OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 774 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
785 { | 785 { |
786 String message = "Ignoring duplicate Content-Security-Policy directive '" +
name + "'.\n"; | 786 String message = "Ignoring duplicate Content-Security-Policy directive '" +
name + "'.\n"; |
787 logToConsole(message); | 787 logToConsole(message); |
788 } | 788 } |
789 | 789 |
790 void ContentSecurityPolicy::reportInvalidPluginTypes(const String& pluginType) | 790 void ContentSecurityPolicy::reportInvalidPluginTypes(const String& pluginType) |
791 { | 791 { |
792 String message; | 792 String message; |
793 if (pluginType.isNull()) | 793 if (pluginType.isNull()) |
794 message = "'plugin-types' Content Security Policy directive is empty; al
l plugins will be blocked.\n"; | 794 message = "'plugin-types' Content Security Policy directive is empty; al
l plugins will be blocked.\n"; |
| 795 else if (pluginType == "'none'") |
| 796 message = "Invalid plugin type in 'plugin-types' Content Security Policy
directive: '" + pluginType + "'. Did you mean to set the object-src directive t
o 'none'?\n"; |
795 else | 797 else |
796 message = "Invalid plugin type in 'plugin-types' Content Security Policy
directive: '" + pluginType + "'.\n"; | 798 message = "Invalid plugin type in 'plugin-types' Content Security Policy
directive: '" + pluginType + "'.\n"; |
797 logToConsole(message); | 799 logToConsole(message); |
798 } | 800 } |
799 | 801 |
800 void ContentSecurityPolicy::reportInvalidSandboxFlags(const String& invalidFlags
) | 802 void ContentSecurityPolicy::reportInvalidSandboxFlags(const String& invalidFlags
) |
801 { | 803 { |
802 logToConsole("Error while parsing the 'sandbox' Content Security Policy dire
ctive: " + invalidFlags); | 804 logToConsole("Error while parsing the 'sandbox' Content Security Policy dire
ctive: " + invalidFlags); |
803 } | 805 } |
804 | 806 |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
889 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. | 891 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. |
890 return !m_violationReportsSent.contains(report.impl()->hash()); | 892 return !m_violationReportsSent.contains(report.impl()->hash()); |
891 } | 893 } |
892 | 894 |
893 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 895 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
894 { | 896 { |
895 m_violationReportsSent.add(report.impl()->hash()); | 897 m_violationReportsSent.add(report.impl()->hash()); |
896 } | 898 } |
897 | 899 |
898 } // namespace blink | 900 } // namespace blink |
OLD | NEW |