<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[129525] trunk</title>
</head>
<body>

<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/129525">129525</a></dd>
<dt>Author</dt> <dd>commit-queue@webkit.org</dd>
<dt>Date</dt> <dd>2012-09-25 10:24:18 -0700 (Tue, 25 Sep 2012)</dd>
</dl>

<h3>Log Message</h3>
<pre>CSP paths: Ignore invalid path components, rather than dropping the source completely.
https://bugs.webkit.org/show_bug.cgi?id=97538

Patch by Mike West &lt;mkwst@google.com&gt; on 2012-09-25
Reviewed by Adam Barth.

Source/WebCore:

Content Security Policy directives that accept source lists currently
handle soure URI paths containing '?' or '#' in a draconian fashion by
dropping the entire source expression. We should be slightly friendlier,
and ignore simply the portion of the source expression that we know to
be invalid, just as we previously ignored everything after and including
a '/' in source expressions before we supported paths.

The new behavior is covered by existing tests, and two test-cases added
to http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02.html.

* page/ContentSecurityPolicy.cpp:
(WebCore::CSPSourceList::parsePath):
    Report an error to the console, rather than ignoring a path that
    contains an invalid fragment or query.
(WebCore::ContentSecurityPolicy::reportInvalidPathCharacter):
(WebCore):
* page/ContentSecurityPolicy.h:
    Add a new warning type to cover this case.

LayoutTests:

* http/tests/security/contentSecurityPolicy/source-list-parsing-05-expected.txt:
* http/tests/security/contentSecurityPolicy/source-list-parsing-06-expected.txt:
    Updating to the new error message.
* http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02-expected.txt:
* http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02.html:
    Adding new tests to check that valid paths followed by '?' or '#'
    drop the invalid component, but remain valid sources.</pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsChangeLog">trunk/LayoutTests/ChangeLog</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycontentSecurityPolicysourcelistparsing05expectedtxt">trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-05-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycontentSecurityPolicysourcelistparsing06expectedtxt">trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-06-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycontentSecurityPolicysourcelistparsingpaths02expectedtxt">trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycontentSecurityPolicysourcelistparsingpaths02html">trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02.html</a></li>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCorepageContentSecurityPolicycpp">trunk/Source/WebCore/page/ContentSecurityPolicy.cpp</a></li>
<li><a href="#trunkSourceWebCorepageContentSecurityPolicyh">trunk/Source/WebCore/page/ContentSecurityPolicy.h</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkLayoutTestsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/ChangeLog (129524 => 129525)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/ChangeLog        2012-09-25 17:22:28 UTC (rev 129524)
+++ trunk/LayoutTests/ChangeLog        2012-09-25 17:24:18 UTC (rev 129525)
</span><span class="lines">@@ -1,3 +1,18 @@
</span><ins>+2012-09-25  Mike West  &lt;mkwst@google.com&gt;
+
+        CSP paths: Ignore invalid path components, rather than dropping the source completely.
+        https://bugs.webkit.org/show_bug.cgi?id=97538
+
+        Reviewed by Adam Barth.
+
+        * http/tests/security/contentSecurityPolicy/source-list-parsing-05-expected.txt:
+        * http/tests/security/contentSecurityPolicy/source-list-parsing-06-expected.txt:
+            Updating to the new error message.
+        * http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02-expected.txt:
+        * http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02.html:
+            Adding new tests to check that valid paths followed by '?' or '#'
+            drop the invalid component, but remain valid sources.
+
</ins><span class="cx"> 2012-09-25  Zan Dobersek  &lt;zandobersek@gmail.com&gt;
</span><span class="cx"> 
</span><span class="cx">         Unreviewed GTK gardening.
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycontentSecurityPolicysourcelistparsing05expectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-05-expected.txt (129524 => 129525)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-05-expected.txt        2012-09-25 17:22:28 UTC (rev 129524)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-05-expected.txt        2012-09-25 17:24:18 UTC (rev 129525)
</span><span class="lines">@@ -1,17 +1,17 @@
</span><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src 127.0.0.1:*/path&quot;.
</span><span class="cx"> 
</span><del>-CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: '127.0.0.1:*/path?query=string'. It will be ignored.
</del><ins>+CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains a source with an invalid path: '/path?query=string'. The query component, including the '?', will be ignored.
</ins><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src 127.0.0.1:*/path?query=string&quot;.
</span><span class="cx"> 
</span><del>-CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: '127.0.0.1:*/path#anchor'. It will be ignored.
</del><ins>+CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains a source with an invalid path: '/path#anchor'. The fragment identifier, including the '#', will be ignored.
</ins><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src 127.0.0.1:*/path#anchor&quot;.
</span><span class="cx"> 
</span><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src 127.0.0.1:8000/path&quot;.
</span><span class="cx"> 
</span><del>-CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: '127.0.0.1:8000/path?query=string'. It will be ignored.
</del><ins>+CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains a source with an invalid path: '/path?query=string'. The query component, including the '?', will be ignored.
</ins><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src 127.0.0.1:8000/path?query=string&quot;.
</span><span class="cx"> 
</span><del>-CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: '127.0.0.1:8000/path#anchor'. It will be ignored.
</del><ins>+CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains a source with an invalid path: '/path#anchor'. The fragment identifier, including the '#', will be ignored.
</ins><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src 127.0.0.1:8000/path#anchor&quot;.
</span><span class="cx"> 
</span><span class="cx"> CONSOLE MESSAGE: Unrecognized Content-Security-Policy directive 'pathwithasemicolon'.
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycontentSecurityPolicysourcelistparsing06expectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-06-expected.txt (129524 => 129525)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-06-expected.txt        2012-09-25 17:22:28 UTC (rev 129524)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-06-expected.txt        2012-09-25 17:24:18 UTC (rev 129525)
