projects / platform / framework / web / chromium-efl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1d4da33)
Apply CSP rules to blink::PolicyContainer 59/315559/3
authorGajendra N <gajendra.n@samsung.com>
Tue, 3 Dec 2024 05:43:29 +0000 (11:13 +0530)
committerBot Blink <blinkbot@samsung.com>
Tue, 3 Dec 2024 11:54:08 +0000 (11:54 +0000)
Document's CSP policies vector should be in sync with PolicyContainer,
hence append the rules to the container's vector as well.

Change-Id: Idcda2e6c5630a620a6f3c0506c1adb66e078188a
Signed-off-by: Gajendra N <gajendra.n@samsung.com>
third_party/blink/renderer/core/exported/web_document.cc patch | blob | history

diff --git a/third_party/blink/renderer/core/exported/web_document.cc b/third_party/blink/renderer/core/exported/web_document.cc
index 6b2c50ca89e73ed4d019b65f86824ccf17c974f7..28f7559676593d24e94c225b6a37744bf61ed4e0 100644 (file)
--- a/third_party/blink/renderer/core/exported/web_document.cc
+++ b/third_party/blink/renderer/core/exported/web_document.cc
@@ -71,6 +71,7 @@
 
 #if BUILDFLAG(IS_TIZEN)
 #include "third_party/blink/renderer/core/frame/csp/content_security_policy.h"
+#include "third_party/blink/renderer/core/frame/policy_container.h"
 #endif
 
 #if BUILDFLAG(IS_TIZEN_TV)
@@ -123,21 +124,25 @@ void WebDocument::SetContentSecurityPolicy(
   ExecutionContext* context = document->GetExecutionContext();
   if (!rule.empty()) {
     LOG(INFO) << "Applying CSP-Enforce for " << rule;
-    context->GetContentSecurityPolicy()->AddPolicies(
+    Vector<network::mojom::blink::ContentSecurityPolicyPtr> parsed =
         ParseContentSecurityPolicies(
             WebString::FromUTF8(rule),
             network::mojom::ContentSecurityPolicyType::kEnforce,
             network::mojom::blink::ContentSecurityPolicySource::kHTTP,
-            context->Url()));
+            context->Url());
+    context->GetContentSecurityPolicy()->AddPolicies(mojo::Clone(parsed));
+    context->GetPolicyContainer()->AddContentSecurityPolicies(std::move(parsed));
   }
   if (!report_rule.empty()) {
     LOG(INFO) << "Applying CSP-Report for " << report_rule;
-    context->GetContentSecurityPolicy()->AddPolicies(
+    Vector<network::mojom::blink::ContentSecurityPolicyPtr> parsed =
         ParseContentSecurityPolicies(
             WebString::FromUTF8(report_rule),
             network::mojom::ContentSecurityPolicyType::kReport,
             network::mojom::blink::ContentSecurityPolicySource::kHTTP,
-            context->Url()));
+            context->Url());
+    context->GetContentSecurityPolicy()->AddPolicies(mojo::Clone(parsed));
+    context->GetPolicyContainer()->AddContentSecurityPolicies(std::move(parsed));
   }
 }
 #endif
Domain: Web Framework / Web Engine;