Changeset 116177 in webkit
- Timestamp:
- May 4, 2012 2:40:48 PM (12 years ago)
- Location:
- trunk/Source
- Files:
-
- 8 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r116174 r116177 1 2012-05-04 Adam Barth <abarth@webkit.org> 2 3 Refactor CSP state to prepare for having both a ReportOnly and an Enforced policy 4 https://bugs.webkit.org/show_bug.cgi?id=85662 5 6 Reviewed by Eric Seidel. 7 8 This patch refactors the ContentSecurityPolicy state into a separate 9 DirectiveList class to prepare for 10 https://bugs.webkit.org/show_bug.cgi?id=85561, which will cause us to 11 need two directive lists: one for enforcement and one for monitoring. 12 13 This patch shouldn't cause any change in behavior. 14 15 * page/ContentSecurityPolicy.cpp: 16 (CSPDirectiveList): 17 (WebCore::CSPDirectiveList::header): 18 (WebCore::CSPDirectiveList::headerType): 19 (WebCore::CSPDirectiveList::denyIfEnforcingPolicy): 20 (WebCore): 21 (WebCore::CSPDirectiveList::CSPDirectiveList): 22 (WebCore::CSPDirectiveList::create): 23 (WebCore::CSPDirectiveList::reportViolation): 24 (WebCore::CSPDirectiveList::logUnrecognizedDirective): 25 (WebCore::CSPDirectiveList::checkEval): 26 (WebCore::CSPDirectiveList::operativeDirective): 27 (WebCore::CSPDirectiveList::checkInlineAndReportViolation): 28 (WebCore::CSPDirectiveList::checkEvalAndReportViolation): 29 (WebCore::CSPDirectiveList::checkSourceAndReportViolation): 30 (WebCore::CSPDirectiveList::allowJavaScriptURLs): 31 (WebCore::CSPDirectiveList::allowInlineEventHandlers): 32 (WebCore::CSPDirectiveList::allowInlineScript): 33 (WebCore::CSPDirectiveList::allowInlineStyle): 34 (WebCore::CSPDirectiveList::allowEval): 35 (WebCore::CSPDirectiveList::allowScriptFromSource): 36 (WebCore::CSPDirectiveList::allowObjectFromSource): 37 (WebCore::CSPDirectiveList::allowChildFrameFromSource): 38 (WebCore::CSPDirectiveList::allowImageFromSource): 39 (WebCore::CSPDirectiveList::allowStyleFromSource): 40 (WebCore::CSPDirectiveList::allowFontFromSource): 41 (WebCore::CSPDirectiveList::allowMediaFromSource): 42 (WebCore::CSPDirectiveList::allowConnectFromSource): 43 (WebCore::CSPDirectiveList::parse): 44 (WebCore::CSPDirectiveList::parseDirective): 45 (WebCore::CSPDirectiveList::parseReportURI): 46 (WebCore::CSPDirectiveList::createCSPDirective): 47 (WebCore::CSPDirectiveList::applySandboxPolicy): 48 (WebCore::CSPDirectiveList::addDirective): 49 (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): 50 (WebCore::ContentSecurityPolicy::~ContentSecurityPolicy): 51 (WebCore::ContentSecurityPolicy::copyStateFrom): 52 (WebCore::ContentSecurityPolicy::didReceiveHeader): 53 (WebCore::ContentSecurityPolicy::setOverrideAllowInlineStyle): 54 (WebCore::ContentSecurityPolicy::header): 55 (WebCore::ContentSecurityPolicy::headerType): 56 (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): 57 (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): 58 (WebCore::ContentSecurityPolicy::allowInlineScript): 59 (WebCore::ContentSecurityPolicy::allowInlineStyle): 60 (WebCore::ContentSecurityPolicy::allowEval): 61 (WebCore::ContentSecurityPolicy::allowScriptFromSource): 62 (WebCore::ContentSecurityPolicy::allowObjectFromSource): 63 (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): 64 (WebCore::ContentSecurityPolicy::allowImageFromSource): 65 (WebCore::ContentSecurityPolicy::allowStyleFromSource): 66 (WebCore::ContentSecurityPolicy::allowFontFromSource): 67 (WebCore::ContentSecurityPolicy::allowMediaFromSource): 68 (WebCore::ContentSecurityPolicy::allowConnectFromSource): 69 * page/ContentSecurityPolicy.h: 70 (WebCore): 71 * workers/WorkerMessagingProxy.cpp: 72 (WebCore::WorkerMessagingProxy::startWorkerContext): 73 1 74 2012-05-04 Abhishek Arya <inferno@chromium.org> 2 75 -
