Index: Source/core/page/EventSource.cpp |
diff --git a/Source/core/page/EventSource.cpp b/Source/core/page/EventSource.cpp |
index f60aa0124e07284a3ead5d743b2124d399366025..feca3979f1c04da7dcd3b7e863a5001df12f6274 100644 |
--- a/Source/core/page/EventSource.cpp |
+++ b/Source/core/page/EventSource.cpp |
@@ -87,12 +87,7 @@ PassRefPtrWillBeRawPtr<EventSource> EventSource::create(ExecutionContext* contex |
} |
// FIXME: Convert this to check the isolated world's Content Security Policy once webkit.org/b/104520 is solved. |
- bool shouldBypassMainWorldCSP = false; |
- if (context->isDocument()) { |
- Document* document = toDocument(context); |
- shouldBypassMainWorldCSP = document->frame()->script().shouldBypassMainWorldCSP(); |
- } |
- if (!shouldBypassMainWorldCSP && !context->contentSecurityPolicy()->allowConnectToSource(fullURL)) { |
+ if (!ContentSecurityPolicy::shouldBypassMainWorld(context) && !context->contentSecurityPolicy()->allowConnectToSource(fullURL)) { |
// We can safely expose the URL to JavaScript, as this exception is generate synchronously before any redirects take place. |
exceptionState.throwSecurityError("Refused to connect to '" + fullURL.elidedString() + "' because it violates the document's Content Security Policy."); |
return nullptr; |