Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(174)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/core/svg/SVGScriptElement.cpp

Issue 2801243002: More tweaks to <script nonce> hiding. (Closed)
Patch Set: Moved tests. Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/core/svg/SVGScriptElement.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2004, 2005, 2008 Nikolas Zimmermann <zimmermann@kde.org> 2 * Copyright (C) 2004, 2005, 2008 Nikolas Zimmermann <zimmermann@kde.org>
3 * Copyright (C) 2004, 2005, 2007 Rob Buis <buis@kde.org> 3 * Copyright (C) 2004, 2005, 2007 Rob Buis <buis@kde.org>
4 * 4 *
5 * This library is free software; you can redistribute it and/or 5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Library General Public 6 * modify it under the terms of the GNU Library General Public
7 * License as published by the Free Software Foundation; either 7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version. 8 * version 2 of the License, or (at your option) any later version.
9 * 9 *
10 * This library is distributed in the hope that it will be useful, 10 * This library is distributed in the hope that it will be useful,
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after
44 return new SVGScriptElement(document, inserted_by_parser, false); 44 return new SVGScriptElement(document, inserted_by_parser, false);
45 } 45 }
46 46
47 void SVGScriptElement::ParseAttribute( 47 void SVGScriptElement::ParseAttribute(
48 const AttributeModificationParams& params) { 48 const AttributeModificationParams& params) {
49 if (params.name == HTMLNames::onerrorAttr) { 49 if (params.name == HTMLNames::onerrorAttr) {
50 SetAttributeEventListener( 50 SetAttributeEventListener(
51 EventTypeNames::error, 51 EventTypeNames::error,
52 CreateAttributeEventListener(this, params.name, params.new_value, 52 CreateAttributeEventListener(this, params.name, params.new_value,
53 EventParameterName())); 53 EventParameterName()));
54 } else if (params.name == HTMLNames::nonceAttr) {
55 if (params.new_value == ContentSecurityPolicy::GetNonceReplacementString())
56 return;
57 setNonce(params.new_value);
58 if (RuntimeEnabledFeatures::hideNonceContentAttributeEnabled()) {
59 setAttribute(HTMLNames::nonceAttr,
60 ContentSecurityPolicy::GetNonceReplacementString());
61 }
62 } else { 54 } else {
63 SVGElement::ParseAttribute(params); 55 SVGElement::ParseAttribute(params);
64 } 56 }
65 } 57 }
66 58
67 void SVGScriptElement::SvgAttributeChanged(const QualifiedName& attr_name) { 59 void SVGScriptElement::SvgAttributeChanged(const QualifiedName& attr_name) {
68 if (SVGURIReference::IsKnownAttribute(attr_name)) { 60 if (SVGURIReference::IsKnownAttribute(attr_name)) {
69 SVGElement::InvalidationGuard invalidation_guard(this); 61 SVGElement::InvalidationGuard invalidation_guard(this);
70 loader_->HandleSourceAttribute(HrefString()); 62 loader_->HandleSourceAttribute(HrefString());
71 return; 63 return;
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
131 } 123 }
132 124
133 bool SVGScriptElement::IsConnected() const { 125 bool SVGScriptElement::IsConnected() const {
134 return Node::isConnected(); 126 return Node::isConnected();
135 } 127 }
136 128
137 bool SVGScriptElement::HasChildren() const { 129 bool SVGScriptElement::HasChildren() const {
138 return Node::hasChildren(); 130 return Node::hasChildren();
139 } 131 }
140 132
141 bool SVGScriptElement::IsNonceableElement() const { 133 const AtomicString& SVGScriptElement::GetNonceForElement() const {
142 return ContentSecurityPolicy::IsNonceableElement(this); 134 return ContentSecurityPolicy::IsNonceableElement(this) ? nonce()
135 : g_null_atom;
143 } 136 }
144 137
145 bool SVGScriptElement::AllowInlineScriptForCSP( 138 bool SVGScriptElement::AllowInlineScriptForCSP(
146 const AtomicString& nonce, 139 const AtomicString& nonce,
147 const WTF::OrdinalNumber& context_line, 140 const WTF::OrdinalNumber& context_line,
148 const String& script_content) { 141 const String& script_content) {
149 return GetDocument().GetContentSecurityPolicy()->AllowInlineScript( 142 return GetDocument().GetContentSecurityPolicy()->AllowInlineScript(
150 this, GetDocument().Url(), nonce, context_line, script_content); 143 this, GetDocument().Url(), nonce, context_line, script_content);
151 } 144 }
152 145
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
185 } 178 }
186 #endif 179 #endif
187 180
188 DEFINE_TRACE(SVGScriptElement) { 181 DEFINE_TRACE(SVGScriptElement) {
189 SVGElement::Trace(visitor); 182 SVGElement::Trace(visitor);
190 SVGURIReference::Trace(visitor); 183 SVGURIReference::Trace(visitor);
191 ScriptElementBase::Trace(visitor); 184 ScriptElementBase::Trace(visitor);
192 } 185 }
193 186
194 } // namespace blink 187 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/core/svg/SVGScriptElement.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698