Index: Source/core/frame/csp/ContentSecurityPolicy.cpp |
diff --git a/Source/core/frame/csp/ContentSecurityPolicy.cpp b/Source/core/frame/csp/ContentSecurityPolicy.cpp |
index 3a17d992d178f27499432c74fded97f6e7afdeac..5bb96bb756e3110193f2c7eb087b81ff58f85451 100644 |
--- a/Source/core/frame/csp/ContentSecurityPolicy.cpp |
+++ b/Source/core/frame/csp/ContentSecurityPolicy.cpp |
@@ -89,6 +89,10 @@ const char ContentSecurityPolicy::PluginTypes[] = "plugin-types"; |
const char ContentSecurityPolicy::ReflectedXSS[] = "reflected-xss"; |
const char ContentSecurityPolicy::Referrer[] = "referrer"; |
+// Manifest Directives |
+// https://w3c.github.io/manifest/#content-security-policy |
+const char ContentSecurityPolicy::ManifestSrc[] = "manifest-src"; |
+ |
bool ContentSecurityPolicy::isDirectiveName(const String& name) |
{ |
return (equalIgnoringCase(name, ConnectSrc) |
@@ -109,6 +113,7 @@ bool ContentSecurityPolicy::isDirectiveName(const String& name) |
|| equalIgnoringCase(name, PluginTypes) |
|| equalIgnoringCase(name, ReflectedXSS) |
|| equalIgnoringCase(name, Referrer) |
+ || equalIgnoringCase(name, ManifestSrc) |
); |
} |
@@ -533,6 +538,11 @@ bool ContentSecurityPolicy::allowWorkerContextFromSource(const KURL& url, Conten |
isAllowedByAllWithURL<&CSPDirectiveList::allowScriptFromSource>(m_policies, url, reportingStatus); |
} |
+bool ContentSecurityPolicy::allowManifestFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const |
+{ |
+ return isAllowedByAllWithURL<&CSPDirectiveList::allowManifestFromSource>(m_policies, url, reportingStatus); |
+} |
+ |
bool ContentSecurityPolicy::isActive() const |
{ |
return !m_policies.isEmpty(); |