Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(417)

Unified Diff: third_party/WebKit/Source/core/loader/FrameFetchContext.h

Issue 1454003003: [CSP] Don't check the path component of the URL when the response was fetched via ServiceWorker. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: third_party/WebKit/Source/core/loader/FrameFetchContext.h
diff --git a/third_party/WebKit/Source/core/loader/FrameFetchContext.h b/third_party/WebKit/Source/core/loader/FrameFetchContext.h
index c2cbc7501e40bef8029ba7386f65d45afe2b1758..2807f14140db3525df5d075de878cede6a639790 100644
--- a/third_party/WebKit/Source/core/loader/FrameFetchContext.h
+++ b/third_party/WebKit/Source/core/loader/FrameFetchContext.h
@@ -34,6 +34,7 @@
#include "core/CoreExport.h"
#include "core/fetch/FetchContext.h"
#include "core/fetch/ResourceFetcher.h"
+#include "core/frame/csp/ContentSecurityPolicy.h"
#include "platform/heap/Handle.h"
#include "platform/network/ResourceRequest.h"
#include "wtf/PassOwnPtr.h"
@@ -86,6 +87,7 @@ public:
void addResourceTiming(const ResourceTimingInfo&) override;
bool allowImage(bool imagesEnabled, const KURL&) const override;
bool canRequest(Resource::Type, const ResourceRequest&, const KURL&, const ResourceLoaderOptions&, bool forPreload, FetchRequest::OriginRestriction) const override;
+ bool allowResponse(Resource::Type, const ResourceRequest&, const KURL&, const ResourceLoaderOptions&) const override;
bool isControlledByServiceWorker() const override;
int64_t serviceWorkerID() const override;
@@ -118,7 +120,7 @@ private:
LocalFrame* frame() const; // Can be null
void printAccessDeniedMessage(const KURL&) const;
- ResourceRequestBlockedReason canRequestInternal(Resource::Type, const ResourceRequest&, const KURL&, const ResourceLoaderOptions&, bool forPreload, FetchRequest::OriginRestriction) const;
+ ResourceRequestBlockedReason canRequestInternal(Resource::Type, const ResourceRequest&, const KURL&, const ResourceLoaderOptions&, bool forPreload, FetchRequest::OriginRestriction, ContentSecurityPolicy::RedirectStatus) const;
// FIXME: Oilpan: Ideally this should just be a traced Member but that will
// currently leak because ComputedStyle and its data are not on the heap.

Powered by Google App Engine
This is Rietveld 408576698