Changeset 109730 in webkit
- Timestamp:
- Mar 5, 2012 2:44:40 AM (12 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r109728 r109730 1 2012-03-02 Alexander Pavlov <apavlov@chromium.org> 2 3 Web Inspector: [Styles] [CRASH] Handle rule addition and inline style editing failure due to Content-Security-Policy in the page 4 https://bugs.webkit.org/show_bug.cgi?id=80024 5 6 Reviewed by Pavel Feldman. 7 8 * inspector/styles/add-new-rule-inline-style-csp-expected.txt: Added. 9 * inspector/styles/add-new-rule-inline-style-csp.html: Added. 10 1 11 2012-03-05 Pavel Podivilov <podivilov@chromium.org> 2 12 -
trunk/Source/WebCore/ChangeLog
r109729 r109730 1 2012-03-02 Alexander Pavlov <apavlov@chromium.org> 2 3 Web Inspector: [Styles] [CRASH] Handle rule addition and inline style editing failure due to Content-Security-Policy in the page 4 https://bugs.webkit.org/show_bug.cgi?id=80024 5 6 Reviewed by Pavel Feldman. 7 8 Test: inspector/styles/add-new-rule-inline-style-csp.html 9 10 * inspector/InspectorCSSAgent.cpp: 11 (WebCore::InspectorCSSAgent::viaInspectorStyleSheet): 12 * inspector/InspectorCSSAgent.h: 13 (InlineStyleOverrideScope): 14 (WebCore::InspectorCSSAgent::InlineStyleOverrideScope::InlineStyleOverrideScope): 15 (WebCore::InspectorCSSAgent::InlineStyleOverrideScope::~InlineStyleOverrideScope): 16 (InspectorCSSAgent): 17 * inspector/InspectorStyleSheet.cpp: 18 (WebCore::InspectorStyleSheetForInlineStyle::setStyleText): 19 * page/ContentSecurityPolicy.cpp: 20 (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): 21 (WebCore::ContentSecurityPolicy::allowInlineStyle): 22 (WebCore::ContentSecurityPolicy::setOverrideAllowInlineStyle): 23 (WebCore): 24 * page/ContentSecurityPolicy.h: 25 (ContentSecurityPolicy): 26 1 27 2012-03-05 Yoshifumi Inoue <yosin@chromium.org> 2 28 -
trunk/Source/WebCore/inspector/InspectorCSSAgent.cpp
r109116 r109730 37 37 #include "CSSStyleSelector.h" 38 38 #include "CSSStyleSheet.h" 39 #include "ContentSecurityPolicy.h" 39 40 #include "DOMWindow.h" 40 41 #include "HTMLHeadElement.h" … … 897 898 else 898 899 return 0; 900 901 InlineStyleOverrideScope overrideScope(document); 899 902 targetNode->appendChild(styleElement, ec); 900 903 } … … 903 906 StyleSheetList* styleSheets = document->styleSheets(); 904 907 StyleSheet* styleSheet = styleSheets->item(styleSheets->length() - 1); 905 if (!styleSheet ->isCSSStyleSheet())908 if (!styleSheet || !styleSheet->isCSSStyleSheet()) 906 909 return 0; 907 910 CSSStyleSheet* cssStyleSheet = static_cast<CSSStyleSheet*>(styleSheet); -
trunk/Source/WebCore/inspector/InspectorCSSAgent.h
r107683 r109730 27 27 28 28 #include "CSSSelector.h" 29 #include "ContentSecurityPolicy.h" 29 30 #include "Document.h" 30 31 #include "InspectorBaseAgent.h" … … 33 34 #include "InspectorValues.h" 34 35 #include "PlatformString.h" 36 #include "SecurityContext.h" 35 37 36 38 #include <wtf/HashMap.h> … … 62 64 WTF_MAKE_NONCOPYABLE(InspectorCSSAgent); 63 65 public: 66 class InlineStyleOverrideScope { 67 public: 68 InlineStyleOverrideScope(SecurityContext* context) 69 : m_contentSecurityPolicy(context->contentSecurityPolicy()) 70 { 71 m_contentSecurityPolicy->setOverrideAllowInlineStyle(true); 72 } 73 74 ~InlineStyleOverrideScope() 75 { 76 m_contentSecurityPolicy->setOverrideAllowInlineStyle(false); 77 } 78 79 private: 80 ContentSecurityPolicy* m_contentSecurityPolicy; 81 }; 82 64 83 static CSSStyleRule* asCSSStyleRule(CSSRule*); 65 84 -
trunk/Source/WebCore/inspector/InspectorStyleSheet.cpp
r109116 r109730 37 37 #include "CSSStyleSelector.h" 38 38 #include "CSSStyleSheet.h" 39 #include "ContentSecurityPolicy.h" 39 40 #include "Document.h" 40 41 #include "Element.h" … … 1320 1321 ASSERT_UNUSED(style, style == inlineStyle()); 1321 1322 ExceptionCode ec = 0; 1322 m_element->setAttribute("style", text, ec); 1323 1324 { 1325 InspectorCSSAgent::InlineStyleOverrideScope overrideScope(m_element->ownerDocument()); 1326 m_element->setAttribute("style", text, ec); 1327 } 1328 1323 1329 m_styleText = text; 1324 1330 m_isStyleTextValid = true; -
trunk/Source/WebCore/page/ContentSecurityPolicy.cpp
r103617 r109730 488 488 , m_reportOnly(false) 489 489 , m_haveSandboxPolicy(false) 490 , m_overrideInlineStyleAllowed(false) 490 491 { 491 492 } … … 623 624 { 624 625 DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to apply inline style because of Content-Security-Policy.\n")); 625 return checkInlineAndReportViolation(operativeDirective(m_styleSrc.get()), consoleMessage);626 return m_overrideInlineStyleAllowed || checkInlineAndReportViolation(operativeDirective(m_styleSrc.get()), consoleMessage); 626 627 } 627 628 … … 678 679 DEFINE_STATIC_LOCAL(String, type, ("connect")); 679 680 return checkSourceAndReportViolation(operativeDirective(m_connectSrc.get()), url, type); 681 } 682 683 void ContentSecurityPolicy::setOverrideAllowInlineStyle(bool value) 684 { 685 m_overrideInlineStyleAllowed = value; 680 686 } 681 687 -
trunk/Source/WebCore/page/ContentSecurityPolicy.h
r104329 r109730 71 71 bool allowConnectFromSource(const KURL&) const; 72 72 73 void setOverrideAllowInlineStyle(bool); 74 73 75 private: 74 76 explicit ContentSecurityPolicy(ScriptExecutionContext*); … … 108 110 OwnPtr<CSPDirective> m_connectSrc; 109 111 bool m_haveSandboxPolicy; 112 bool m_overrideInlineStyleAllowed; 110 113 Vector<KURL> m_reportURLs; 111 114 };
Note: See TracChangeset
for help on using the changeset viewer.