content/common/content_security_policy/content_security_policy.cc - Issue 2910573002: Implement upgrade-insecure-requests in browser for frame requests - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(310)

My Issues | Starred Open | Closed | All

Unified Diff: content/common/content_security_policy/content_security_policy.cc

Issue 2910573002: Implement upgrade-insecure-requests in browser for frame requests (Closed)

Patch Set: rebase Created 3 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « content/common/content_security_policy/content_security_policy.h ('k') | content/common/content_security_policy/content_security_policy_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: content/common/content_security_policy/content_security_policy.cc

diff --git a/content/common/content_security_policy/content_security_policy.cc b/content/common/content_security_policy/content_security_policy.cc

index 299a4c2468cb3921ae60cddb40cd8d12f74bfb63..f0e93a50aba0b96ac8a13a174be709c9d0f82ba6 100644

--- a/content/common/content_security_policy/content_security_policy.cc

+++ b/content/common/content_security_policy/content_security_policy.cc

@@ -15,6 +15,7 @@ static CSPDirective::Name CSPFallback(CSPDirective::Name directive) {

switch (directive) {

case CSPDirective::DefaultSrc:

case CSPDirective::FormAction:

+ case CSPDirective::UpgradeInsecureRequests:

return CSPDirective::Unknown;

case CSPDirective::FrameSrc:

@@ -186,4 +187,14 @@ std::string ContentSecurityPolicy::ToString() const {

return text.str();

}

+// static

+bool ContentSecurityPolicy::ShouldUpgradeInsecureRequest(

+ const ContentSecurityPolicy& policy) {

+ for (const CSPDirective& directive : policy.directives) {

+ if (directive.name == CSPDirective::UpgradeInsecureRequests)

+ return true;

+ }

+ return false;

+}

+

} // namespace content

« no previous file with comments | « content/common/content_security_policy/content_security_policy.h ('k') | content/common/content_security_policy/content_security_policy_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698