trunk/Source/WebCore/page/ContentSecurityPolicy.cpp
r116052 r116177 483 483 }; 484 484 485 ContentSecurityPolicy::ContentSecurityPolicy(ScriptExecutionContext* scriptExecutionContext) 486 : m_havePolicy(false) 487 , m_scriptExecutionContext(scriptExecutionContext) 485 class CSPDirectiveList { 486 public: 487 static PassOwnPtr<CSPDirectiveList> create(ScriptExecutionContext*, const String&, ContentSecurityPolicy::HeaderType); 488 489 const String& header() const { return m_header; } 490 ContentSecurityPolicy::HeaderType headerType() const { return m_reportOnly ? ContentSecurityPolicy::ReportOnly : ContentSecurityPolicy::EnforcePolicy; } 491 492 bool allowJavaScriptURLs() const; 493 bool allowInlineEventHandlers() const; 494 bool allowInlineScript() const; 495 bool allowInlineStyle() const; 496 bool allowEval() const; 497 498 bool allowScriptFromSource(const KURL&) const; 499 bool allowObjectFromSource(const KURL&) const; 500 bool allowChildFrameFromSource(const KURL&) const; 501 bool allowImageFromSource(const KURL&) const; 502 bool allowStyleFromSource(const KURL&) const; 503 bool allowFontFromSource(const KURL&) const; 504 bool allowMediaFromSource(const KURL&) const; 505 bool allowConnectFromSource(const KURL&) const; 506 507 private: 508 explicit CSPDirectiveList(ScriptExecutionContext*); 509 510 void parse(const String&); 511 512 bool parseDirective(const UChar* begin, const UChar* end, String& name, String& value); 513 void parseReportURI(const String&); 514 void addDirective(const String& name, const String& value); 515 void applySandboxPolicy(const String& sandboxPolicy); 516 517 PassOwnPtr<CSPDirective> createCSPDirective(const String& name, const String& value); 518 519 CSPDirective* operativeDirective(CSPDirective*) const; 520 void reportViolation(const String& directiveText, const String& consoleMessage) const; 521 void logUnrecognizedDirective(const String& name) const; 522 bool checkEval(CSPDirective*) const; 523 524 bool checkInlineAndReportViolation(CSPDirective*, const String& consoleMessage) const; 525 bool checkEvalAndReportViolation(CSPDirective*, const String& consoleMessage) const; 526 bool checkSourceAndReportViolation(CSPDirective*, const KURL&, const String& type) const; 527 528 bool denyIfEnforcingPolicy() const { return m_reportOnly; } 529 530 ScriptExecutionContext* m_scriptExecutionContext; 531 String m_header; 532 533 bool m_reportOnly; 534 bool m_haveSandboxPolicy; 535 536 OwnPtr<CSPDirective> m_defaultSrc; 537 OwnPtr<CSPDirective> m_scriptSrc; 538 OwnPtr<CSPDirective> m_objectSrc; 539 OwnPtr<CSPDirective> m_frameSrc; 540 OwnPtr<CSPDirective> m_imgSrc; 541 OwnPtr<CSPDirective> m_styleSrc; 542 OwnPtr<CSPDirective> m_fontSrc; 543 OwnPtr<CSPDirective> m_mediaSrc; 544 OwnPtr<CSPDirective> m_connectSrc; 545 546 Vector<KURL> m_reportURLs; 547 }; 548 549 CSPDirectiveList::CSPDirectiveList(ScriptExecutionContext* scriptExecutionContext) 550 : m_scriptExecutionContext(scriptExecutionContext) 488 551 , m_reportOnly(false) 489 552 , m_haveSandboxPolicy(false) 490 , m_overrideInlineStyleAllowed(false) 491 { 492 } 493 494 ContentSecurityPolicy::~ContentSecurityPolicy() 495 { 496 } 497 498 void ContentSecurityPolicy::copyStateFrom(const ContentSecurityPolicy* other) 499 { 500 ASSERT(!m_havePolicy); 501 if (other->m_havePolicy) 502 didReceiveHeader(other->m_header, other->m_reportOnly ? ReportOnly : EnforcePolicy); 503 } 504 505 void ContentSecurityPolicy::didReceiveHeader(const String& header, HeaderType type) 506 { 507 if (m_havePolicy) 508 return; // The first policy wins. 509 510 parse(header); 511 m_havePolicy = true; 512 m_header = header; 553 { 554 } 555 556 PassOwnPtr<CSPDirectiveList> CSPDirectiveList::create(ScriptExecutionContext* scriptExecutionContext, const String& header, ContentSecurityPolicy::HeaderType type) 557 { 558 OwnPtr<CSPDirectiveList> policy = adoptPtr(new CSPDirectiveList(scriptExecutionContext)); 559 policy->parse(header); 560 policy->m_header = header; 513 561 514 562 switch (type) { 515 case ReportOnly:516 m_reportOnly = true;517 return ;518 case EnforcePolicy:519 ASSERT(! m_reportOnly);563 case ContentSecurityPolicy::ReportOnly: 564 policy->m_reportOnly = true; 565 return policy.release(); 566 case ContentSecurityPolicy::EnforcePolicy: 567 ASSERT(!policy->m_reportOnly); 520 568 break; 521 569 } 522 570 523 if (!checkEval(operativeDirective(m_scriptSrc.get()))) 524 m_scriptExecutionContext->disableEval(); 525 } 526 527 void ContentSecurityPolicy::reportViolation(const String& directiveText, const String& consoleMessage) const 571 if (!policy->checkEval(policy->operativeDirective(policy->m_scriptSrc.get()))) 572 scriptExecutionContext->disableEval(); 573 574 return policy.release(); 575 } 576 577 void CSPDirectiveList::reportViolation(const String& directiveText, const String& consoleMessage) const 528 578 { 529 579 String message = m_reportOnly ? "[Report Only] " + consoleMessage : consoleMessage; … … 563 613 } 564 614 565 void C ontentSecurityPolicy::logUnrecognizedDirective(const String& name) const615 void CSPDirectiveList::logUnrecognizedDirective(const String& name) const 566 616 { 567 617 String message = makeString("Unrecognized Content-Security-Policy directive '", name, "'.\n"); … … 569 619 } 570 620 571 bool C ontentSecurityPolicy::checkEval(CSPDirective* directive) const621 bool CSPDirectiveList::checkEval(CSPDirective* directive) const 572 622 { 573 623 return !directive || directive->allowEval(); 574 624 } 575 625 576 CSPDirective* C ontentSecurityPolicy::operativeDirective(CSPDirective* directive) const626 CSPDirective* CSPDirectiveList::operativeDirective(CSPDirective* directive) const 577 627 { 578 628 return directive ? directive : m_defaultSrc.get(); 579 629 } 580 630 581 bool C ontentSecurityPolicy::checkInlineAndReportViolation(CSPDirective* directive, const String& consoleMessage) const631 bool CSPDirectiveList::checkInlineAndReportViolation(CSPDirective* directive, const String& consoleMessage) const 582 632 { 583 633 if (!directive || directive->allowInline()) … … 587 637 } 588 638 589 bool C ontentSecurityPolicy::checkEvalAndReportViolation(CSPDirective* directive, const String& consoleMessage) const639 bool CSPDirectiveList::checkEvalAndReportViolation(CSPDirective* directive, const String& consoleMessage) const 590 640 { 591 641 if (checkEval(directive)) … … 595 645 } 596 646 597 bool C