start_position_.line_, text); | 145 start_position_.line_, text); |
| 147 | 146 |
| 148 // Clearing the current sheet may remove the cache entry so create the new | 147 // Clearing the current sheet may remove the cache entry so create the new |
| 149 // sheet first | 148 // sheet first |
| 150 CSSStyleSheet* new_sheet = nullptr; | 149 CSSStyleSheet* new_sheet = nullptr; |
| 151 | 150 |
| 152 // If type is empty or CSS, this is a CSS style sheet. | 151 // If type is empty or CSS, this is a CSS style sheet. |
| 153 const AtomicString& type = this->type(); | 152 const AtomicString& type = this->type(); |
| 154 if (IsCSS(element, type) && passes_content_security_policy_checks) { | 153 if (IsCSS(element, type) && passes_content_security_policy_checks) { |
| 155 RefPtr<MediaQuerySet> media_queries = MediaQuerySet::Create(media()); | 154 RefPtr<MediaQuerySet> media_queries = MediaQuerySet::Create(media()); |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 197 | 196 |
| 198 void StyleElement::StartLoadingDynamicSheet(Document& document) { | 197 void StyleElement::StartLoadingDynamicSheet(Document& document) { |
| 199 document.GetStyleEngine().AddPendingSheet(style_engine_context_); | 198 document.GetStyleEngine().AddPendingSheet(style_engine_context_); |
| 200 } | 199 } |
| 201 | 200 |
| 202 DEFINE_TRACE(StyleElement) { | 201 DEFINE_TRACE(StyleElement) { |
| 203 visitor->Trace(sheet_); | 202 visitor->Trace(sheet_); |
| 204 } | 203 } |
| 205 | 204 |
| 206 } // namespace blink | 205 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2801243002:
More tweaks to <script nonce> hiding. (Closed)
