Source/core/frame/csp/ContentSecurityPolicy.h - Issue 553423002: CSP: Use a specified frame for reporting 'frame-ancestors' violations.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: Source/core/frame/csp/ContentSecurityPolicy.h

Issue 553423002: CSP: Use a specified frame for reporting 'frame-ancestors' violations. (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: Feedback, tests, and rebase. Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: Source/core/frame/csp/ContentSecurityPolicy.h

diff --git a/Source/core/frame/csp/ContentSecurityPolicy.h b/Source/core/frame/csp/ContentSecurityPolicy.h

index 001d1bdc45a4508c381924028c4740c0055111fa..925200321cbf5aedda5f51a009f737804b352101 100644

--- a/Source/core/frame/csp/ContentSecurityPolicy.h

+++ b/Source/core/frame/csp/ContentSecurityPolicy.h

@@ -125,7 +125,7 @@ public:

bool allowConnectToSource(const KURL&, ReportingStatus = SendReport) const;

bool allowFormAction(const KURL&, ReportingStatus = SendReport) const;

bool allowBaseURI(const KURL&, ReportingStatus = SendReport) const;

- bool allowAncestors(LocalFrame*, ReportingStatus = SendReport) const;

+ bool allowAncestors(LocalFrame*, const KURL&, ReportingStatus = SendReport) const;

bool allowChildContextFromSource(const KURL&, ReportingStatus = SendReport) const;

bool allowWorkerContextFromSource(const KURL&, ReportingStatus = SendReport) const;

@@ -153,7 +153,9 @@ public:

bool isActive() const;

- void logToConsole(PassRefPtrWillBeRawPtr<ConsoleMessage>);

+ // If a frame is passed in, the message will be logged to its active document's console.

+ // Otherwise, the message will be logged to this object's |m_executionContext|.

+ void logToConsole(PassRefPtrWillBeRawPtr<ConsoleMessage>, LocalFrame* = 0);

void reportDirectiveAsSourceExpression(const String& directiveName, const String& sourceExpression);

void reportDuplicateDirective(const String&);

@@ -169,7 +171,11 @@ public:

void reportInvalidReferrer(const String&);

void reportReportOnlyInMeta(const String&);

void reportMetaOutsideHead(const String&);

- void reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<String>& reportEndpoints, const String& header);

+ // If a frame is passed in, the report will be sent using it as a context. If no frame is

+ // passed in, the report will be sent via this object's |m_executionContext| (or dropped

+ // on the floor if no such context is available).

+ void reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<String>& reportEndpoints, const String& header, LocalFrame* = 0);

void reportBlockedScriptExecutionToInspector(const String& directiveText) const;

« no previous file with comments | « Source/core/frame/csp/CSPDirectiveList.cpp ('k') | Source/core/frame/csp/ContentSecurityPolicy.cpp » ('j') | no next file with comments »