ontentSecurityPolicy::checkSourceAndReportViolation(CSPDirective* directive, const KURL& url, const String& type) const647 bool CSPDirectiveList::checkSourceAndReportViolation(CSPDirective* directive, const KURL& url, const String& type) const 598 648 { 599 649 if (!directive || directive->allows(url)) … … 603 653 } 604 654 605 bool C ontentSecurityPolicy::allowJavaScriptURLs() const655 bool CSPDirectiveList::allowJavaScriptURLs() const 606 656 { 607 657 DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to execute JavaScript URL because of Content-Security-Policy.\n")); … … 609 659 } 610 660 611 bool C ontentSecurityPolicy::allowInlineEventHandlers() const661 bool CSPDirectiveList::allowInlineEventHandlers() const 612 662 { 613 663 DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to execute inline event handler because of Content-Security-Policy.\n")); … … 615 665 } 616 666 617 bool C ontentSecurityPolicy::allowInlineScript() const667 bool CSPDirectiveList::allowInlineScript() const 618 668 { 619 669 DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to execute inline script because of Content-Security-Policy.\n")); … … 621 671 } 622 672 623 bool C ontentSecurityPolicy::allowInlineStyle() const673 bool CSPDirectiveList::allowInlineStyle() const 624 674 { 625 675 DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to apply inline style because of Content-Security-Policy.\n")); 626 return m_overrideInlineStyleAllowed ||checkInlineAndReportViolation(operativeDirective(m_styleSrc.get()), consoleMessage);627 } 628 629 bool C ontentSecurityPolicy::allowEval() const676 return checkInlineAndReportViolation(operativeDirective(m_styleSrc.get()), consoleMessage); 677 } 678 679 bool CSPDirectiveList::allowEval() const 630 680 { 631 681 DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to evaluate script because of Content-Security-Policy.\n")); … … 633 683 } 634 684 635 bool C ontentSecurityPolicy::allowScriptFromSource(const KURL& url) const685 bool CSPDirectiveList::allowScriptFromSource(const KURL& url) const 636 686 { 637 687 DEFINE_STATIC_LOCAL(String, type, ("script")); … … 639 689 } 640 690 641 bool C ontentSecurityPolicy::allowObjectFromSource(const KURL& url) const691 bool CSPDirectiveList::allowObjectFromSource(const KURL& url) const 642 692 { 643 693 DEFINE_STATIC_LOCAL(String, type, ("object")); … … 647 697 } 648 698 649 bool C ontentSecurityPolicy::allowChildFrameFromSource(const KURL& url) const699 bool CSPDirectiveList::allowChildFrameFromSource(const KURL& url) const 650 700 { 651 701 DEFINE_STATIC_LOCAL(String, type, ("frame")); … … 655 705 } 656 706 657 bool C ontentSecurityPolicy::allowImageFromSource(const KURL& url) const707 bool CSPDirectiveList::allowImageFromSource(const KURL& url) const 658 708 { 659 709 DEFINE_STATIC_LOCAL(String, type, ("image")); … … 661 711 } 662 712 663 bool C ontentSecurityPolicy::allowStyleFromSource(const KURL& url) const713 bool CSPDirectiveList::allowStyleFromSource(const KURL& url) const 664 714 { 665 715 DEFINE_STATIC_LOCAL(String, type, ("style")); … … 667 717 } 668 718 669 bool C ontentSecurityPolicy::allowFontFromSource(const KURL& url) const719 bool CSPDirectiveList::allowFontFromSource(const KURL& url) const 670 720 { 671 721 DEFINE_STATIC_LOCAL(String, type, ("font")); … … 673 723 } 674 724 675 bool C ontentSecurityPolicy::allowMediaFromSource(const KURL& url) const725 bool