| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
| 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
| 4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
| 5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights | 5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights |
| 6 * reserved. | 6 * reserved. |
| 7 * | 7 * |
| 8 * This library is free software; you can redistribute it and/or | 8 * This library is free software; you can redistribute it and/or |
| 9 * modify it under the terms of the GNU Library General Public | 9 * modify it under the terms of the GNU Library General Public |
| 10 * License as published by the Free Software Foundation; either | 10 * License as published by the Free Software Foundation; either |
| (...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 82 HTMLElement::DidMoveToNewDocument(old_document); | 82 HTMLElement::DidMoveToNewDocument(old_document); |
| 83 } | 83 } |
| 84 | 84 |
| 85 void HTMLScriptElement::ParseAttribute( | 85 void HTMLScriptElement::ParseAttribute( |
| 86 const AttributeModificationParams& params) { | 86 const AttributeModificationParams& params) { |
| 87 if (params.name == srcAttr) { | 87 if (params.name == srcAttr) { |
| 88 loader_->HandleSourceAttribute(params.new_value); | 88 loader_->HandleSourceAttribute(params.new_value); |
| 89 LogUpdateAttributeIfIsolatedWorldAndInDocument("script", params); | 89 LogUpdateAttributeIfIsolatedWorldAndInDocument("script", params); |
| 90 } else if (params.name == asyncAttr) { | 90 } else if (params.name == asyncAttr) { |
| 91 loader_->HandleAsyncAttribute(); | 91 loader_->HandleAsyncAttribute(); |
| 92 } else if (params.name == nonceAttr) { | |
| 93 if (params.new_value == ContentSecurityPolicy::GetNonceReplacementString()) | |
| 94 return; | |
| 95 setNonce(params.new_value); | |
| 96 if (RuntimeEnabledFeatures::hideNonceContentAttributeEnabled()) { | |
| 97 setAttribute(nonceAttr, | |
| 98 ContentSecurityPolicy::GetNonceReplacementString()); | |
| 99 } | |
| 100 } else { | 92 } else { |
| 101 HTMLElement::ParseAttribute(params); | 93 HTMLElement::ParseAttribute(params); |
| 102 } | 94 } |
| 103 } | 95 } |
| 104 | 96 |
| 105 Node::InsertionNotificationRequest HTMLScriptElement::InsertedInto( | 97 Node::InsertionNotificationRequest HTMLScriptElement::InsertedInto( |
| 106 ContainerNode* insertion_point) { | 98 ContainerNode* insertion_point) { |
| 107 ScriptType script_type = ScriptType::kClassic; | 99 ScriptType script_type = ScriptType::kClassic; |
| 108 if (insertion_point->isConnected() && HasSourceAttribute() && | 100 if (insertion_point->isConnected() && HasSourceAttribute() && |
| 109 !Loader()->IsScriptTypeSupported( | 101 !Loader()->IsScriptTypeSupported( |
| 110 ScriptLoader::kDisallowLegacyTypeInTypeAttribute, script_type)) | 102 ScriptLoader::kDisallowLegacyTypeInTypeAttribute, script_type)) |
| 111 UseCounter::Count(GetDocument(), | 103 UseCounter::Count(GetDocument(), |
| 112 UseCounter::kScriptElementWithInvalidTypeHasSrc); | 104 UseCounter::kScriptElementWithInvalidTypeHasSrc); |
| 113 HTMLElement::InsertedInto(insertion_point); | 105 HTMLElement::InsertedInto(insertion_point); |
| 114 LogAddElementIfIsolatedWorldAndInDocument("script", srcAttr); | 106 LogAddElementIfIsolatedWorldAndInDocument("script", srcAttr); |
| 107 |
| 115 return kInsertionShouldCallDidNotifySubtreeInsertions; | 108 return kInsertionShouldCallDidNotifySubtreeInsertions; |
| 116 } | 109 } |
| 117 | 110 |
| 118 void HTMLScriptElement::DidNotifySubtreeInsertionsToDocument() { | 111 void HTMLScriptElement::DidNotifySubtreeInsertionsToDocument() { |
| 119 loader_->DidNotifySubtreeInsertionsToDocument(); | 112 loader_->DidNotifySubtreeInsertionsToDocument(); |
| 120 } | 113 } |
| 121 | 114 |
| 122 void HTMLScriptElement::setText(const String& value) { | 115 void HTMLScriptElement::setText(const String& value) { |
| 123 setTextContent(value); | 116 setTextContent(value); |
| 124 } | 117 } |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 193 } | 186 } |
| 194 | 187 |
| 195 bool HTMLScriptElement::IsConnected() const { | 188 bool HTMLScriptElement::IsConnected() const { |
| 196 return Node::isConnected(); | 189 return Node::isConnected(); |
| 197 } | 190 } |
| 198 | 191 |
| 199 bool HTMLScriptElement::HasChildren() const { | 192 bool HTMLScriptElement::HasChildren() const { |
| 200 return Node::hasChildren(); | 193 return Node::hasChildren(); |
| 201 } | 194 } |
| 202 | 195 |
| 203 bool HTMLScriptElement::IsNonceableElement() const { | 196 const AtomicString& HTMLScriptElement::GetNonceForElement() const { |
| 204 return ContentSecurityPolicy::IsNonceableElement(this); | 197 return ContentSecurityPolicy::IsNonceableElement(this) ? nonce() |
| 198 : g_null_atom; |
| 205 } | 199 } |
| 206 | 200 |
| 207 bool HTMLScriptElement::AllowInlineScriptForCSP( | 201 bool HTMLScriptElement::AllowInlineScriptForCSP( |
| 208 const AtomicString& nonce, | 202 const AtomicString& nonce, |
| 209 const WTF::OrdinalNumber& context_line, | 203 const WTF::OrdinalNumber& context_line, |
| 210 const String& script_content) { | 204 const String& script_content) { |
| 211 return GetDocument().GetContentSecurityPolicy()->AllowInlineScript( | 205 return GetDocument().GetContentSecurityPolicy()->AllowInlineScript( |
| 212 this, GetDocument().Url(), nonce, context_line, script_content); | 206 this, GetDocument().Url(), nonce, context_line, script_content); |
| 213 } | 207 } |
| 214 | 208 |
| (...skipping 24 matching lines...) Expand all Loading... |
| 239 return new HTMLScriptElement(GetDocument(), false, loader_->AlreadyStarted(), | 233 return new HTMLScriptElement(GetDocument(), false, loader_->AlreadyStarted(), |
| 240 false); | 234 false); |
| 241 } | 235 } |
| 242 | 236 |
| 243 DEFINE_TRACE(HTMLScriptElement) { | 237 DEFINE_TRACE(HTMLScriptElement) { |
| 244 HTMLElement::Trace(visitor); | 238 HTMLElement::Trace(visitor); |
| 245 ScriptElementBase::Trace(visitor); | 239 ScriptElementBase::Trace(visitor); |
| 246 } | 240 } |
| 247 | 241 |
| 248 } // namespace blink | 242 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2801243002:
More tweaks to <script nonce> hiding. (Closed)
