Google Git
Sign in
chromium / chromium / src / 1a51903a122803cd0eb4356edb84444feda25f79
commit1a51903a122803cd0eb4356edb84444feda25f79[log] [tgz]
authorKaran Bhatia <karandeepb@chromium.org>Tue Jan 08 04:27:24 2019
committerCommit Bot <commit-bot@chromium.org>Tue Jan 08 04:27:24 2019
treeaca146c9c073fdd863a1d380217549e5381a9e32
parent1c4657fc77a03e44f2aa62408cd317af9d7bd59e [diff]
Introduce ExecutionContext::GetContentSecurityPolicyForWorld.

This CL makes the following changes:
- Introduce IsolatedWorldCSP blink runtime feature. If the feature is enabled,
  we will use the actual CSP defined by an isolated world. If it is disabled
  (default), we'll use an empty CSP for the isolated world, which will just have
  the effect of bypassing the main world CSP.
- Introduce ExecutionContext::GetContentSecurityPolicyForWorld() which
  returns the correct ContentSecurityPolicy to use based on the current world.
  No non-test usages of this method are added in this CL.
- Partially implement IsolatedWorldCSPDelegate.

This CL implements the initial pieces to support applying a custom CSP for
isolated worlds. It should have no behavior change.

In future CLs, we'll:
  - Plumb the correct security origin for isolated world csps.
  - Replace the usages of ContentSecurityPolicy::ShouldBypassMainWorld with
    ExecutionContext::GetContentSecurityPolicyForWorld to ensure we end up using
    the isolated world specified CSP when needed.

Doc=https://docs.google.com/document/d/1_Ku4P86It4ewL_4k_YwrpNKo0YhCM1yuE1fzR673Ask/edit?usp=sharing (Googlers only)
BUG=896041

Change-Id: I2542e3c8412d6ed2637ddffc20645374261b03a7
Reviewed-on: https://chromium-review.googlesource.com/c/1368663
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Karan Bhatia <karandeepb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#620617}
11 files changed
tree: aca146c9c073fdd863a1d380217549e5381a9e32
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. build/
  6. build_overrides/
  7. cc/
  8. chrome/
  9. chrome_elf/
  10. chromecast/
  11. chromeos/
  12. cloud_print/
  13. components/
  14. content/
  15. courgette/
  16. crypto/
  17. dbus/
  18. device/
  19. docs/
  20. extensions/
  21. gin/
  22. google_apis/
  23. google_update/
  24. gpu/
  25. headless/
  26. infra/
  27. ios/
  28. ipc/
  29. jingle/
  30. mash/
  31. media/
  32. mojo/
  33. native_client_sdk/
  34. net/
  35. pdf/
  36. ppapi/
  37. printing/
  38. remoting/
  39. rlz/
  40. sandbox/
  41. services/
  42. skia/
  43. sql/
  44. storage/
  45. styleguide/
  46. testing/
  47. third_party/
  48. tools/
  49. ui/
  50. url/
  51. webrunner/
  52. .clang-format
  53. .eslintrc.js
  54. .git-blame-ignore-revs
  55. .gitattributes
  56. .gitignore
  57. .gn
  58. .vpython
  59. AUTHORS
  60. BUILD.gn
  61. CODE_OF_CONDUCT.md
  62. codereview.settings
  63. DEPS
  64. ENG_REVIEW_OWNERS
  65. LICENSE
  66. LICENSE.chromium_os
  67. OWNERS
  68. PRESUBMIT.py
  69. PRESUBMIT_test.py
  70. PRESUBMIT_test_mocks.py
  71. README.md
  72. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .