ContentSecurityPolicy 152 Source/bindings/v8/V8Initializer.cpp if (ContentSecurityPolicy* policy = toDocument(executionContext)->contentSecurityPolicy()) ContentSecurityPolicy 228 Source/bindings/v8/V8WindowShell.cpp ContentSecurityPolicy* csp = m_frame->document()->contentSecurityPolicy(); ContentSecurityPolicy 229 Source/bindings/v8/V8WindowShell.cpp context->AllowCodeGenerationFromStrings(csp->allowEval(0, ContentSecurityPolicy::SuppressReport)); ContentSecurityPolicy 67 Source/bindings/v8/custom/V8WorkerGlobalScopeCustom.cpp if (ContentSecurityPolicy* policy = workerGlobalScope->contentSecurityPolicy()) { ContentSecurityPolicy 4580 Source/core/dom/Document.cpp static PassRefPtr<ContentSecurityPolicy> contentSecurityPolicyFor(Document* document) ContentSecurityPolicy 4584 Source/core/dom/Document.cpp return ContentSecurityPolicy::create(document); ContentSecurityPolicy 4599 Source/core/dom/Document.cpp setContentSecurityPolicy(ContentSecurityPolicy::create(this)); ContentSecurityPolicy 240 Source/core/dom/ExecutionContext.cpp ContentSecurityPolicy* ExecutionContext::contentSecurityPolicy() const ContentSecurityPolicy 73 Source/core/dom/ExecutionContext.h ContentSecurityPolicy* contentSecurityPolicy() const; ContentSecurityPolicy 50 Source/core/dom/SecurityContext.cpp void SecurityContext::setContentSecurityPolicy(PassRefPtr<ContentSecurityPolicy> contentSecurityPolicy) ContentSecurityPolicy 37 Source/core/dom/SecurityContext.h class ContentSecurityPolicy; ContentSecurityPolicy 43 Source/core/dom/SecurityContext.h ContentSecurityPolicy* contentSecurityPolicy() { return m_contentSecurityPolicy.get(); } ContentSecurityPolicy 56 Source/core/dom/SecurityContext.h void setContentSecurityPolicy(PassRefPtr<ContentSecurityPolicy>); ContentSecurityPolicy 64 Source/core/dom/SecurityContext.h RefPtr<ContentSecurityPolicy> m_contentSecurityPolicy; ContentSecurityPolicy 12 Source/core/frame/csp/CSPDirective.h class ContentSecurityPolicy; ContentSecurityPolicy 18 Source/core/frame/csp/CSPDirective.h CSPDirective(const String& name, const String& value, ContentSecurityPolicy* policy) ContentSecurityPolicy 28 Source/core/frame/csp/CSPDirective.h const ContentSecurityPolicy* policy() const { return m_policy; } ContentSecurityPolicy 33 Source/core/frame/csp/CSPDirective.h ContentSecurityPolicy* m_policy; ContentSecurityPolicy 15 Source/core/frame/csp/CSPDirectiveList.cpp CSPDirectiveList::CSPDirectiveList(ContentSecurityPolicy* policy, ContentSecurityPolicyHeaderType type, ContentSecurityPolicyHeaderSource source) ContentSecurityPolicy 28 Source/core/frame/csp/CSPDirectiveList.cpp PassOwnPtr<CSPDirectiveList> CSPDirectiveList::create(ContentSecurityPolicy* policy, const UChar* begin, const UChar* end, ContentSecurityPolicyHeaderType type, ContentSecurityPolicyHeaderSource source) ContentSecurityPolicy 130 Source/core/frame/csp/CSPDirectiveList.cpp reportViolationWithState(directive->text(), ContentSecurityPolicy::ScriptSrc, consoleMessage + "\"" + directive->text() + "\"." + suffix + "\n", KURL(), state); ContentSecurityPolicy 147 Source/core/frame/csp/CSPDirectiveList.cpp reportViolation(directive->text(), ContentSecurityPolicy::PluginTypes, message + "\n", KURL()); ContentSecurityPolicy 166 Source/core/frame/csp/CSPDirectiveList.cpp reportViolationWithLocation(directive->text(), isScript ? ContentSecurityPolicy::ScriptSrc : ContentSecurityPolicy::StyleSrc, consoleMessage + "\"" + directive->text() + "\"." + suffix + "\n", KURL(), contextURL, contextLine); ContentSecurityPolicy 182 Source/core/frame/csp/CSPDirectiveList.cpp if (ContentSecurityPolicy::BaseURI == effectiveDirective) ContentSecurityPolicy 184 Source/core/frame/csp/CSPDirectiveList.cpp else if (ContentSecurityPolicy::ChildSrc == effectiveDirective) ContentSecurityPolicy 186 Source/core/frame/csp/CSPDirectiveList.cpp else if (ContentSecurityPolicy::ConnectSrc == effectiveDirective) ContentSecurityPolicy 188 Source/core/frame/csp/CSPDirectiveList.cpp else if (ContentSecurityPolicy::FontSrc == effectiveDirective) ContentSecurityPolicy 190 Source/core/frame/csp/CSPDirectiveList.cpp else if (ContentSecurityPolicy::FormAction == effectiveDirective) ContentSecurityPolicy 192 Source/core/frame/csp/CSPDirectiveList.cpp else if (ContentSecurityPolicy::FrameSrc == effectiveDirective) ContentSecurityPolicy 194 Source/core/frame/csp/CSPDirectiveList.cpp else if (ContentSecurityPolicy::ImgSrc == effectiveDirective) ContentSecurityPolicy 196 Source/core/frame/csp/CSPDirectiveList.cpp else if (ContentSecurityPolicy::MediaSrc == effectiveDirective) ContentSecurityPolicy 198 Source/core/frame/csp/CSPDirectiveList.cpp else if (ContentSecurityPolicy::ObjectSrc == effectiveDirective) ContentSecurityPolicy 200 Source/core/frame/csp/CSPDirectiveList.cpp else if (ContentSecurityPolicy::ScriptSrc == effectiveDirective) ContentSecurityPolicy 202 Source/core/frame/csp/CSPDirectiveList.cpp else if (ContentSecurityPolicy::StyleSrc == effectiveDirective) ContentSecurityPolicy 222 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 225 Source/core/frame/csp/CSPDirectiveList.cpp if (reportingStatus == ContentSecurityPolicy::SendReport) ContentSecurityPolicy 231 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 234 Source/core/frame/csp/CSPDirectiveList.cpp if (reportingStatus == ContentSecurityPolicy::SendReport) ContentSecurityPolicy 239 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 242 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 247 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 250 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 255 