<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[206254] trunk/Source/WebCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/206254">206254</a></dd>
<dt>Author</dt> <dd>commit-queue@webkit.org</dd>
<dt>Date</dt> <dd>2016-09-22 01:28:37 -0700 (Thu, 22 Sep 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>Refactor ContentSecurityPolicy::allow* methods
https://bugs.webkit.org/show_bug.cgi?id=162335
Patch by Youenn Fablet <youenn@apple.com> on 2016-09-22
Reviewed by Darin Adler.
No change of behavior.
Removing the second parameter of ContentSecurityPolicy::allow* methods.
When true, this parameter makes the methods return true.
This patch updates the callers of allow* methods to check for the parameter before making the call.
Made some refactoring to share more code between the various allow* methods.
* Modules/fetch/FetchLoader.cpp:
(WebCore::FetchLoader::start):
* Modules/websockets/WebSocket.cpp:
(WebCore::WebSocket::connect):
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::isSafeToLoadURL):
(WebCore::HTMLMediaElement::outOfBandTrackSources):
* html/HTMLPlugInImageElement.cpp:
(WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent):
* html/HTMLTrackElement.cpp:
(WebCore::HTMLTrackElement::canLoadURL):
* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
(WebCore::DocumentThreadableLoader::redirectReceived):
(WebCore::DocumentThreadableLoader::loadRequest):
(WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy):
* loader/DocumentThreadableLoader.h:
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::checkIfFormActionAllowedByCSP):
* loader/PolicyChecker.cpp:
(WebCore::isAllowedByContentSecurityPolicy):
* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::createJavaAppletWidget):
* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::allowedByContentSecurityPolicy):
* page/EventSource.cpp:
(WebCore::EventSource::create):
* page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::allowObjectFromSource):
(WebCore::ContentSecurityPolicy::allowChildFrameFromSource):
(WebCore::ContentSecurityPolicy::allowResourceFromSource):
(WebCore::ContentSecurityPolicy::allowChildContextFromSource):
(WebCore::ContentSecurityPolicy::allowScriptFromSource):
(WebCore::ContentSecurityPolicy::allowImageFromSource):
(WebCore::ContentSecurityPolicy::allowStyleFromSource):
(WebCore::ContentSecurityPolicy::allowFontFromSource):
(WebCore::ContentSecurityPolicy::allowMediaFromSource):
(WebCore::ContentSecurityPolicy::allowConnectToSource):
(WebCore::ContentSecurityPolicy::allowFormAction):
* page/csp/ContentSecurityPolicy.h:
* workers/AbstractWorker.cpp:
(WebCore::AbstractWorker::resolveURL):
* workers/WorkerGlobalScope.cpp:
(WebCore::WorkerGlobalScope::importScripts):
* xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::initSend):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCoreModulesfetchFetchLoadercpp">trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreModuleswebsocketsWebSocketcpp">trunk/Source/WebCore/Modules/websockets/WebSocket.cpp</a></li>
<li><a href="#trunkSourceWebCorehtmlHTMLMediaElementcpp">trunk/Source/WebCore/html/HTMLMediaElement.cpp</a></li>
<li><a href="#trunkSourceWebCorehtmlHTMLPlugInImageElementcpp">trunk/Source/WebCore/html/HTMLPlugInImageElement.cpp</a></li>
<li><a href="#trunkSourceWebCorehtmlHTMLTrackElementcpp">trunk/Source/WebCore/html/HTMLTrackElement.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderDocumentThreadableLoadercpp">trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderDocumentThreadableLoaderh">trunk/Source/WebCore/loader/DocumentThreadableLoader.h</a></li>
<li><a href="#trunkSourceWebCoreloaderFrameLoadercpp">trunk/Source/WebCore/loader/FrameLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderPolicyCheckercpp">trunk/Source/WebCore/loader/PolicyChecker.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderSubframeLoadercpp">trunk/Source/WebCore/loader/SubframeLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloadercacheCachedResourceLoadercpp">trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp</a></li>
<li><a href="#trunkSourceWebCorepageEventSourcecpp">trunk/Source/WebCore/page/EventSource.cpp</a></li>
<li><a href="#trunkSourceWebCorepagecspContentSecurityPolicycpp">trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp</a></li>
<li><a href="#trunkSourceWebCorepagecspContentSecurityPolicyh">trunk/Source/WebCore/page/csp/ContentSecurityPolicy.h</a></li>
<li><a href="#trunkSourceWebCoreworkersAbstractWorkercpp">trunk/Source/WebCore/workers/AbstractWorker.cpp</a></li>
<li><a href="#trunkSourceWebCoreworkersWorkerGlobalScopecpp">trunk/Source/WebCore/workers/WorkerGlobalScope.cpp</a></li>
<li><a href="#trunkSourceWebCorexmlXMLHttpRequestcpp">trunk/Source/WebCore/xml/XMLHttpRequest.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/ChangeLog        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -1,3 +1,65 @@
</span><ins>+2016-09-22 Youenn Fablet <youenn@apple.com>
+
+ Refactor ContentSecurityPolicy::allow* methods
+ https://bugs.webkit.org/show_bug.cgi?id=162335
+
+ Reviewed by Darin Adler.
+
+ No change of behavior.
+
+ Removing the second parameter of ContentSecurityPolicy::allow* methods.
+ When true, this parameter makes the methods return true.
+ This patch updates the callers of allow* methods to check for the parameter before making the call.
+
+ Made some refactoring to share more code between the various allow* methods.
+
+ * Modules/fetch/FetchLoader.cpp:
+ (WebCore::FetchLoader::start):
+ * Modules/websockets/WebSocket.cpp:
+ (WebCore::WebSocket::connect):
+ * html/HTMLMediaElement.cpp:
+ (WebCore::HTMLMediaElement::isSafeToLoadURL):
+ (WebCore::HTMLMediaElement::outOfBandTrackSources):
+ * html/HTMLPlugInImageElement.cpp:
+ (WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent):
+ * html/HTMLTrackElement.cpp:
+ (WebCore::HTMLTrackElement::canLoadURL):
+ * loader/DocumentThreadableLoader.cpp:
+ (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
+ (WebCore::DocumentThreadableLoader::redirectReceived):
+ (WebCore::DocumentThreadableLoader::loadRequest):
+ (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy):
+ * loader/DocumentThreadableLoader.h:
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::checkIfFormActionAllowedByCSP):
+ * loader/PolicyChecker.cpp:
+ (WebCore::isAllowedByContentSecurityPolicy):
+ * loader/SubframeLoader.cpp:
+ (WebCore::SubframeLoader::createJavaAppletWidget):
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::CachedResourceLoader::allowedByContentSecurityPolicy):
+ * page/EventSource.cpp:
+ (WebCore::EventSource::create):
+ * page/csp/ContentSecurityPolicy.cpp:
+ (WebCore::ContentSecurityPolicy::allowObjectFromSource):
+ (WebCore::ContentSecurityPolicy::allowChildFrameFromSource):
+ (WebCore::ContentSecurityPolicy::allowResourceFromSource):
+ (WebCore::ContentSecurityPolicy::allowChildContextFromSource):
+ (WebCore::ContentSecurityPolicy::allowScriptFromSource):
+ (WebCore::ContentSecurityPolicy::allowImageFromSource):
+ (WebCore::ContentSecurityPolicy::allowStyleFromSource):
+ (WebCore::ContentSecurityPolicy::allowFontFromSource):
+ (WebCore::ContentSecurityPolicy::allowMediaFromSource):
+ (WebCore::ContentSecurityPolicy::allowConnectToSource):
+ (WebCore::ContentSecurityPolicy::allowFormAction):
+ * page/csp/ContentSecurityPolicy.h:
+ * workers/AbstractWorker.cpp:
+ (WebCore::AbstractWorker::resolveURL):
+ * workers/WorkerGlobalScope.cpp:
+ (WebCore::WorkerGlobalScope::importScripts):
+ * xml/XMLHttpRequest.cpp:
+ (WebCore::XMLHttpRequest::initSend):
+
</ins><span class="cx"> 2016-09-19 Sergio Villar Senin <svillar@igalia.com>
</span><span class="cx">
</span><span class="cx"> [css-grid] Remove the x2 computation of row sizes with indefinite heights
</span></span></pre></div>
<a id="trunkSourceWebCoreModulesfetchFetchLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -85,9 +85,11 @@
</span><span class="cx"> ResourceRequest fetchRequest = request.internalRequest();
</span><span class="cx">
</span><span class="cx"> ASSERT(context.contentSecurityPolicy());
</span><del>- context.contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(fetchRequest, ContentSecurityPolicy::InsecureRequestType::Load);
</del><ins>+ auto& contentSecurityPolicy = *context.contentSecurityPolicy();
</ins><span class="cx">
</span><del>- if (!context.contentSecurityPolicy()->allowConnectToSource(fetchRequest.url(), context.shouldBypassMainWorldContentSecurityPolicy())) {
</del><ins>+ contentSecurityPolicy.upgradeInsecureRequestIfNeeded(fetchRequest, ContentSecurityPolicy::InsecureRequestType::Load);
+
+ if (!context.shouldBypassMainWorldContentSecurityPolicy() && !contentSecurityPolicy.allowConnectToSource(fetchRequest.url())) {
</ins><span class="cx"> m_client.didFail();
</span><span class="cx"> return;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCoreModuleswebsocketsWebSocketcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/websockets/WebSocket.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/websockets/WebSocket.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/Modules/websockets/WebSocket.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -217,8 +217,11 @@
</span><span class="cx"> LOG(Network, "WebSocket %p connect() url='%s'", this, url.utf8().data());
</span><span class="cx"> m_url = URL(URL(), url);
</span><span class="cx">
</span><ins>+ ASSERT(scriptExecutionContext());
+ auto& context = *scriptExecutionContext();
+
</ins><span class="cx"> if (!m_url.isValid()) {
</span><del>- scriptExecutionContext()->addConsoleMessage(MessageSource::JS, MessageLevel::Error, "Invalid url for WebSocket " + m_url.stringCenterEllipsizedToLength());
</del><ins>+ context.addConsoleMessage(MessageSource::JS, MessageLevel::Error, "Invalid url for WebSocket " + m_url.stringCenterEllipsizedToLength());
</ins><span class="cx"> m_state = CLOSED;
</span><span class="cx"> ec = SYNTAX_ERR;
</span><span class="cx"> return;
</span><span class="lines">@@ -225,22 +228,25 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (!m_url.protocolIs("ws") && !m_url.protocolIs("wss")) {
</span><del>- scriptExecutionContext()->addConsoleMessage(MessageSource::JS, MessageLevel::Error, "Wrong url scheme for WebSocket " + m_url.stringCenterEllipsizedToLength());
</del><ins>+ context.addConsoleMessage(MessageSource::JS, MessageLevel::Error, "Wrong url scheme for WebSocket " + m_url.stringCenterEllipsizedToLength());
</ins><span class="cx"> m_state = CLOSED;
</span><span class="cx"> ec = SYNTAX_ERR;
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx"> if (m_url.hasFragmentIdentifier()) {
</span><del>- scriptExecutionContext()->addConsoleMessage(MessageSource::JS, MessageLevel::Error, "URL has fragment component " + m_url.stringCenterEllipsizedToLength());
</del><ins>+ context.addConsoleMessage(MessageSource::JS, MessageLevel::Error, "URL has fragment component " + m_url.stringCenterEllipsizedToLength());
</ins><span class="cx"> m_state = CLOSED;
</span><span class="cx"> ec = SYNTAX_ERR;
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- scriptExecutionContext()->contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(m_url, ContentSecurityPolicy::InsecureRequestType::Load);
-
</del><ins>+ ASSERT(context.contentSecurityPolicy());
+ auto& contentSecurityPolicy = *context.contentSecurityPolicy();
+
+ contentSecurityPolicy.upgradeInsecureRequestIfNeeded(m_url, ContentSecurityPolicy::InsecureRequestType::Load);
+
</ins><span class="cx"> if (!portAllowed(m_url)) {
</span><del>- scriptExecutionContext()->addConsoleMessage(MessageSource::JS, MessageLevel::Error, "WebSocket port " + String::number(m_url.port()) + " blocked");
</del><ins>+ context.addConsoleMessage(MessageSource::JS, MessageLevel::Error, "WebSocket port " + String::number(m_url.port()) + " blocked");
</ins><span class="cx"> m_state = CLOSED;
</span><span class="cx"> ec = SECURITY_ERR;
</span><span class="cx"> return;
</span><span class="lines">@@ -247,7 +253,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // FIXME: Convert this to check the isolated world's Content Security Policy once webkit.org/b/104520 is solved.
</span><del>- if (!scriptExecutionContext()->contentSecurityPolicy()->allowConnectToSource(m_url, scriptExecutionContext()->shouldBypassMainWorldContentSecurityPolicy())) {
</del><ins>+ if (!context.shouldBypassMainWorldContentSecurityPolicy() && !contentSecurityPolicy.allowConnectToSource(m_url)) {
</ins><span class="cx"> m_state = CLOSED;
</span><span class="cx">
</span><span class="cx"> // FIXME: Should this be throwing an exception?
</span><span class="lines">@@ -255,7 +261,7 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if (auto* provider = scriptExecutionContext()->socketProvider())
</del><ins>+ if (auto* provider = context.socketProvider())
</ins><span class="cx"> m_channel = ThreadableWebSocketChannel::create(*scriptExecutionContext(), *this, *provider);
</span><span class="cx">
</span><span class="cx"> // Every ScriptExecutionContext should have a SocketProvider.
</span><span class="lines">@@ -270,7 +276,7 @@
</span><span class="cx"> // comply with WebSocket API specification, but it seems to be the only reasonable way to handle this conflict.
