Update To 11.40.268.0

[platform/framework/web/crosswalk.git] / src / third_party / WebKit / Source / core / frame / csp / ContentSecurityPolicy.h

diff --git a/src/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h b/src/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
index 55690b5..19e165b 100644 (file)
--- a/src/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
+++ b/src/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
@@ -75,7 +75,7 @@ public:
     static const char ScriptSrc[];
     static const char StyleSrc[];
 
-    // CSP 1.1 Directives
+    // CSP Level 2 Directives
     static const char BaseURI[];
     static const char ChildSrc[];
     static const char FormAction[];
@@ -84,6 +84,10 @@ public:
     static const char ReflectedXSS[];
     static const char Referrer[];
 
+    // Manifest Directives (to be merged into CSP Level 2)
+    // https://w3c.github.io/manifest/#content-security-policy
+    static const char ManifestSrc[];
+
     enum ReportingStatus {
         SendReport,
         SuppressReport
@@ -127,6 +131,8 @@ public:
     bool allowChildContextFromSource(const KURL&, ReportingStatus = SendReport) const;
     bool allowWorkerContextFromSource(const KURL&, ReportingStatus = SendReport) const;
 
+    bool allowManifestFromSource(const KURL&, ReportingStatus = SendReport) const;
+
     // The nonce and hash allow functions are guaranteed to not have any side
     // effects, including reporting.
     // Nonce/Hash functions check all policies relating to use of a script/style
@@ -224,6 +230,7 @@ private:
     String m_disableEvalErrorMessage;
 
     OwnPtr<CSPSource> m_selfSource;
+    String m_selfProtocol;
 };
 
 }