Replace ContentSecurityPolicy::client() with a method returning an ExecutionContext

Source/core/frame/csp/ContentSecurityPolicy.cpp

 /*
  * Copyright (C) 2011 Google, Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
@@ skipping 112 matching lines @@
     return UseCounter::NumberOfFeatures;
 }
 
 static ReferrerPolicy mergeReferrerPolicies(ReferrerPolicy a, ReferrerPolicy b)
 {
     if (a != b)
         return ReferrerPolicyNever;
     return a;
 }
 
-ContentSecurityPolicy::ContentSecurityPolicy(ExecutionContextClient* client)
-    : m_client(client)
+ContentSecurityPolicy::ContentSecurityPolicy(ExecutionContext* executionContext)
+    : m_executionContext(executionContext)
     , m_overrideInlineStyleAllowed(false)
     , m_scriptHashAlgorithmsUsed(ContentSecurityPolicyHashAlgorithmNone)
     , m_styleHashAlgorithmsUsed(ContentSecurityPolicyHashAlgorithmNone)
 {
 }
 
 ContentSecurityPolicy::~ContentSecurityPolicy()
 {
 }
 
@@ skipping 46 matching lines @@
     const UChar* position = begin;
     while (position < end) {
         skipUntil<UChar>(position, end, ',');
 
         // header1,header2 OR header1
         //        ^                  ^
         OwnPtr<CSPDirectiveList> policy = CSPDirectiveList::create(this, begin, position, type, source);
 
         // We disable 'eval()' even in the case of report-only policies, and rely on the check in the V8Initializer::codeGenerationCheckCallbackInMainThread callback to determine whether the call should execute or not.
         if (!policy->allowEval(0, SuppressReport))
-            m_client->disableEval(policy->evalDisabledErrorMessage());
+            m_executionContext->disableEval(policy->evalDisabledErrorMessage());
 
         m_policies.append(policy.release());
 
         // Skip the comma, and begin the next header from the current position.
         ASSERT(position == end || *position == ',');
         skipExactly<UChar>(position, end, ',');
         begin = position;
     }
 
     if (document && type != ContentSecurityPolicyHeaderTypeReport && didSetReferrerPolicy())
@@ skipping 255 matching lines @@
 }
 
 bool ContentSecurityPolicy::allowChildContextFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
 {
     return isAllowedByAllWithURL<&CSPDirectiveList::allowChildContextFromSource>(m_policies, url, reportingStatus);
 }
 
 bool ContentSecurityPolicy::allowWorkerContextFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
 {
     // CSP 1.1 moves workers from 'script-src' to the new 'child-src'. Measure the impact of this backwards-incompatible change.
-    if (m_client->isDocument()) {
-        Document* document = static_cast<Document*>(m_client);
+    if (m_executionContext->isDocument()) {
+        Document* document = static_cast<Document*>(m_executionContext);
         UseCounter::count(*document, UseCounter::WorkerSubjectToCSP);
         if (isAllowedByAllWithURL<&CSPDirectiveList::allowChildContextFromSource>(m_policies, url, SuppressReport) && !isAllowedByAllWithURL<&CSPDirectiveList::allowScriptFromSource>(m_policies, url, SuppressReport))
             UseCounter::count(*document, UseCounter::WorkerAllowedByChildBlockedByScript);
     }
 
     return experimentalFeaturesEnabled() ?
         isAllowedByAllWithURL<&CSPDirectiveList::allowChildContextFromSource>(m_policies, url, reportingStatus) :
         isAllowedByAllWithURL<&CSPDirectiveList::allowScriptFromSource>(m_policies, url, reportingStatus);
 }
 
@@ skipping 31 matching lines @@
 {
     for (size_t i = 0; i < m_policies.size(); ++i) {
         if (m_policies[i]->didSetReferrerPolicy())
             return true;
     }
     return false;
 }
 
 SecurityOrigin* ContentSecurityPolicy::securityOrigin() const
 {
-    return m_client->securityContext().securityOrigin();
+    return m_executionContext->securityContext().securityOrigin();
 }
 
 const KURL ContentSecurityPolicy::url() const
 {
-    return m_client->contextURL();
+    return m_executionContext->contextURL();
 }
 
 KURL ContentSecurityPolicy::completeURL(const String& url) const
 {
-    return m_client->contextCompleteURL(url);
+    return m_executionContext->contextCompleteURL(url);
 }
 
 void ContentSecurityPolicy::enforceSandboxFlags(SandboxFlags mask) const
 {
     if (Document* document = this->document())
         document->enforceSandboxFlags(mask);
 }
 
 static String stripURLForUseInReport(Document* document, const KURL& url)
 {
@@ skipping 30 matching lines @@
         KURL source = KURL(ParsedURLString, callFrame.sourceURL());
         init.sourceFile = stripURLForUseInReport(document, source);
         init.lineNumber = callFrame.lineNumber();
         init.columnNumber = callFrame.columnNumber();
     }
 }
 
 void ContentSecurityPolicy::reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL>& reportURIs, const String& header)
 {
     // FIXME: Support sending reports from worker.
-    if (!m_client->isDocument())
+    if (!m_executionContext->isDocument())
         return;
 
     Document* document = this->document();
     LocalFrame* frame = document->frame();
     if (!frame)
         return;
 
     SecurityPolicyViolationEventInit violationData;
     gatherSecurityPolicyViolationEventData(violationData, document, directiveText, effectiveDirective, blockedURL, header);
 
@@ skipping 140 matching lines @@
     logToConsole(message);
 }
 
 void ContentSecurityPolicy::reportMissingReportURI(const String& policy) const
 {
     logToConsole("The Content Security Policy '" + policy + "' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header.");
 }
 
 void ContentSecurityPolicy::logToConsole(const String& message) const
 {
-    m_client->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, message);
+    m_executionContext->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, message);
 }
 
 void ContentSecurityPolicy::reportBlockedScriptExecutionToInspector(const String& directiveText) const
 {
-    m_client->reportBlockedScriptExecutionToInspector(directiveText);
+    m_executionContext->reportBlockedScriptExecutionToInspector(directiveText);
 }
 
 bool ContentSecurityPolicy::experimentalFeaturesEnabled() const
 {
     return RuntimeEnabledFeatures::experimentalContentSecurityPolicyFeaturesEnabled();
 }
 
 bool ContentSecurityPolicy::shouldBypassMainWorld(ExecutionContext* context)
 {
     if (context && context->isDocument()) {
         Document* document = toDocument(context);
         if (document->frame())
             return document->frame()->script().shouldBypassMainWorldContentSecurityPolicy();
     }
     return false;
 }
 
 bool ContentSecurityPolicy::shouldSendViolationReport(const String& report) const
 {
     // Collisions have no security impact, so we can save space by storing only the string's hash rather than the whole report.
     return !m_violationReportsSent.contains(report.impl()->hash());
 }
 
 void ContentSecurityPolicy::didSendViolationReport(const String& report)
 {
     m_violationReportsSent.add(report.impl()->hash());
 }
 
 } // namespace WebCore