</span><span class="cx"> for (auto& protocol : protocols) {
</span><span class="cx"> if (!isValidProtocolString(protocol)) {
</span><del>- scriptExecutionContext()->addConsoleMessage(MessageSource::JS, MessageLevel::Error, "Wrong protocol for WebSocket '" + encodeProtocolString(protocol) + "'");
</del><ins>+ context.addConsoleMessage(MessageSource::JS, MessageLevel::Error, "Wrong protocol for WebSocket '" + encodeProtocolString(protocol) + "'");
</ins><span class="cx"> m_state = CLOSED;
</span><span class="cx"> ec = SYNTAX_ERR;
</span><span class="cx"> return;
</span><span class="lines">@@ -279,7 +285,7 @@
</span><span class="cx"> HashSet<String> visited;
</span><span class="cx"> for (auto& protocol : protocols) {
</span><span class="cx"> if (!visited.add(protocol).isNewEntry) {
</span><del>- scriptExecutionContext()->addConsoleMessage(MessageSource::JS, MessageLevel::Error, "WebSocket protocols contain duplicates: '" + encodeProtocolString(protocol) + "'");
</del><ins>+ context.addConsoleMessage(MessageSource::JS, MessageLevel::Error, "WebSocket protocols contain duplicates: '" + encodeProtocolString(protocol) + "'");
</ins><span class="cx"> m_state = CLOSED;
</span><span class="cx"> ec = SYNTAX_ERR;
</span><span class="cx"> return;
</span><span class="lines">@@ -286,8 +292,8 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if (is<Document>(*scriptExecutionContext())) {
- Document& document = downcast<Document>(*scriptExecutionContext());
</del><ins>+ if (is<Document>(context)) {
+ Document& document = downcast<Document>(context);
</ins><span class="cx"> if (!document.frame()->loader().mixedContentChecker().canRunInsecureContent(document.securityOrigin(), m_url)) {
</span><span class="cx"> // Balanced by the call to ActiveDOMObject::unsetPendingActivity() in WebSocket::stop().
</span><span class="cx"> ActiveDOMObject::setPendingActivity(this);
</span></span></pre></div>
<a id="trunkSourceWebCorehtmlHTMLMediaElementcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/html/HTMLMediaElement.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/html/HTMLMediaElement.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/html/HTMLMediaElement.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -1989,6 +1989,16 @@
</span><span class="cx">
</span><span class="cx"> #endif
</span><span class="cx">
</span><ins>+static inline bool isAllowedToLoadMediaURL(HTMLMediaElement& element, const URL& url, bool isInUserAgentShadowTree)
+{
+ // Elements in user agent show tree should load whatever the embedding document policy is.
+ if (isInUserAgentShadowTree)
+ return true;
+
+ ASSERT(element.document().contentSecurityPolicy());
+ return element.document().contentSecurityPolicy()->allowMediaFromSource(url);
+}
+
</ins><span class="cx"> bool HTMLMediaElement::isSafeToLoadURL(const URL& url, InvalidURLAction actionIfInvalid)
</span><span class="cx"> {
</span><span class="cx"> if (!url.isValid()) {
</span><span class="lines">@@ -2004,7 +2014,7 @@
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if (!document().contentSecurityPolicy()->allowMediaFromSource(url, isInUserAgentShadowTree())) {
</del><ins>+ if (!isAllowedToLoadMediaURL(*this, url, isInUserAgentShadowTree())) {
</ins><span class="cx"> LOG(Media, "HTMLMediaElement::isSafeToLoadURL(%p) - %s -> rejected by Content Security Policy", this, urlForLoggingMedia(url).utf8().data());
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="lines">@@ -6364,8 +6374,8 @@
</span><span class="cx"> URL url = trackElement.getNonEmptyURLAttribute(srcAttr);
</span><span class="cx"> if (url.isEmpty())
</span><span class="cx"> continue;
</span><del>-
- if (!document().contentSecurityPolicy()->allowMediaFromSource(url, trackElement.isInUserAgentShadowTree()))
</del><ins>+
+ if (!isAllowedToLoadMediaURL(*this, url, trackElement.isInUserAgentShadowTree()))
</ins><span class="cx"> continue;
</span><span class="cx">
</span><span class="cx"> auto& track = *trackElement.track();
</span></span></pre></div>
<a id="trunkSourceWebCorehtmlHTMLPlugInImageElementcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/html/HTMLPlugInImageElement.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/html/HTMLPlugInImageElement.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/html/HTMLPlugInImageElement.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -775,6 +775,10 @@
</span><span class="cx">
</span><span class="cx"> bool HTMLPlugInImageElement::allowedToLoadPluginContent(const String& url, const String& mimeType) const
</span><span class="cx"> {
</span><ins>+ // Elements in user agent show tree should load whatever the embedding document policy is.
+ if (isInUserAgentShadowTree())
+ return true;
+
</ins><span class="cx"> URL completedURL;
</span><span class="cx"> if (!url.isEmpty())
</span><span class="cx"> completedURL = document().completeURL(url);
</span><span class="lines">@@ -784,10 +788,12 @@
</span><span class="cx">
</span><span class="cx"> contentSecurityPolicy.upgradeInsecureRequestIfNeeded(completedURL, ContentSecurityPolicy::InsecureRequestType::Load);
</span><span class="cx">
</span><del>- String declaredMimeType = document().isPluginDocument() && document().ownerElement() ?
</del><ins>+ if (!contentSecurityPolicy.allowObjectFromSource(completedURL))
+ return false;
+
+ auto& declaredMimeType = document().isPluginDocument() && document().ownerElement() ?
</ins><span class="cx"> document().ownerElement()->attributeWithoutSynchronization(HTMLNames::typeAttr) : attributeWithoutSynchronization(HTMLNames::typeAttr);
</span><del>- bool isInUserAgentShadowTree = this->isInUserAgentShadowTree();
- return contentSecurityPolicy.allowObjectFromSource(completedURL, isInUserAgentShadowTree) && contentSecurityPolicy.allowPluginType(mimeType, declaredMimeType, completedURL, isInUserAgentShadowTree);
</del><ins>+ return contentSecurityPolicy.allowPluginType(mimeType, declaredMimeType, completedURL);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> bool HTMLPlugInImageElement::requestObject(const String& url, const String& mimeType, const Vector<String>& paramNames, const Vector<String>& paramValues)
</span></span></pre></div>
<a id="trunkSourceWebCorehtmlHTMLTrackElementcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/html/HTMLTrackElement.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/html/HTMLTrackElement.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/html/HTMLTrackElement.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -216,11 +216,13 @@
</span><span class="cx"> if (url.isEmpty())
</span><span class="cx"> return false;
</span><span class="cx">
</span><del>- if (!document().contentSecurityPolicy()->allowMediaFromSource(url, isInUserAgentShadowTree())) {
</del><ins>+ ASSERT(document().contentSecurityPolicy());
+ // Elements in user agent show tree should load whatever the embedding document policy is.
+ if (!isInUserAgentShadowTree() && !document().contentSecurityPolicy()->allowMediaFromSource(url)) {
</ins><span class="cx"> LOG(Media, "HTMLTrackElement::canLoadURL(%s) -> rejected by Content Security Policy", urlForLoggingTrack(url).utf8().data());
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><del>-
</del><ins>+
</ins><span class="cx"> return dispatchBeforeLoadEvent(url.string());
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderDocumentThreadableLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -35,7 +35,6 @@
</span><span class="cx"> #include "CachedResourceLoader.h"
</span><span class="cx"> #include "CachedResourceRequest.h"
</span><span class="cx"> #include "CachedResourceRequestInitiators.h"
</span><del>-#include "ContentSecurityPolicy.h"
</del><span class="cx"> #include "CrossOriginAccessControl.h"
</span><span class="cx"> #include "CrossOriginPreflightChecker.h"
</span><span class="cx"> #include "CrossOriginPreflightResultCache.h"
</span><span class="lines">@@ -98,7 +97,7 @@
</span><span class="cx"> // Referrer and Origin headers should be set after the preflight if any.