</span><span class="lines">@@ -1,17 +1,17 @@
</span><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src http://127.0.0.1:*/path&quot;.
</span><span class="cx"> 
</span><del>-CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: 'http://127.0.0.1:*/path?query=string'. It will be ignored.
</del><ins>+CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains a source with an invalid path: '/path?query=string'. The query component, including the '?', will be ignored.
</ins><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src http://127.0.0.1:*/path?query=string&quot;.
</span><span class="cx"> 
</span><del>-CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: 'http://127.0.0.1:*/path#anchor'. It will be ignored.
</del><ins>+CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains a source with an invalid path: '/path#anchor'. The fragment identifier, including the '#', will be ignored.
</ins><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src http://127.0.0.1:*/path#anchor&quot;.
</span><span class="cx"> 
</span><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src http://127.0.0.1:8000/path&quot;.
</span><span class="cx"> 
</span><del>-CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: 'http://127.0.0.1:8000/path?query=string'. It will be ignored.
</del><ins>+CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains a source with an invalid path: '/path?query=string'. The query component, including the '?', will be ignored.
</ins><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src http://127.0.0.1:8000/path?query=string&quot;.
</span><span class="cx"> 
</span><del>-CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: 'http://127.0.0.1:8000/path#anchor'. It will be ignored.
</del><ins>+CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains a source with an invalid path: '/path#anchor'. The fragment identifier, including the '#', will be ignored.
</ins><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src http://127.0.0.1:8000/path#anchor&quot;.
</span><span class="cx"> 
</span><span class="cx"> CONSOLE MESSAGE: Unrecognized Content-Security-Policy directive 'pathwithasemicolon'.
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycontentSecurityPolicysourcelistparsingpaths02expectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02-expected.txt (129524 => 129525)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02-expected.txt        2012-09-25 17:22:28 UTC (rev 129524)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02-expected.txt        2012-09-25 17:24:18 UTC (rev 129525)
</span><span class="lines">@@ -1,7 +1,9 @@
</span><del>-CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: '127.0.0.1:*/not-security#query=string'. It will be ignored.
</del><ins>+CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains a source with an invalid path: '/security#query=string'. The fragment identifier, including the '#', will be ignored.
+CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains a source with an invalid path: '/security?query=string'. The query component, including the '?', will be ignored.
+CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains a source with an invalid path: '/not-security#query=string'. The fragment identifier, including the '#', will be ignored.
</ins><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src 127.0.0.1:*/not-security#query=string&quot;.
</span><span class="cx"> 
</span><del>-CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: '127.0.0.1:*/not-security?query=string'. It will be ignored.
</del><ins>+CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains a source with an invalid path: '/not-security?query=string'. The query component, including the '?', will be ignored.
</ins><span class="cx"> CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: &quot;script-src 127.0.0.1:*/not-security?query=string&quot;.
</span><span class="cx"> 
</span><span class="cx"> CONSOLE MESSAGE: Unrecognized Content-Security-Policy directive 'not-contentSecurityPolicy'.
</span><span class="lines">@@ -39,3 +41,13 @@
</span><span class="cx"> Frame: '&lt;!--framePath //&lt;!--frame5--&gt;--&gt;'
</span><span class="cx"> --------
</span><span class="cx"> PASS
</span><ins>+
+--------
+Frame: '&lt;!--framePath //&lt;!--frame6--&gt;--&gt;'
+--------
+PASS
+
+--------
+Frame: '&lt;!--framePath //&lt;!--frame7--&gt;--&gt;'
+--------
+PASS
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycontentSecurityPolicysourcelistparsingpaths02html"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02.html (129524 => 129525)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02.html        2012-09-25 17:22:28 UTC (rev 129524)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02.html        2012-09-25 17:24:18 UTC (rev 129525)
</span><span class="lines">@@ -4,6 +4,8 @@
</span><span class="cx"> &lt;script src='resources/multiple-iframe-test.js'&gt;&lt;/script&gt;
</span><span class="cx"> &lt;script&gt;
</span><span class="cx"> var tests = [
</span><ins>+    ['yes', 'script-src 127.0.0.1:*/security#query=string', 'resources/script.js'],
+    ['yes', 'script-src 127.0.0.1:*/security?query=string', 'resources/script.js'],
</ins><span class="cx">     ['no', 'script-src 127.0.0.1:*/not-security#query=string', 'resources/script.js'],
</span><span class="cx">     ['no', 'script-src 127.0.0.1:*/not-security?query=string', 'resources/script.js'],
</span><span class="cx">     ['yes', 'script-src 127.0.0.1:*/security', 'resources/script.js'],
