| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
| 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
| 4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
| 5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv
ed. | 5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv
ed. |
| 6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> | 6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> |
| 7 * | 7 * |
| 8 * This library is free software; you can redistribute it and/or | 8 * This library is free software; you can redistribute it and/or |
| 9 * modify it under the terms of the GNU Library General Public | 9 * modify it under the terms of the GNU Library General Public |
| 10 * License as published by the Free Software Foundation; either | 10 * License as published by the Free Software Foundation; either |
| (...skipping 25 matching lines...) Expand all Loading... |
| 36 #include "core/dom/ScriptableDocumentParser.h" | 36 #include "core/dom/ScriptableDocumentParser.h" |
| 37 #include "core/dom/Text.h" | 37 #include "core/dom/Text.h" |
| 38 #include "core/fetch/FetchRequest.h" | 38 #include "core/fetch/FetchRequest.h" |
| 39 #include "core/fetch/ResourceFetcher.h" | 39 #include "core/fetch/ResourceFetcher.h" |
| 40 #include "core/fetch/ScriptResource.h" | 40 #include "core/fetch/ScriptResource.h" |
| 41 #include "core/html/HTMLScriptElement.h" | 41 #include "core/html/HTMLScriptElement.h" |
| 42 #include "core/html/imports/HTMLImport.h" | 42 #include "core/html/imports/HTMLImport.h" |
| 43 #include "core/html/parser/HTMLParserIdioms.h" | 43 #include "core/html/parser/HTMLParserIdioms.h" |
| 44 #include "core/frame/LocalFrame.h" | 44 #include "core/frame/LocalFrame.h" |
| 45 #include "core/frame/csp/ContentSecurityPolicy.h" | 45 #include "core/frame/csp/ContentSecurityPolicy.h" |
| 46 #include "core/inspector/ConsoleMessage.h" |
| 46 #include "core/svg/SVGScriptElement.h" | 47 #include "core/svg/SVGScriptElement.h" |
| 47 #include "platform/MIMETypeRegistry.h" | 48 #include "platform/MIMETypeRegistry.h" |
| 48 #include "platform/weborigin/SecurityOrigin.h" | 49 #include "platform/weborigin/SecurityOrigin.h" |
| 49 #include "wtf/StdLibExtras.h" | 50 #include "wtf/StdLibExtras.h" |
| 50 #include "wtf/text/StringBuilder.h" | 51 #include "wtf/text/StringBuilder.h" |
| 51 #include "wtf/text/StringHash.h" | 52 #include "wtf/text/StringHash.h" |
| 52 | 53 |
| 53 namespace blink { | 54 namespace blink { |
| 54 | 55 |
| 55 ScriptLoader::ScriptLoader(Element* element, bool parserInserted, bool alreadySt
arted) | 56 ScriptLoader::ScriptLoader(Element* element, bool parserInserted, bool alreadySt
arted) |
| (...skipping 251 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 307 bool shouldBypassMainWorldCSP = (frame && frame->script().shouldBypassMainWo
rldCSP()) | 308 bool shouldBypassMainWorldCSP = (frame && frame->script().shouldBypassMainWo
rldCSP()) |
| 308 || csp->allowScriptWithNonce(m_element->fastGetAttribute(HTMLNames::nonc
eAttr)) | 309 || csp->allowScriptWithNonce(m_element->fastGetAttribute(HTMLNames::nonc
eAttr)) |
| 309 || csp->allowScriptWithHash(sourceCode.source()); | 310 || csp->allowScriptWithHash(sourceCode.source()); |
| 310 | 311 |
| 311 if (!m_isExternalScript && (!shouldBypassMainWorldCSP && !csp->allowInlineSc
ript(elementDocument->url(), m_startLineNumber))) | 312 if (!m_isExternalScript && (!shouldBypassMainWorldCSP && !csp->allowInlineSc
ript(elementDocument->url(), m_startLineNumber))) |
| 312 return; | 313 return; |
| 313 | 314 |
| 314 if (m_isExternalScript) { | 315 if (m_isExternalScript) { |
| 315 ScriptResource* resource = m_resource ? m_resource.get() : sourceCode.re
source(); | 316 ScriptResource* resource = m_resource ? m_resource.get() : sourceCode.re
source(); |
| 316 if (resource && !resource->mimeTypeAllowedByNosniff()) { | 317 if (resource && !resource->mimeTypeAllowedByNosniff()) { |
| 317 contextDocument->addConsoleMessage(SecurityMessageSource, ErrorMessa
geLevel, "Refused to execute script from '" + resource->url().elidedString() + "
' because its MIME type ('" + resource->mimeType() + "') is not executable, and
strict MIME type checking is enabled."); | 318 contextDocument->addConsoleMessage(ConsoleMessage::create(SecurityMe
ssageSource, ErrorMessageLevel, "Refused to execute script from '" + resource->u
rl().elidedString() + "' because its MIME type ('" + resource->mimeType() + "')
is not executable, and strict MIME type checking is enabled.")); |
| 318 return; | 319 return; |
| 319 } | 320 } |
| 320 } | 321 } |
| 321 | 322 |
| 322 // FIXME: Can this be moved earlier in the function? | 323 // FIXME: Can this be moved earlier in the function? |
| 323 // Why are we ever attempting to execute scripts without a frame? | 324 // Why are we ever attempting to execute scripts without a frame? |
| 324 if (!frame) | 325 if (!frame) |
| 325 return; | 326 return; |
| 326 | 327 |
| 327 const bool isImportedScript = contextDocument != elementDocument; | 328 const bool isImportedScript = contextDocument != elementDocument; |
| (...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 441 if (isHTMLScriptLoader(element)) | 442 if (isHTMLScriptLoader(element)) |
| 442 return toHTMLScriptElement(element)->loader(); | 443 return toHTMLScriptElement(element)->loader(); |
| 443 | 444 |
| 444 if (isSVGScriptLoader(element)) | 445 if (isSVGScriptLoader(element)) |
| 445 return toSVGScriptElement(element)->loader(); | 446 return toSVGScriptElement(element)->loader(); |
| 446 | 447 |
| 447 return 0; | 448 return 0; |
| 448 } | 449 } |
| 449 | 450 |
| 450 } | 451 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 419203004:
DevTools: wrapping arguments addConsoleMessage in ConsoleMessage (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@wrap-not-all-console-args