| Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
|
| diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
|
| index c5b7eed1f38a737d518fe9e2426905759ff99d42..8fe15e71c5e653b5d06cf5bf93180951b28fdc4b 100644
|
| --- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
|
| +++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
|
| @@ -178,33 +178,46 @@ void ContentSecurityPolicy::ApplyPolicySideEffectsToExecutionContext() {
|
|
|
| SetupSelf(*execution_context_->GetSecurityContext().GetSecurityOrigin());
|
|
|
| - // If we're in a Document, set mixed content checking and sandbox
|
| - // flags, then dump all the parsing error messages, then poke at histograms.
|
| - if (Document* document = this->GetDocument()) {
|
| - if (sandbox_mask_ != kSandboxNone) {
|
| - UseCounter::Count(document, UseCounter::kSandboxViaCSP);
|
| + // Set mixed content checking and sandbox flags, then dump all the parsing
|
| + // error messages, then poke at histograms.
|
| + Document* document = this->GetDocument();
|
| + if (sandbox_mask_ != kSandboxNone) {
|
| + UseCounter::Count(execution_context_, UseCounter::kSandboxViaCSP);
|
| + if (document)
|
| document->EnforceSandboxFlags(sandbox_mask_);
|
| - }
|
| - if (treat_as_public_address_)
|
| - document->SetAddressSpace(kWebAddressSpacePublic);
|
| + else
|
| + execution_context_->GetSecurityContext().ApplySandboxFlags(sandbox_mask_);
|
| + }
|
| + if (treat_as_public_address_) {
|
| + execution_context_->GetSecurityContext().SetAddressSpace(
|
| + kWebAddressSpacePublic);
|
| + }
|
|
|
| + if (document) {
|
| document->EnforceInsecureRequestPolicy(insecure_request_policy_);
|
| - if (insecure_request_policy_ & kUpgradeInsecureRequests) {
|
| - UseCounter::Count(document, UseCounter::kUpgradeInsecureRequestsEnabled);
|
| - if (!document->Url().Host().IsEmpty())
|
| - document->AddInsecureNavigationUpgrade(
|
| - document->Url().Host().Impl()->GetHash());
|
| + } else {
|
| + execution_context_->GetSecurityContext().SetInsecureRequestPolicy(
|
| + insecure_request_policy_);
|
| + }
|
| +
|
| + if (insecure_request_policy_ & kUpgradeInsecureRequests) {
|
| + UseCounter::Count(execution_context_,
|
| + UseCounter::kUpgradeInsecureRequestsEnabled);
|
| + if (!execution_context_->Url().Host().IsEmpty()) {
|
| + execution_context_->GetSecurityContext().AddInsecureNavigationUpgrade(
|
| + execution_context_->Url().Host().Impl()->GetHash());
|
| }
|
| + }
|
|
|
| - for (const auto& console_message : console_messages_)
|
| - execution_context_->AddConsoleMessage(console_message);
|
| - console_messages_.clear();
|
| + for (const auto& console_message : console_messages_)
|
| + execution_context_->AddConsoleMessage(console_message);
|
| + console_messages_.clear();
|
|
|
| - for (const auto& policy : policies_) {
|
| - UseCounter::Count(*document, GetUseCounterType(policy->HeaderType()));
|
| - if (policy->AllowDynamic())
|
| - UseCounter::Count(*document, UseCounter::kCSPWithStrictDynamic);
|
| - }
|
| + for (const auto& policy : policies_) {
|
| + UseCounter::Count(execution_context_,
|
| + GetUseCounterType(policy->HeaderType()));
|
| + if (policy->AllowDynamic())
|
| + UseCounter::Count(execution_context_, UseCounter::kCSPWithStrictDynamic);
|
| }
|
|
|
| // We disable 'eval()' even in the case of report-only policies, and rely on
|
|
|
Chromium Code Reviews
Issue 2838153002:
Make most of CSP code work with non-Document ExecutionContext (Closed)
