PlzNavigate: Do not disclose urls between cross-origin renderers.

content/common/content_security_policy/content_security_policy.cc

Index: content/common/content_security_policy/content_security_policy.cc
diff --git a/content/common/content_security_policy/content_security_policy.cc b/content/common/content_security_policy/content_security_policy.cc
index 87b035eb1c2ef44916452f1ea3e186ae29f75d64..1784f0160c74a6934fb348e298589952addbdb4f 100644
--- a/content/common/content_security_policy/content_security_policy.cc
+++ b/content/common/content_security_policy/content_security_policy.cc
@@ -50,6 +50,15 @@ void ReportViolation(CSPContext* context,
   DCHECK_NE(directive_name, CSPDirective::DefaultSrc);
   DCHECK_NE(directive_name, CSPDirective::ChildSrc);
 
+  // For security reasons, some urls must not be disclosed. It includes the

[alexmos, 2017/05/16 05:56:49]

nit: It includes -> This includes  (also below)

[arthursonzogni, 2017/05/16 12:48:44]

Done.

+  // blocked url and the source location of the error. Care must be taken to
+  // ensure that these are not transmitted between different cross-origin
+  // renderers.
+  GURL safe_url = url;
+  SourceLocation safe_source_location = source_location;
+  context->SanitizeDataForUseInCspViolation(&safe_url, &safe_source_location,
+                                            is_redirect, directive_name);
+
   std::stringstream message;
 
   if (policy.header.type == blink::kWebContentSecurityPolicyTypeReport)
@@ -60,7 +69,7 @@ void ReportViolation(CSPContext* context,
   else if (directive_name == CSPDirective::FrameSrc)
     message << "Refused to frame '";
 
-  message << ElideURLForReportViolation(url)
+  message << ElideURLForReportViolation(safe_url)
           << "' because it violates the following Content Security Policy "
              "directive: \""
           << directive.ToString() << "\".";
@@ -75,9 +84,9 @@ void ReportViolation(CSPContext* context,
 
   context->ReportContentSecurityPolicyViolation(CSPViolationParams(
       CSPDirective::NameToString(directive.name),
-      CSPDirective::NameToString(directive_name), message.str(), url,
+      CSPDirective::NameToString(directive_name), message.str(), safe_url,
       policy.report_endpoints, policy.header.header_value, policy.header.type,
-      is_redirect, source_location));
+      is_redirect, safe_source_location));
 }
 
 bool AllowDirective(CSPContext* context,