</span><span class="cx"> ASSERT(!request.hasHTTPReferrer() && !request.hasHTTPOrigin());
</span><span class="cx">
</span><del>- ASSERT_WITH_SECURITY_IMPLICATION(isAllowedByContentSecurityPolicy(request.url()));
</del><ins>+ ASSERT_WITH_SECURITY_IMPLICATION(isAllowedByContentSecurityPolicy(request.url(), ContentSecurityPolicy::RedirectResponseReceived::No));
</ins><span class="cx">
</span><span class="cx"> m_options.allowCredentials = (m_options.credentials == FetchOptions::Credentials::Include || (m_options.credentials == FetchOptions::Credentials::SameOrigin && m_sameOriginRequest)) ? AllowStoredCredentials : DoNotAllowStoredCredentials;
</span><span class="cx">
</span><span class="lines">@@ -223,7 +222,7 @@
</span><span class="cx"> ASSERT_UNUSED(resource, resource == m_resource);
</span><span class="cx">
</span><span class="cx"> Ref<DocumentThreadableLoader> protectedThis(*this);
</span><del>- if (!isAllowedByContentSecurityPolicy(request.url(), !redirectResponse.isNull())) {
</del><ins>+ if (!isAllowedByContentSecurityPolicy(request.url(), redirectResponse.isNull() ? ContentSecurityPolicy::RedirectResponseReceived::No : ContentSecurityPolicy::RedirectResponseReceived::Yes)) {
</ins><span class="cx"> reportContentSecurityPolicyError(*m_client, redirectResponse.url());
</span><span class="cx"> clearResource();
</span><span class="cx"> return;
</span><span class="lines">@@ -417,7 +416,7 @@
</span><span class="cx"> // requested. Also comparing the request and response URLs as strings will fail if the requestURL still has its credentials.
</span><span class="cx"> bool didRedirect = requestURL != response.url();
</span><span class="cx"> if (didRedirect) {
</span><del>- if (!isAllowedByContentSecurityPolicy(response.url(), didRedirect)) {
</del><ins>+ if (!isAllowedByContentSecurityPolicy(response.url(), ContentSecurityPolicy::RedirectResponseReceived::Yes)) {
</ins><span class="cx"> reportContentSecurityPolicyError(*m_client, requestURL);
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="lines">@@ -448,20 +447,17 @@
</span><span class="cx"> didFinishLoading(identifier, 0.0);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool DocumentThreadableLoader::isAllowedByContentSecurityPolicy(const URL& url, bool didRedirect)
</del><ins>+bool DocumentThreadableLoader::isAllowedByContentSecurityPolicy(const URL& url, ContentSecurityPolicy::RedirectResponseReceived redirectResponseReceived)
</ins><span class="cx"> {
</span><del>- bool overrideContentSecurityPolicy = false;
- ContentSecurityPolicy::RedirectResponseReceived redirectResponseReceived = didRedirect ? ContentSecurityPolicy::RedirectResponseReceived::Yes : ContentSecurityPolicy::RedirectResponseReceived::No;
-
</del><span class="cx"> switch (m_options.contentSecurityPolicyEnforcement) {
</span><span class="cx"> case ContentSecurityPolicyEnforcement::DoNotEnforce:
</span><span class="cx"> return true;
</span><span class="cx"> case ContentSecurityPolicyEnforcement::EnforceChildSrcDirective:
</span><del>- return contentSecurityPolicy().allowChildContextFromSource(url, overrideContentSecurityPolicy, redirectResponseReceived);
</del><ins>+ return contentSecurityPolicy().allowChildContextFromSource(url, redirectResponseReceived);
</ins><span class="cx"> case ContentSecurityPolicyEnforcement::EnforceConnectSrcDirective:
</span><del>- return contentSecurityPolicy().allowConnectToSource(url, overrideContentSecurityPolicy, redirectResponseReceived);
</del><ins>+ return contentSecurityPolicy().allowConnectToSource(url, redirectResponseReceived);
</ins><span class="cx"> case ContentSecurityPolicyEnforcement::EnforceScriptSrcDirective:
</span><del>- return contentSecurityPolicy().allowScriptFromSource(url, overrideContentSecurityPolicy, redirectResponseReceived);
</del><ins>+ return contentSecurityPolicy().allowScriptFromSource(url, redirectResponseReceived);
</ins><span class="cx"> }
</span><span class="cx"> ASSERT_NOT_REACHED();
</span><span class="cx"> return false;
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderDocumentThreadableLoaderh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/DocumentThreadableLoader.h (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/DocumentThreadableLoader.h        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/loader/DocumentThreadableLoader.h        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -31,6 +31,7 @@
</span><span class="cx">
</span><span class="cx"> #pragma once
</span><span class="cx">
</span><ins>+#include "ContentSecurityPolicy.h"
</ins><span class="cx"> #include "CrossOriginPreflightChecker.h"
</span><span class="cx"> #include "ResourceResponse.h"
</span><span class="cx"> #include "SecurityOrigin.h"
</span><span class="lines">@@ -94,7 +95,7 @@
</span><span class="cx">
</span><span class="cx"> void loadRequest(ResourceRequest&&, SecurityCheckPolicy);
</span><span class="cx"> bool isAllowedRedirect(const URL&);
</span><del>- bool isAllowedByContentSecurityPolicy(const URL&, bool didRedirect = false);
</del><ins>+ bool isAllowedByContentSecurityPolicy(const URL&, ContentSecurityPolicy::RedirectResponseReceived);
</ins><span class="cx">
</span><span class="cx"> bool isXMLHttpRequest() const final;
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderFrameLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/FrameLoader.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/FrameLoader.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/loader/FrameLoader.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -942,7 +942,7 @@
</span><span class="cx"> return true;
</span><span class="cx">
</span><span class="cx"> auto redirectResponseReceived = didReceiveRedirectResponse ? ContentSecurityPolicy::RedirectResponseReceived::Yes : ContentSecurityPolicy::RedirectResponseReceived::No;
</span><del>- return m_frame.document()->contentSecurityPolicy()->allowFormAction(url, false /* overrideContentSecurityPolicy */, redirectResponseReceived);
</del><ins>+ return m_frame.document()->contentSecurityPolicy()->allowFormAction(url, redirectResponseReceived);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> Frame* FrameLoader::opener()
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderPolicyCheckercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/PolicyChecker.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/PolicyChecker.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/loader/PolicyChecker.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -55,10 +55,16 @@
</span><span class="cx"> {
</span><span class="cx"> if (!ownerElement)
</span><span class="cx"> return true;
</span><ins>+ // Elements in user agent show tree should load whatever the embedding document policy is.
+ if (ownerElement->isInUserAgentShadowTree())
+ return true;
+
</ins><span class="cx"> auto redirectResponseReceived = didReceiveRedirectResponse ? ContentSecurityPolicy::RedirectResponseReceived::Yes : ContentSecurityPolicy::RedirectResponseReceived::No;
</span><ins>+
+ ASSERT(ownerElement->document().contentSecurityPolicy());
</ins><span class="cx"> if (is<HTMLPlugInElement>(ownerElement))
</span><del>- return ownerElement->document().contentSecurityPolicy()->allowObjectFromSource(url, ownerElement->isInUserAgentShadowTree(), redirectResponseReceived);
- return ownerElement->document().contentSecurityPolicy()->allowChildFrameFromSource(url, ownerElement->isInUserAgentShadowTree(), redirectResponseReceived);
</del><ins>+ return ownerElement->document().contentSecurityPolicy()->allowObjectFromSource(url, redirectResponseReceived);
+ return ownerElement->document().contentSecurityPolicy()->allowChildFrameFromSource(url, redirectResponseReceived);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> PolicyChecker::PolicyChecker(Frame& frame)
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderSubframeLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/SubframeLoader.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/SubframeLoader.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/loader/SubframeLoader.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -248,9 +248,11 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> const char javaAppletMimeType[] = "application/x-java-applet";
</span><del>- bool isInUserAgentShadowTree = element.isInUserAgentShadowTree();
- if (!element.document().contentSecurityPolicy()->allowObjectFromSource(codeBaseURL, isInUserAgentShadowTree)
- || !element.document().contentSecurityPolicy()->allowPluginType(javaAppletMimeType, javaAppletMimeType, codeBaseURL, isInUserAgentShadowTree))
</del><ins>+ ASSERT(element.document().contentSecurityPolicy());
+ auto& contentSecurityPolicy = *element.document().contentSecurityPolicy();
+ // Elements in user agent show tree should load whatever the embedding document policy is.
+ if (!element.isInUserAgentShadowTree()
+ && (!contentSecurityPolicy.allowObjectFromSource(codeBaseURL) || !contentSecurityPolicy.allowPluginType(javaAppletMimeType, javaAppletMimeType, codeBaseURL)))
</ins><span class="cx"> return nullptr;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreloadercacheCachedResourceLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -399,16 +399,16 @@
</span><span class="cx"> case CachedResource::XSLStyleSheet:
</span><span class="cx"> #endif
</span><span class="cx"> case CachedResource::Script:
</span><del>- if (!m_document->contentSecurityPolicy()->allowScriptFromSource(url, false, redirectResponseReceived))
</del><ins>+ if (!m_document->contentSecurityPolicy()->allowScriptFromSource(url, redirectResponseReceived))
</ins><span class="cx"> return false;
</span><span class="cx"> break;
</span><span class="cx"> case CachedResource::CSSStyleSheet:
</span><del>- if (!m_document->contentSecurityPolicy()->allowStyleFromSource(url, false, redirectResponseReceived))
</del><ins>+ if (!m_document->contentSecurityPolicy()->allowStyleFromSource(url, redirectResponseReceived))
</ins><span class="cx"> return false;
</span><span class="cx"> break;
</span><span class="cx"> case CachedResource::SVGDocumentResource:
</span><span class="cx"> case CachedResource::ImageResource:
</span><del>- if (!m_document->contentSecurityPolicy()->allowImageFromSource(url, false, redirectResponseReceived))
</del><ins>+ if (!m_document->contentSecurityPolicy()->allowImageFromSource(url, redirectResponseReceived))
</ins><span class="cx"> return false;
</span><span class="cx"> break;
</span><span class="cx"> #if ENABLE(SVG_FONTS)
</span><span class="lines">@@ -415,7 +415,7 @@
</span><span class="cx"> case CachedResource::SVGFontResource:
</span><span class="cx"> #endif
</span><span class="cx"> case CachedResource::FontResource:
</span><del>- if (!m_document->contentSecurityPolicy()->allowFontFromSource(url, false, redirectResponseReceived))
</del><ins>+ if (!m_document->contentSecurityPolicy()->allowFontFromSource(url, redirectResponseReceived))
</ins><span class="cx"> return false;
</span><span class="cx"> break;
</span><span class="cx"> case CachedResource::MediaResource:
</span><span class="lines">@@ -422,7 +422,7 @@
</span><span class="cx"> #if ENABLE(VIDEO_TRACK)
</span><span class="cx"> case CachedResource::TextTrackResource:
</span><span class="cx"> #endif
</span><del>- if (!m_document->contentSecurityPolicy()->allowMediaFromSource(url, false, redirectResponseReceived))
</del><ins>+ if (!m_document->contentSecurityPolicy()->allowMediaFromSource(url, redirectResponseReceived))
</ins><span class="cx"> return false;
</span><span class="cx"> break;
</span><span class="cx"> case CachedResource::RawResource:
</span></span></pre></div>
<a id="trunkSourceWebCorepageEventSourcecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/EventSource.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/EventSource.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/page/EventSource.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -72,7 +72,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // FIXME: Convert this to check the isolated world's Content Security Policy once webkit.org/b/104520 is solved.
</span><del>- if (!context.contentSecurityPolicy()->allowConnectToSource(fullURL, context.shouldBypassMainWorldContentSecurityPolicy())) {
</del><ins>+ if (!context.shouldBypassMainWorldContentSecurityPolicy() && !context.contentSecurityPolicy()->allowConnectToSource(fullURL)) {
</ins><span class="cx"> // FIXME: Should this be throwing an exception?
</span><span class="cx"> ec = SECURITY_ERR;
</span><span class="cx"> return nullptr;
</span></span></pre></div>
<a id="trunkSourceWebCorepagecspContentSecurityPolicycpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -451,27 +451,10 @@
</span><span class="cx"> return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForPluginType, type, typeAttribute);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool ContentSecurityPolicy::allowScriptFromSource(const URL& url, bool overrideContentSecurityPolicy, RedirectResponseReceived redirectResponseReceived) const
</del><ins>+bool ContentSecurityPolicy::allowObjectFromSource(const URL& url, RedirectResponseReceived redirectResponseReceived) const
</ins><span class="cx"> {
</span><del>- if (overrideContentSecurityPolicy)
- return true;
</del><span class="cx"> if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol()))
</span><span class="cx"> return true;
</span><del>- String sourceURL;
- TextPosition sourcePosition(WTF::OrdinalNumber::beforeFirst(), WTF::OrdinalNumber());
- auto handleViolatedDirective = [&] (const ContentSecurityPolicyDirective& violatedDirective) {
- String consoleMessage = consoleMessageForViolation(ContentSecurityPolicyDirectiveNames::scriptSrc, violatedDirective, url, "Refused to load");
- reportViolation(ContentSecurityPolicyDirectiveNames::scriptSrc, violatedDirective, url, consoleMessage, sourceURL, sourcePosition);
- };
- return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForScript, url, redirectResponseReceived == RedirectResponseReceived::Yes);
-}
-
-bool ContentSecurityPolicy::allowObjectFromSource(const URL& url, bool overrideContentSecurityPolicy, RedirectResponseReceived redirectResponseReceived) const
-{
- if (overrideContentSecurityPolicy)
- return true;
- if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol()))
- return true;
</del><span class="cx"> // As per section object-src of the Content Security Policy Level 3 spec., <http://w3c.github.io/webappsec-csp> (Editor's Draft, 29 February 2016),
</span><span class="cx"> // "If plugin content is loaded without an associated URL (perhaps an object element lacks a data attribute, but loads some default plugin based
</span><span class="cx"> // on the specified type), it MUST be blocked if object-src's value is 'none', but will otherwise be allowed".