CSPDirectiveList::allowMediaFromSource(const KURL& url) const 676 726 { 677 727 DEFINE_STATIC_LOCAL(String, type, ("media")); … … 679 729 } 680 730 681 bool C ontentSecurityPolicy::allowConnectFromSource(const KURL& url) const731 bool CSPDirectiveList::allowConnectFromSource(const KURL& url) const 682 732 { 683 733 DEFINE_STATIC_LOCAL(String, type, ("connect")); 684 734 return checkSourceAndReportViolation(operativeDirective(m_connectSrc.get()), url, type); 685 }686 687 void ContentSecurityPolicy::setOverrideAllowInlineStyle(bool value)688 {689 m_overrideInlineStyleAllowed = value;690 735 } 691 736 … … 693 738 // directive-list = [ directive *( ";" [ directive ] ) ] 694 739 // 695 void ContentSecurityPolicy::parse(const String& policy) 696 { 697 ASSERT(!m_havePolicy); 698 740 void CSPDirectiveList::parse(const String& policy) 741 { 699 742 if (policy.isEmpty()) 700 743 return; … … 722 765 // directive-value = *( WSP / <VCHAR except ";"> ) 723 766 // 724 bool C ontentSecurityPolicy::parseDirective(const UChar* begin, const UChar* end, String& name, String& value)767 bool CSPDirectiveList::parseDirective(const UChar* begin, const UChar* end, String& name, String& value) 725 768 { 726 769 ASSERT(name.isEmpty()); … … 761 804 } 762 805 763 void C ontentSecurityPolicy::parseReportURI(const String& value)806 void CSPDirectiveList::parseReportURI(const String& value) 764 807 { 765 808 const UChar* position = value.characters(); … … 779 822 } 780 823 781 PassOwnPtr<CSPDirective> C ontentSecurityPolicy::createCSPDirective(const String& name, const String& value)824 PassOwnPtr<CSPDirective> CSPDirectiveList::createCSPDirective(const String& name, const String& value) 782 825 { 783 826 return adoptPtr(new CSPDirective(name, value, m_scriptExecutionContext)); 784 827 } 785 828 786 void C ontentSecurityPolicy::applySandboxPolicy(const String& sandboxPolicy)829 void CSPDirectiveList::applySandboxPolicy(const String& sandboxPolicy) 787 830 { 788 831 ASSERT(!m_haveSandboxPolicy); … … 791 834 } 792 835 793 void C ontentSecurityPolicy::addDirective(const String& name, const String& value)836 void CSPDirectiveList::addDirective(const String& name, const String& value) 794 837 { 795 838 DEFINE_STATIC_LOCAL(String, defaultSrc, ("default-src")); … … 833 876 } 834 877 835 } 878 ContentSecurityPolicy::ContentSecurityPolicy(ScriptExecutionContext* scriptExecutionContext) 879 : m_scriptExecutionContext(scriptExecutionContext) 880 , m_overrideInlineStyleAllowed(false) 881 { 882 } 883 884 ContentSecurityPolicy::~ContentSecurityPolicy() 885 { 886 } 887 888 void ContentSecurityPolicy::copyStateFrom(const ContentSecurityPolicy* other) 889 { 890 ASSERT(!m_policy); 891 if (other->m_policy) 892 didReceiveHeader(other->header(), other->headerType()); 893 } 894 895 void ContentSecurityPolicy::didReceiveHeader(const String& header, HeaderType type) 896 { 897 if (m_policy) 898 return; // The first policy wins. 899 m_policy = CSPDirectiveList::create(m_scriptExecutionContext, header, type); 900 } 901 902 void ContentSecurityPolicy::setOverrideAllowInlineStyle(bool value) 903 { 904 m_overrideInlineStyleAllowed = value; 905 } 906 907 const String& ContentSecurityPolicy::header() const 908 { 909 return m_policy ? m_policy->header() : emptyString(); 910 } 911 912 ContentSecurityPolicy::HeaderType ContentSecurityPolicy::headerType() const 913 { 914 return m_policy ? m_policy->headerType() : EnforcePolicy; 915 } 916 917 bool ContentSecurityPolicy::allowJavaScriptURLs() const 918 { 919 return !m_policy || m_policy->allowJavaScriptURLs(); 920 } 921 922 bool ContentSecurityPolicy::allowInlineEventHandlers() const 923 { 924 return !m_policy || m_policy->allowInlineEventHandlers(); 925 } 926 927 bool ContentSecurityPolicy::allowInlineScript() const 928 { 929 return !m_policy || m_policy->allowInlineScript(); 930 } 931 932 bool ContentSecurityPolicy::allowInlineStyle() const 933 { 934 return !m_policy || m_overrideInlineStyleAllowed || m_policy->allowInlineStyle(); 935 } 936 937 bool ContentSecurityPolicy::allowEval() const 938 { 939 return !m_policy || m_policy->allowEval(); 940 } 941 942 bool ContentSecurityPolicy::allowScriptFromSource(const KURL& url) const 943 { 944 return !m_policy || m_policy->allowScriptFromSource(url); 945 } 946 947 bool ContentSecurityPolicy::allowObjectFromSource(const KURL& url) const 948 { 949 return !m_policy || m_policy->allowObjectFromSource(url); 950 } 951 952 bool ContentSecurityPolicy::allowChildFrameFromSource(const KURL& url) const 953 { 954 return !m_policy || m_policy->allowChildFrameFromSource(url); 955 } 956 957 bool ContentSecurityPolicy::allowImageFromSource(const KURL& url) const 958 { 959 return !m_policy || m_policy->allowImageFromSource(url); 960 } 961 962 bool ContentSecurityPolicy::allowStyleFromSource(const KURL& url) const 963 { 964 return !m_policy || m_policy->allowStyleFromSource(url); 965 } 966 967 bool ContentSecurityPolicy::allowFontFromSource(const KURL& url) const 968 { 969 return !m_policy || m_policy->allowFontFromSource(url); 970 } 971 972 bool ContentSecurityPolicy::allowMediaFromSource(const KURL& url) const 973 { 974 return !m_policy || m_policy->allowMediaFromSource(url); 975 } 976 977 bool ContentSecurityPolicy::allowConnectFromSource(const KURL& url) const 978 { 979 return !m_policy || m_policy->allowConnectFromSource(url); 980 } 981 982 } -
trunk/Source/WebCore/page/ContentSecurityPolicy.h
r116066 r116177 34 34 namespace WebCore { 35 35 36 class CSPDirective ;36 class CSPDirectiveList; 37 37 class ScriptExecutionContext; 38 38 class KURL; … … 54 54 55 55 void didReceiveHeader(const String&, HeaderType); 56 String policy() { return m_header; } 57 HeaderType headerType() { return m_reportOnly ? ReportOnly : EnforcePolicy; } 56 57 const String& header() const; 58 HeaderType headerType() const; 58 59 59 60 bool allowJavaScriptURLs() const; … … 77 78 explicit ContentSecurityPolicy(ScriptExecutionContext*); 78 79 79 void parse(const String&);80 bool parseDirective(const UChar* begin, const UChar* end, String& name, String& value);81 void parseReportURI(const String&);82 void addDirective(const String& name, const String& value);83 void applySandboxPolicy(const String& sandboxPolicy);84 85 PassOwnPtr<CSPDirective> createCSPDirective(const String& name, const String& value);86 87 CSPDirective* operativeDirective(CSPDirective*) const;88 void reportViolation(const String& directiveText, const String& consoleMessage) const;89 void logUnrecognizedDirective(const String& name) const;90 bool checkEval(CSPDirective*) const;91 92 bool checkInlineAndReportViolation(CSPDirective*, const String& consoleMessage) const;93 bool checkEvalAndReportViolation(CSPDirective*, const String& consoleMessage) const;94 bool checkSourceAndReportViolation(CSPDirective*, const