-
abarth@webkit.org authored
Reviewed by Eric Seidel. Implement img-src style-src and font-src https://bugs.webkit.org/show_bug.cgi?id=58018 Test a bunch of allow/block tests for these new directives. * http/tests/security/contentSecurityPolicy/image-allowed-expected.txt: Added. * http/tests/security/contentSecurityPolicy/image-allowed.html: Added. * http/tests/security/contentSecurityPolicy/image-blocked-expected.txt: Added. * http/tests/security/contentSecurityPolicy/image-blocked.html: Added. * http/tests/security/contentSecurityPolicy/resources/blue.css: Added. * http/tests/security/contentSecurityPolicy/resources/style.xsl: Added. * http/tests/security/contentSecurityPolicy/style-allowed-expected.txt: Added. * http/tests/security/contentSecurityPolicy/style-allowed.html: Added. * http/tests/security/contentSecurityPolicy/style-blocked-expected.txt: Added. * http/tests/security/contentSecurityPolicy/style-blocked.html: Added. * http/tests/security/contentSecurityPolicy/xsl-allowed.php: Added. * http/tests/security/contentSecurityPolicy/xsl-blocked-expected.txt: Added. * http/tests/security/contentSecurityPolicy/xsl-blocked.php: Added. 2011-04-07 Adam Barth <abarth@webkit.org> Reviewed by Eric Seidel. Implement img-src style-src and font-src https://bugs.webkit.org/show_bug.cgi?id=58018 These are pretty straight forward given the rest of the infrastructure we've built so far. Tests: http/tests/security/contentSecurityPolicy/image-allowed.html http/tests/security/contentSecurityPolicy/image-blocked.html http/tests/security/contentSecurityPolicy/style-allowed.html http/tests/security/contentSecurityPolicy/style-blocked.html http/tests/security/contentSecurityPolicy/xsl-allowed.php http/tests/security/contentSecurityPolicy/xsl-blocked.php * loader/cache/CachedResourceLoader.cpp: (WebCore::CachedResourceLoader::canRequest): * page/ContentSecurityPolicy.cpp: (WebCore::ContentSecurityPolicy::allowImageFromSource): (WebCore::ContentSecurityPolicy::allowStyleFromSource): (WebCore::ContentSecurityPolicy::allowFontFromSource): (WebCore::ContentSecurityPolicy::addDirective): * page/ContentSecurityPolicy.h: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83235 268f45cc-cd09-0410-ab3c-d52691b4dbfc
75a72fe0