</span><span class="lines">@@ -484,10 +467,8 @@
</span><span class="cx"> return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForObjectSource, url, redirectResponseReceived == RedirectResponseReceived::Yes, ContentSecurityPolicySourceListDirective::ShouldAllowEmptyURLIfSourceListIsNotNone::Yes);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool ContentSecurityPolicy::allowChildFrameFromSource(const URL& url, bool overrideContentSecurityPolicy, RedirectResponseReceived redirectResponseReceived) const
</del><ins>+bool ContentSecurityPolicy::allowChildFrameFromSource(const URL& url, RedirectResponseReceived redirectResponseReceived) const
</ins><span class="cx"> {
</span><del>- if (overrideContentSecurityPolicy)
- return true;
</del><span class="cx"> if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol()))
</span><span class="cx"> return true;
</span><span class="cx"> String sourceURL;
</span><span class="lines">@@ -500,85 +481,51 @@
</span><span class="cx"> return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForFrame, url, redirectResponseReceived == RedirectResponseReceived::Yes);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool ContentSecurityPolicy::allowChildContextFromSource(const URL& url, bool overrideContentSecurityPolicy, RedirectResponseReceived redirectResponseReceived) const
</del><ins>+bool ContentSecurityPolicy::allowResourceFromSource(const URL& url, RedirectResponseReceived redirectResponseReceived, const char* name, ResourcePredicate resourcePredicate) const
</ins><span class="cx"> {
</span><del>- if (overrideContentSecurityPolicy)
- return true;
</del><span class="cx"> if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol()))
</span><span class="cx"> return true;
</span><span class="cx"> String sourceURL;
</span><span class="cx"> TextPosition sourcePosition(WTF::OrdinalNumber::beforeFirst(), WTF::OrdinalNumber());
</span><span class="cx"> auto handleViolatedDirective = [&] (const ContentSecurityPolicyDirective& violatedDirective) {
</span><del>- String consoleMessage = consoleMessageForViolation(ContentSecurityPolicyDirectiveNames::childSrc, violatedDirective, url, "Refused to load");
- reportViolation(ContentSecurityPolicyDirectiveNames::childSrc, violatedDirective, url, consoleMessage, sourceURL, sourcePosition);
</del><ins>+ String consoleMessage = consoleMessageForViolation(name, violatedDirective, url, "Refused to load");
+ reportViolation(name, violatedDirective, url, consoleMessage, sourceURL, sourcePosition);
</ins><span class="cx"> };
</span><del>- return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForChildContext, url, redirectResponseReceived == RedirectResponseReceived::Yes);
</del><ins>+ return allPoliciesAllow(WTFMove(handleViolatedDirective), resourcePredicate, url, redirectResponseReceived == RedirectResponseReceived::Yes);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-bool ContentSecurityPolicy::allowImageFromSource(const URL& url, bool overrideContentSecurityPolicy, RedirectResponseReceived redirectResponseReceived) const
</del><ins>+bool ContentSecurityPolicy::allowChildContextFromSource(const URL& url, RedirectResponseReceived redirectResponseReceived) const
</ins><span class="cx"> {
</span><del>- if (overrideContentSecurityPolicy)
- return true;
- if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol()))
- return true;
- String sourceURL;
- TextPosition sourcePosition(WTF::OrdinalNumber::beforeFirst(), WTF::OrdinalNumber());
- auto handleViolatedDirective = [&] (const ContentSecurityPolicyDirective& violatedDirective) {
- String consoleMessage = consoleMessageForViolation(ContentSecurityPolicyDirectiveNames::imgSrc, violatedDirective, url, "Refused to load");
- reportViolation(ContentSecurityPolicyDirectiveNames::imgSrc, violatedDirective, url, consoleMessage, sourceURL, sourcePosition);
- };
- return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForImage, url, redirectResponseReceived == RedirectResponseReceived::Yes);
</del><ins>+ return allowResourceFromSource(url, redirectResponseReceived, ContentSecurityPolicyDirectiveNames::childSrc, &ContentSecurityPolicyDirectiveList::violatedDirectiveForChildContext);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-bool ContentSecurityPolicy::allowStyleFromSource(const URL& url, bool overrideContentSecurityPolicy, RedirectResponseReceived redirectResponseReceived) const
</del><ins>+bool ContentSecurityPolicy::allowScriptFromSource(const URL& url, RedirectResponseReceived redirectResponseReceived) const
</ins><span class="cx"> {
</span><del>- if (overrideContentSecurityPolicy)
- return true;
- if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol()))
- return true;
- String sourceURL;
- TextPosition sourcePosition(WTF::OrdinalNumber::beforeFirst(), WTF::OrdinalNumber());
- auto handleViolatedDirective = [&] (const ContentSecurityPolicyDirective& violatedDirective) {
- String consoleMessage = consoleMessageForViolation(ContentSecurityPolicyDirectiveNames::styleSrc, violatedDirective, url, "Refused to load");
- reportViolation(ContentSecurityPolicyDirectiveNames::styleSrc, violatedDirective, url, consoleMessage, sourceURL, sourcePosition);
- };
- return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForStyle, url, redirectResponseReceived == RedirectResponseReceived::Yes);
</del><ins>+ return allowResourceFromSource(url, redirectResponseReceived, ContentSecurityPolicyDirectiveNames::scriptSrc, &ContentSecurityPolicyDirectiveList::violatedDirectiveForScript);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-bool ContentSecurityPolicy::allowFontFromSource(const URL& url, bool overrideContentSecurityPolicy, RedirectResponseReceived redirectResponseReceived) const
</del><ins>+bool ContentSecurityPolicy::allowImageFromSource(const URL& url, RedirectResponseReceived redirectResponseReceived) const
</ins><span class="cx"> {
</span><del>- if (overrideContentSecurityPolicy)
- return true;
- if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol()))
- return true;
- String sourceURL;
- TextPosition sourcePosition(WTF::OrdinalNumber::beforeFirst(), WTF::OrdinalNumber());
- auto handleViolatedDirective = [&] (const ContentSecurityPolicyDirective& violatedDirective) {
- String consoleMessage = consoleMessageForViolation(ContentSecurityPolicyDirectiveNames::fontSrc, violatedDirective, url, "Refused to load");
- reportViolation(ContentSecurityPolicyDirectiveNames::fontSrc, violatedDirective, url, consoleMessage, sourceURL, sourcePosition);
- };
- return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForFont, url, redirectResponseReceived == RedirectResponseReceived::Yes);
</del><ins>+ return allowResourceFromSource(url, redirectResponseReceived, ContentSecurityPolicyDirectiveNames::imgSrc, &ContentSecurityPolicyDirectiveList::violatedDirectiveForImage);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-bool ContentSecurityPolicy::allowMediaFromSource(const URL& url, bool overrideContentSecurityPolicy, RedirectResponseReceived redirectResponseReceived) const
</del><ins>+bool ContentSecurityPolicy::allowStyleFromSource(const URL& url, RedirectResponseReceived redirectResponseReceived) const
</ins><span class="cx"> {
</span><del>- if (overrideContentSecurityPolicy)
- return true;
- if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol()))
- return true;
- String sourceURL;
- TextPosition sourcePosition(WTF::OrdinalNumber::beforeFirst(), WTF::OrdinalNumber());
- auto handleViolatedDirective = [&] (const ContentSecurityPolicyDirective& violatedDirective) {
- String consoleMessage = consoleMessageForViolation(ContentSecurityPolicyDirectiveNames::mediaSrc, violatedDirective, url, "Refused to load");
- reportViolation(ContentSecurityPolicyDirectiveNames::mediaSrc, violatedDirective, url, consoleMessage, sourceURL, sourcePosition);
- };
- return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForMedia, url, redirectResponseReceived == RedirectResponseReceived::Yes);
</del><ins>+ return allowResourceFromSource(url, redirectResponseReceived, ContentSecurityPolicyDirectiveNames::styleSrc, &ContentSecurityPolicyDirectiveList::violatedDirectiveForStyle);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-bool ContentSecurityPolicy::allowConnectToSource(const URL& url, bool overrideContentSecurityPolicy, RedirectResponseReceived redirectResponseReceived) const
</del><ins>+bool ContentSecurityPolicy::allowFontFromSource(const URL& url, RedirectResponseReceived redirectResponseReceived) const
</ins><span class="cx"> {
</span><del>- if (overrideContentSecurityPolicy)
- return true;
</del><ins>+ return allowResourceFromSource(url, redirectResponseReceived, ContentSecurityPolicyDirectiveNames::fontSrc, &ContentSecurityPolicyDirectiveList::violatedDirectiveForFont);
+}
+
+bool ContentSecurityPolicy::allowMediaFromSource(const URL& url, RedirectResponseReceived redirectResponseReceived) const
+{
+ return allowResourceFromSource(url, redirectResponseReceived, ContentSecurityPolicyDirectiveNames::mediaSrc, &ContentSecurityPolicyDirectiveList::violatedDirectiveForMedia);
+}
+
+bool ContentSecurityPolicy::allowConnectToSource(const URL& url, RedirectResponseReceived redirectResponseReceived) const
+{
</ins><span class="cx"> if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol()))
</span><span class="cx"> return true;
</span><span class="cx"> String sourceURL;
</span><span class="lines">@@ -590,19 +537,9 @@
</span><span class="cx"> return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForConnectSource, url, redirectResponseReceived == RedirectResponseReceived::Yes);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool ContentSecurityPolicy::allowFormAction(const URL& url, bool overrideContentSecurityPolicy, RedirectResponseReceived redirectResponseReceived) const
</del><ins>+bool ContentSecurityPolicy::allowFormAction(const URL& url, RedirectResponseReceived redirectResponseReceived) const
</ins><span class="cx"> {
</span><del>- if (overrideContentSecurityPolicy)
- return true;
- if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol()))
- return true;
- String sourceURL;
- TextPosition sourcePosition(WTF::OrdinalNumber::beforeFirst(), WTF::OrdinalNumber());
- auto handleViolatedDirective = [&] (const ContentSecurityPolicyDirective& violatedDirective) {
- String consoleMessage = consoleMessageForViolation(ContentSecurityPolicyDirectiveNames::formAction, violatedDirective, url, "Refused to load");
- reportViolation(ContentSecurityPolicyDirectiveNames::formAction, violatedDirective, url, consoleMessage, sourceURL, sourcePosition);
- };
- return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForFormAction, url, redirectResponseReceived == RedirectResponseReceived::Yes);
</del><ins>+ return allowResourceFromSource(url, redirectResponseReceived, ContentSecurityPolicyDirectiveNames::formAction, &ContentSecurityPolicyDirectiveList::violatedDirectiveForFormAction);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> bool ContentSecurityPolicy::allowBaseURI(const URL& url, bool overrideContentSecurityPolicy) const
</span></span></pre></div>
<a id="trunkSourceWebCorepagecspContentSecurityPolicyh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/csp/ContentSecurityPolicy.h (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/csp/ContentSecurityPolicy.h        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/page/csp/ContentSecurityPolicy.h        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -98,17 +98,18 @@
</span><span class="cx"> bool allowFrameAncestors(const Frame&, const URL&, bool overrideContentSecurityPolicy = false) const;
</span><span class="cx">
</span><span class="cx"> enum class RedirectResponseReceived { No, Yes };
</span><del>- bool allowScriptFromSource(const URL&, bool overrideContentSecurityPolicy = false, RedirectResponseReceived = RedirectResponseReceived::No) const;
- bool allowChildFrameFromSource(const URL&, bool overrideContentSecurityPolicy = false, RedirectResponseReceived = RedirectResponseReceived::No) const;
- bool allowChildContextFromSource(const URL&, bool overrideContentSecurityPolicy = false, RedirectResponseReceived = RedirectResponseReceived::No) const;
- bool allowImageFromSource(const URL&, bool overrideContentSecurityPolicy = false, RedirectResponseReceived = RedirectResponseReceived::No) const;
- bool allowStyleFromSource(const URL&, bool overrideContentSecurityPolicy = false, RedirectResponseReceived = RedirectResponseReceived::No) const;
- bool allowFontFromSource(const URL&, bool overrideContentSecurityPolicy = false, RedirectResponseReceived = RedirectResponseReceived::No) const;
- bool allowMediaFromSource(const URL&, bool overrideContentSecurityPolicy = false, RedirectResponseReceived = RedirectResponseReceived::No) const;
- bool allowConnectToSource(const URL&, bool overrideContentSecurityPolicy = false, RedirectResponseReceived = RedirectResponseReceived::No) const;
- bool allowFormAction(const URL&, bool overrideContentSecurityPolicy = false, RedirectResponseReceived = RedirectResponseReceived::No) const;
</del><ins>+ bool allowScriptFromSource(const URL&, RedirectResponseReceived = RedirectResponseReceived::No) const;
+ bool allowImageFromSource(const URL&, RedirectResponseReceived = RedirectResponseReceived::No) const;
+ bool allowStyleFromSource(const URL&, RedirectResponseReceived = RedirectResponseReceived::No) const;
+ bool allowFontFromSource(const URL&, RedirectResponseReceived = RedirectResponseReceived::No) const;
+ bool allowMediaFromSource(const URL&, RedirectResponseReceived = RedirectResponseReceived::No) const;
</ins><span class="cx">
</span><del>- bool allowObjectFromSource(const URL&, bool overrideContentSecurityPolicy = false, RedirectResponseReceived = RedirectResponseReceived::No) const;
</del><ins>+ bool allowChildFrameFromSource(const URL&, RedirectResponseReceived = RedirectResponseReceived::No) const;
+ bool allowChildContextFromSource(const URL&, RedirectResponseReceived = RedirectResponseReceived::No) const;
