PlzNavigate: Do not disclose urls between cross-origin renderers.

content/common/content_security_policy/csp_context.h

Index: content/common/content_security_policy/csp_context.h
diff --git a/content/common/content_security_policy/csp_context.h b/content/common/content_security_policy/csp_context.h
index cc5f3b50873a7a62ce363cf3cf9f14f74ce28827..b70e3c80284b13af601b495ccb2dd86082e3e225 100644
--- a/content/common/content_security_policy/csp_context.h
+++ b/content/common/content_security_policy/csp_context.h
@@ -55,6 +55,20 @@ class CONTENT_EXPORT CSPContext {
 
   virtual bool SchemeShouldBypassCSP(const base::StringPiece& scheme);
 
+  // For security reasons, some urls must not be disclosed cross-origin in
+  // violation reports. It includes the blocked url and the url of the initiator
+  // of the navigation. This information is potentially transmitted between
+  // different renderer processes.
+  // TODO(arthursonzogni): Stop hiding sensitive parts of URLs in console error
+  // messages as soon as there is a way to send it to the devtools process

[alexmos, 2017/05/16 05:56:49]

nit: s/it/them/

[arthursonzogni, 2017/05/16 12:48:44]

Done.

+  // without the round trip in the renderer process.
+  // See https://crbug.com/721329
+  virtual void SanitizeDataForUseInCspViolation(
+      GURL* blocked_url,
+      SourceLocation* source_location,
+      bool is_redirect,
+      CSPDirective::Name directive) const;
+
  private:
   bool has_self_ = false;
   std::string self_scheme_;