Index: content/common/content_security_policy/csp_context.h |
diff --git a/content/common/content_security_policy/csp_context.h b/content/common/content_security_policy/csp_context.h |
index 4cf89b92001ff51ed3ec4abfb00a510eefb0e662..51471f43f0693869e502e4b24f4f699eb84c2621 100644 |
--- a/content/common/content_security_policy/csp_context.h |
+++ b/content/common/content_security_policy/csp_context.h |
@@ -24,6 +24,18 @@ struct CSPViolationParams; |
// is in content/browser/frame_host/render_frame_host_impl.h |
class CONTENT_EXPORT CSPContext { |
public: |
+ // This enum represents what set of policies should be checked by |
+ // IsAllowedByCsp(). |
+ enum CheckCSPDisposition { |
+ // Only check report-only policies. |
+ CHECK_REPORT_ONLY_CSP, |
+ // Only check enforced policies. (Note that enforced policies can still |
+ // trigger reports.) |
+ CHECK_ENFORCED_CSP, |
+ // Check all policies. |
+ CHECK_ALL_CSP, |
+ }; |
+ |
CSPContext(); |
virtual ~CSPContext(); |
@@ -36,7 +48,15 @@ class CONTENT_EXPORT CSPContext { |
bool IsAllowedByCsp(CSPDirective::Name directive_name, |
const GURL& url, |
bool is_redirect, |
- const SourceLocation& source_location); |
+ const SourceLocation& source_location, |
+ CheckCSPDisposition check_csp_disposition); |
+ |
+ // Returns true if the request URL needs to be modified (e.g. upgraded to |
+ // HTTPS) according to the CSP. If true, |new_url| will contain the new URL |
+ // that should be used instead of |url|. |
+ bool ShouldModifyRequestUrlForCsp(const GURL& url, |
+ bool is_suresource_or_form_submssion, |
+ GURL* new_url); |
void SetSelf(const url::Origin origin); |
bool AllowSelf(const GURL& url); |