third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h - Issue 2896833002: Added validation of the policy specified in the 'csp' attribute - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(537)

My Issues | Starred Open | Closed | All

Unified Diff: third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h

Issue 2896833002: Added validation of the policy specified in the 'csp' attribute (Closed)

Patch Set: Fixed issue with the renaming of the embedding-csp header Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/support/testharness-helper.sub.js ('k') | third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp » ('j') | third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h

diff --git a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h

index 667724a324a4bd33677d1a23a1e1315aa2eea41b..2aaba3b7cb58b38307032e281b32dd6970fb09f4 100644

--- a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h

+++ b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h

@@ -39,6 +39,9 @@ class CORE_EXPORT CSPDirectiveList

void Parse(const UChar* begin, const UChar* end);

+ static bool IsValid(const UChar* begin, const UChar* end);

+ static bool IsValid(const String& directive_list);

+

const String& Header() const { return header_; }

ContentSecurityPolicyHeaderType HeaderType() const { return header_type_; }

ContentSecurityPolicyHeaderSource HeaderSource() const {

@@ -192,10 +195,11 @@ class CORE_EXPORT CSPDirectiveList

ContentSecurityPolicyHeaderType,

ContentSecurityPolicyHeaderSource);

- bool ParseDirective(const UChar* begin,

- const UChar* end,

- String& name,

- String& value);

+ static bool ParseDirective(const UChar* begin,

+ const UChar* end,

+ String& name,

+ String& value,

+ ContentSecurityPolicy*);

void ParseRequireSRIFor(const String& name, const String& value);

void ParseReportURI(const String& name, const String& value);

void ParsePluginTypes(const String& name, const String& value);

« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/support/testharness-helper.sub.js ('k') | third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp » ('j') | third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp » ('J')

Powered by Google App Engine

This is Rietveld 408576698