Source/core/loader/ResourceLoaderOptions.h - Issue 14949017: Implementation of W3C compliant CSP script-src nonce.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: Source/core/loader/ResourceLoaderOptions.h

Issue 14949017: Implementation of W3C compliant CSP script-src nonce. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: Minor fixes based on Adam's comments Created 7 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: Source/core/loader/ResourceLoaderOptions.h

diff --git a/Source/core/loader/ResourceLoaderOptions.h b/Source/core/loader/ResourceLoaderOptions.h

index 88c1fc0359cdef2bae1674142450b74e0bc8cfd5..cfbcd1ea248b1b7d9841b7c410e5f575855f0dd6 100644

--- a/Source/core/loader/ResourceLoaderOptions.h

+++ b/Source/core/loader/ResourceLoaderOptions.h

@@ -60,6 +60,11 @@ enum SecurityCheckPolicy {

DoSecurityCheck

};

+enum ContentSecurityPolicyCheck {

+ CheckContentSecurityPolicy,

+ DoNotCheckContentSecurityPolicy

+};

struct ResourceLoaderOptions {

ResourceLoaderOptions()

: sendLoadCallbacks(DoNotSendCallbacks)

@@ -68,7 +73,8 @@ struct ResourceLoaderOptions {

, allowCredentials(DoNotAllowStoredCredentials)

, credentialsRequested(ClientDidNotRequestCredentials)

, crossOriginCredentialPolicy(DoNotAskClientForCrossOriginCredentials)

- , securityCheck(DoSecurityCheck) { }

+ , securityCheck(DoSecurityCheck)

+ , contentSecurityPolicyOption(CheckContentSecurityPolicy) { }

ResourceLoaderOptions(

SendCallbackPolicy sendLoadCallbacks,

@@ -77,7 +83,8 @@ struct ResourceLoaderOptions {

StoredCredentials allowCredentials,

CredentialRequest credentialsRequested,

ClientCrossOriginCredentialPolicy crossOriginCredentialPolicy,

- SecurityCheckPolicy securityCheck)

+ SecurityCheckPolicy securityCheck,

+ ContentSecurityPolicyCheck contentSecurityPolicyOption)

: sendLoadCallbacks(sendLoadCallbacks)

, sniffContent(sniffContent)

, dataBufferingPolicy(dataBufferingPolicy)

@@ -85,6 +92,7 @@ struct ResourceLoaderOptions {

, credentialsRequested(credentialsRequested)

, crossOriginCredentialPolicy(crossOriginCredentialPolicy)

, securityCheck(securityCheck)

+ , contentSecurityPolicyOption(contentSecurityPolicyOption)

{

}

SendCallbackPolicy sendLoadCallbacks;

@@ -94,6 +102,7 @@ struct ResourceLoaderOptions {

CredentialRequest credentialsRequested; // Whether the client (e.g. XHR) wanted credentials in the first place.

ClientCrossOriginCredentialPolicy crossOriginCredentialPolicy; // Whether we will ask the client for credentials (if we allow credentials at all).

SecurityCheckPolicy securityCheck;

+ ContentSecurityPolicyCheck contentSecurityPolicyOption;

};

} // namespace WebCore

« Source/core/dom/ScriptElement.cpp ('K') | « Source/core/loader/ResourceLoader.cpp ('k') | Source/core/loader/cache/CachedResourceLoader.h » ('j') | no next file with comments »