+ bool allowConnectToSource(const URL&, RedirectResponseReceived = RedirectResponseReceived::No) const;
+ bool allowFormAction(const URL&, RedirectResponseReceived = RedirectResponseReceived::No) const;
+
+ bool allowObjectFromSource(const URL&, RedirectResponseReceived = RedirectResponseReceived::No) const;
</ins><span class="cx"> bool allowBaseURI(const URL&, bool overrideContentSecurityPolicy = false) const;
</span><span class="cx">
</span><span class="cx"> void setOverrideAllowInlineStyle(bool);
</span><span class="lines">@@ -188,6 +189,9 @@
</span><span class="cx"> template<typename Predicate, typename... Args>
</span><span class="cx"> bool allPoliciesAllow(ViolatedDirectiveCallback&&, Predicate&&, Args&&...) const WARN_UNUSED_RETURN;
</span><span class="cx">
</span><ins>+ using ResourcePredicate = const ContentSecurityPolicyDirective *(ContentSecurityPolicyDirectiveList::*)(const URL &, bool) const;
+ bool allowResourceFromSource(const URL&, RedirectResponseReceived, const char*, ResourcePredicate) const;
+
</ins><span class="cx"> using HashInEnforcedAndReportOnlyPoliciesPair = std::pair<bool, bool>;
</span><span class="cx"> template<typename Predicate> HashInEnforcedAndReportOnlyPoliciesPair findHashOfContentInPolicies(Predicate&&, const String& content, OptionSet<ContentSecurityPolicyHashAlgorithm>) const WARN_UNUSED_RETURN;
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreworkersAbstractWorkercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/workers/AbstractWorker.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/workers/AbstractWorker.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/workers/AbstractWorker.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -63,7 +63,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> ASSERT(scriptExecutionContext()->contentSecurityPolicy());
</span><del>- if (!scriptExecutionContext()->contentSecurityPolicy()->allowChildContextFromSource(scriptURL, shouldBypassMainWorldContentSecurityPolicy)) {
</del><ins>+ if (!shouldBypassMainWorldContentSecurityPolicy && !scriptExecutionContext()->contentSecurityPolicy()->allowChildContextFromSource(scriptURL)) {
</ins><span class="cx"> ec = SECURITY_ERR;
</span><span class="cx"> return URL();
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCoreworkersWorkerGlobalScopecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/workers/WorkerGlobalScope.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/workers/WorkerGlobalScope.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/workers/WorkerGlobalScope.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -216,11 +216,14 @@
</span><span class="cx">
</span><span class="cx"> void WorkerGlobalScope::importScripts(const Vector<String>& urls, ExceptionCode& ec)
</span><span class="cx"> {
</span><ins>+ ASSERT(scriptExecutionContext());
</ins><span class="cx"> ASSERT(contentSecurityPolicy());
</span><ins>+
+ auto& context = *scriptExecutionContext();
</ins><span class="cx"> ec = 0;
</span><span class="cx"> Vector<URL> completedURLs;
</span><span class="cx"> for (auto& entry : urls) {
</span><del>- URL url = scriptExecutionContext()->completeURL(entry);
</del><ins>+ URL url = context.completeURL(entry);
</ins><span class="cx"> if (!url.isValid()) {
</span><span class="cx"> ec = SYNTAX_ERR;
</span><span class="cx"> return;
</span><span class="lines">@@ -230,14 +233,14 @@
</span><span class="cx">
</span><span class="cx"> for (auto& url : completedURLs) {
</span><span class="cx"> // FIXME: Convert this to check the isolated world's Content Security Policy once webkit.org/b/104520 is solved.
</span><del>- bool shouldBypassMainWorldContentSecurityPolicy = scriptExecutionContext()->shouldBypassMainWorldContentSecurityPolicy();
- if (!scriptExecutionContext()->contentSecurityPolicy()->allowScriptFromSource(url, shouldBypassMainWorldContentSecurityPolicy)) {
</del><ins>+ bool shouldBypassMainWorldContentSecurityPolicy = context.shouldBypassMainWorldContentSecurityPolicy();
+ if (!shouldBypassMainWorldContentSecurityPolicy && !context.contentSecurityPolicy()->allowScriptFromSource(url)) {
</ins><span class="cx"> ec = NETWORK_ERR;
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> Ref<WorkerScriptLoader> scriptLoader = WorkerScriptLoader::create();
</span><del>- scriptLoader->loadSynchronously(scriptExecutionContext(), url, FetchOptions::Mode::NoCors, shouldBypassMainWorldContentSecurityPolicy ? ContentSecurityPolicyEnforcement::DoNotEnforce : ContentSecurityPolicyEnforcement::EnforceScriptSrcDirective);
</del><ins>+ scriptLoader->loadSynchronously(&context, url, FetchOptions::Mode::NoCors, shouldBypassMainWorldContentSecurityPolicy ? ContentSecurityPolicyEnforcement::DoNotEnforce : ContentSecurityPolicyEnforcement::EnforceScriptSrcDirective);
</ins><span class="cx">
</span><span class="cx"> // If the fetching attempt failed, throw a NETWORK_ERR exception and abort all these steps.
</span><span class="cx"> if (scriptLoader->failed()) {
</span><span class="lines">@@ -245,7 +248,7 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- InspectorInstrumentation::scriptImported(scriptExecutionContext(), scriptLoader->identifier(), scriptLoader->script());
</del><ins>+ InspectorInstrumentation::scriptImported(&context, scriptLoader->identifier(), scriptLoader->script());
</ins><span class="cx">
</span><span class="cx"> NakedPtr<JSC::Exception> exception;
</span><span class="cx"> m_script->evaluate(ScriptSourceCode(scriptLoader->script(), scriptLoader->responseURL()), exception);
</span></span></pre></div>
<a id="trunkSourceWebCorexmlXMLHttpRequestcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/xml/XMLHttpRequest.cpp (206253 => 206254)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/xml/XMLHttpRequest.cpp        2016-09-22 07:57:32 UTC (rev 206253)
+++ trunk/Source/WebCore/xml/XMLHttpRequest.cpp        2016-09-22 08:28:37 UTC (rev 206254)
</span><span class="lines">@@ -494,6 +494,8 @@
</span><span class="cx"> if (!scriptExecutionContext())
</span><span class="cx"> return false;
</span><span class="cx">
</span><ins>+ auto& context = *scriptExecutionContext();
+
</ins><span class="cx"> if (m_state != OPENED || m_sendFlag) {
</span><span class="cx"> ec = INVALID_STATE_ERR;
</span><span class="cx"> return false;
</span><span class="lines">@@ -501,7 +503,7 @@
</span><span class="cx"> ASSERT(!m_loader);
</span><span class="cx">
</span><span class="cx"> // FIXME: Convert this to check the isolated world's Content Security Policy once webkit.org/b/104520 is solved.
</span><del>- if (!scriptExecutionContext()->contentSecurityPolicy()->allowConnectToSource(m_url, scriptExecutionContext()->shouldBypassMainWorldContentSecurityPolicy())) {
</del><ins>+ if (!context.shouldBypassMainWorldContentSecurityPolicy() && !context.contentSecurityPolicy()->allowConnectToSource(m_url)) {
</ins><span class="cx"> if (m_async) {
</span><span class="cx"> setPendingActivity(this);
</span><span class="cx"> m_timeoutTimer.stop();
</span></span></pre>
</div>
</div>
</body>
</html>