KURL&, const String& type) const;95 96 bool denyIfEnforcingPolicy() const { return m_reportOnly; }97 98 bool m_havePolicy;99 80 ScriptExecutionContext* m_scriptExecutionContext; 100 101 bool m_reportOnly;102 String m_header;103 OwnPtr<CSPDirective> m_defaultSrc;104 OwnPtr<CSPDirective> m_scriptSrc;105 OwnPtr<CSPDirective> m_objectSrc;106 OwnPtr<CSPDirective> m_frameSrc;107 OwnPtr<CSPDirective> m_imgSrc;108 OwnPtr<CSPDirective> m_styleSrc;109 OwnPtr<CSPDirective> m_fontSrc;110 OwnPtr<CSPDirective> m_mediaSrc;111 OwnPtr<CSPDirective> m_connectSrc;112 bool m_haveSandboxPolicy;113 81 bool m_overrideInlineStyleAllowed; 114 Vector<KURL> m_reportURLs;82 OwnPtr<CSPDirectiveList> m_policy; 115 83 }; 116 84 -
trunk/Source/WebCore/workers/DefaultSharedWorkerRepository.cpp
r113138 r116177 323 323 DefaultSharedWorkerRepository::instance().workerScriptLoaded(*m_proxy, m_worker->scriptExecutionContext()->userAgent(m_scriptLoader->url()), 324 324 m_scriptLoader->script(), m_port.release(), 325 m_worker->scriptExecutionContext()->contentSecurityPolicy()-> policy(),325 m_worker->scriptExecutionContext()->contentSecurityPolicy()->header(), 326 326 m_worker->scriptExecutionContext()->contentSecurityPolicy()->headerType()); 327 327 } -
trunk/Source/WebCore/workers/WorkerMessagingProxy.cpp
r113138 r116177 273 273 { 274 274 RefPtr<DedicatedWorkerThread> thread = DedicatedWorkerThread::create(scriptURL, userAgent, sourceCode, *this, *this, startMode, 275 m_scriptExecutionContext->contentSecurityPolicy()-> policy(),275 m_scriptExecutionContext->contentSecurityPolicy()->header(), 276 276 m_scriptExecutionContext->contentSecurityPolicy()->headerType()); 277 277 workerThreadCreated(thread); -
trunk/Source/WebKit/chromium/ChangeLog
r116142 r116177 1 2012-05-04 Adam Barth <abarth@webkit.org> 2 3 Refactor CSP state to prepare for having both a ReportOnly and an Enforced policy 4 https://bugs.webkit.org/show_bug.cgi?id=85662 5 6 Reviewed by Eric Seidel. 7 8 Update callers to the new function name. 9 10 * src/SharedWorkerRepository.cpp: 11 (WebCore::SharedWorkerScriptLoader::notifyFinished): 12 * src/WebWorkerClientImpl.cpp: 13 (WebKit::WebWorkerClientImpl::startWorkerContext): 14 1 15 2012-05-04 Sami Kyostila <skyostil@chromium.org> 2 16 -
trunk/Source/WebKit/chromium/src/SharedWorkerRepository.cpp
r105380 r116177 172 172 // Pass the script off to the worker, then send a connect event. 173 173 m_webWorker->startWorkerContext(m_url, m_name, m_worker->scriptExecutionContext()->userAgent(m_url), m_scriptLoader->script(), 174 m_worker->scriptExecutionContext()->contentSecurityPolicy()-> policy(),174 m_worker->scriptExecutionContext()->contentSecurityPolicy()->header(), 175 175 static_cast<WebKit::WebContentSecurityPolicyType>(m_worker->scriptExecutionContext()->contentSecurityPolicy()->headerType()), 176 176 m_responseAppCacheID); -
trunk/Source/WebKit/chromium/src/WebWorkerClientImpl.cpp
r114215 r116177 88 88 { 89 89 RefPtr<DedicatedWorkerThread> thread = DedicatedWorkerThread::create(scriptURL, userAgent, sourceCode, *this, *this, startMode, 90 m_scriptExecutionContext->contentSecurityPolicy()-> policy(),90 m_scriptExecutionContext->contentSecurityPolicy()->header(), 91 91 m_scriptExecutionContext->contentSecurityPolicy()->headerType()); 92 92 m_proxy->workerThreadCreated(thread);
Note: See TracChangeset
for help on using the changeset viewer.