</span></span></pre></div>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (129524 => 129525)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog        2012-09-25 17:22:28 UTC (rev 129524)
+++ trunk/Source/WebCore/ChangeLog        2012-09-25 17:24:18 UTC (rev 129525)
</span><span class="lines">@@ -1,3 +1,29 @@
</span><ins>+2012-09-25  Mike West  &lt;mkwst@google.com&gt;
+
+        CSP paths: Ignore invalid path components, rather than dropping the source completely.
+        https://bugs.webkit.org/show_bug.cgi?id=97538
+
+        Reviewed by Adam Barth.
+
+        Content Security Policy directives that accept source lists currently
+        handle soure URI paths containing '?' or '#' in a draconian fashion by
+        dropping the entire source expression. We should be slightly friendlier,
+        and ignore simply the portion of the source expression that we know to
+        be invalid, just as we previously ignored everything after and including
+        a '/' in source expressions before we supported paths.
+
+        The new behavior is covered by existing tests, and two test-cases added
+        to http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02.html.
+
+        * page/ContentSecurityPolicy.cpp:
+        (WebCore::CSPSourceList::parsePath):
+            Report an error to the console, rather than ignoring a path that
+            contains an invalid fragment or query.
+        (WebCore::ContentSecurityPolicy::reportInvalidPathCharacter):
+        (WebCore):
+        * page/ContentSecurityPolicy.h:
+            Add a new warning type to cover this case.
+
</ins><span class="cx"> 2012-09-25  commit-queue@webkit.org  &lt;commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc&gt;
</span><span class="cx"> 
</span><span class="cx">         [BlackBerry] Reverting implementation for 407 error pages
</span></span></pre></div>
<a id="trunkSourceWebCorepageContentSecurityPolicycpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/ContentSecurityPolicy.cpp (129524 => 129525)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/ContentSecurityPolicy.cpp        2012-09-25 17:22:28 UTC (rev 129524)
+++ trunk/Source/WebCore/page/ContentSecurityPolicy.cpp        2012-09-25 17:24:18 UTC (rev 129525)
</span><span class="lines">@@ -500,13 +500,15 @@
</span><span class="cx">     // path/to/file.js?query=string || path/to/file.js#anchor
</span><span class="cx">     //                ^                               ^
</span><span class="cx">     if (position &lt; end)
</span><del>-        return false;
</del><ins>+        m_policy-&gt;reportInvalidPathCharacter(m_directiveName, String(begin, end - begin), *position);
</ins><span class="cx"> 
</span><del>-    path = decodeURLEscapeSequences(String(begin, end - begin));
</del><ins>+    path = decodeURLEscapeSequences(String(begin, position - begin));
</ins><span class="cx">     if (!path.endsWith('/'))
</span><span class="cx">         path = path + '/';
</span><span class="cx"> 
</span><del>-    ASSERT(position == end &amp;&amp; path.endsWith('/'));
</del><ins>+    ASSERT(position &lt;= end);
+    ASSERT(position == end || (*position == '#' || *position == '?'));
+    ASSERT(path.endsWith('/'));
</ins><span class="cx">     return true;
</span><span class="cx"> }
</span><span class="cx"> 
</span><span class="lines">@@ -1573,6 +1575,17 @@
</span><span class="cx">     logToConsole(message);
</span><span class="cx"> }
</span><span class="cx"> 
</span><ins>+void ContentSecurityPolicy::reportInvalidPathCharacter(const String&amp; directiveName, const String&amp; value, const char invalidChar) const
+{
+    ASSERT(invalidChar == '#' || invalidChar == '?');
+
+    String ignoring = &quot;The fragment identifier, including the '#', will be ignored.&quot;;
+    if (invalidChar == '?')
+        ignoring = &quot;The query component, including the '?', will be ignored.&quot;;
+    String message = makeString(&quot;The source list for Content Security Policy directive '&quot;, directiveName, &quot;' contains a source with an invalid path: '&quot;, value, &quot;'. &quot;, ignoring);
+    logToConsole(message);
+}
+
</ins><span class="cx"> void ContentSecurityPolicy::reportInvalidNonce(const String&amp; nonce) const
</span><span class="cx"> {
</span><span class="cx">     String message = makeString(&quot;Ignoring invalid Content Security Policy script nonce: '&quot;, nonce, &quot;'.\n&quot;);
</span></span></pre></div>
<a id="trunkSourceWebCorepageContentSecurityPolicyh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/ContentSecurityPolicy.h (129524 => 129525)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/ContentSecurityPolicy.h        2012-09-25 17:22:28 UTC (rev 129524)
+++ trunk/Source/WebCore/page/ContentSecurityPolicy.h        2012-09-25 17:24:18 UTC (rev 129525)
</span><span class="lines">@@ -101,6 +101,7 @@
</span><span class="cx"> 
</span><span class="cx">     void reportDuplicateDirective(const String&amp;) const;
</span><span class="cx">     void reportInvalidDirectiveValueCharacter(const String&amp; directiveName, const String&amp; value) const;
</span><ins>+    void reportInvalidPathCharacter(const String&amp; directiveName, const String&amp; value, const char) const;
</ins><span class="cx">     void reportInvalidNonce(const String&amp;) const;
</span><span class="cx">     void reportInvalidPluginTypes(const String&amp;) const;
</span><span class="cx">     void reportInvalidSourceExpression(const String&amp; directiveName, const String&amp; source) const;
</span></span></pre>
</div>
</div>

</body>
</html>