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowEval(ScriptState* state, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 259 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 264 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowPluginType(const String& type, const String& typeAttribute, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 266 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 271 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowScriptFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 273 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 274 Source/core/frame/csp/CSPDirectiveList.cpp checkSourceAndReportViolation(operativeDirective(m_scriptSrc.get()), url, ContentSecurityPolicy::ScriptSrc) : ContentSecurityPolicy 278 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowObjectFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 282 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 283 Source/core/frame/csp/CSPDirectiveList.cpp checkSourceAndReportViolation(operativeDirective(m_objectSrc.get()), url, ContentSecurityPolicy::ObjectSrc) : ContentSecurityPolicy 287 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowChildFrameFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 303 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 304 Source/core/frame/csp/CSPDirectiveList.cpp checkSourceAndReportViolation(whichDirective, url, ContentSecurityPolicy::FrameSrc) : ContentSecurityPolicy 308 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowImageFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 310 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 311 Source/core/frame/csp/CSPDirectiveList.cpp checkSourceAndReportViolation(operativeDirective(m_imgSrc.get()), url, ContentSecurityPolicy::ImgSrc) : ContentSecurityPolicy 315 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowStyleFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 317 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 318 Source/core/frame/csp/CSPDirectiveList.cpp checkSourceAndReportViolation(operativeDirective(m_styleSrc.get()), url, ContentSecurityPolicy::StyleSrc) : ContentSecurityPolicy 322 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowFontFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 324 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 325 Source/core/frame/csp/CSPDirectiveList.cpp checkSourceAndReportViolation(operativeDirective(m_fontSrc.get()), url, ContentSecurityPolicy::FontSrc) : ContentSecurityPolicy 329 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowMediaFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 331 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 332 Source/core/frame/csp/CSPDirectiveList.cpp checkSourceAndReportViolation(operativeDirective(m_mediaSrc.get()), url, ContentSecurityPolicy::MediaSrc) : ContentSecurityPolicy 336 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowConnectToSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 338 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 339 Source/core/frame/csp/CSPDirectiveList.cpp checkSourceAndReportViolation(operativeDirective(m_connectSrc.get()), url, ContentSecurityPolicy::ConnectSrc) : ContentSecurityPolicy 343 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowFormAction(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 345 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 346 Source/core/frame/csp/CSPDirectiveList.cpp checkSourceAndReportViolation(m_formAction.get(), url, ContentSecurityPolicy::FormAction) : ContentSecurityPolicy 350 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowBaseURI(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 352 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 353 Source/core/frame/csp/CSPDirectiveList.cpp checkSourceAndReportViolation(m_baseURI.get(), url, ContentSecurityPolicy::BaseURI) : ContentSecurityPolicy 357 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowAncestors(LocalFrame* frame, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 359 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 364 Source/core/frame/csp/CSPDirectiveList.cpp bool CSPDirectiveList::allowChildContextFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 366 Source/core/frame/csp/CSPDirectiveList.cpp return reportingStatus == ContentSecurityPolicy::SendReport ? ContentSecurityPolicy 367 Source/core/frame/csp/CSPDirectiveList.cpp checkSourceAndReportViolation(operativeDirective(m_childSrc.get()), url, ContentSecurityPolicy::ChildSrc) : ContentSecurityPolicy 631 Source/core/frame/csp/CSPDirectiveList.cpp if (equalIgnoringCase(name, ContentSecurityPolicy::DefaultSrc)) { ContentSecurityPolicy 633 Source/core/frame/csp/CSPDirectiveList.cpp } else if (equalIgnoringCase(name, ContentSecurityPolicy::ScriptSrc)) { ContentSecurityPolicy 636 Source/core/frame/csp/CSPDirectiveList.cpp } else if (equalIgnoringCase(name, ContentSecurityPolicy::ObjectSrc)) { ContentSecurityPolicy 638 Source/core/frame/csp/CSPDirectiveList.cpp } else if (equalIgnoringCase(name, ContentSecurityPolicy::FrameAncestors)) { ContentSecurityPolicy 640 Source/core/frame/csp/CSPDirectiveList.cpp } else if (equalIgnoringCase(name, ContentSecurityPolicy::FrameSrc)) { ContentSecurityPolicy 642 Source/core/frame/csp/CSPDirectiveList.cpp } else if (equalIgnoringCase(name, ContentSecurityPolicy::ImgSrc)) { ContentSecurityPolicy 644 Source/core/frame/csp/CSPDirectiveList.cpp } else if (equalIgnoringCase(name, ContentSecurityPolicy::StyleSrc)) { ContentSecurityPolicy 647 Source/core/frame/csp/CSPDirectiveList.cpp } else if (equalIgnoringCase(name, ContentSecurityPolicy::FontSrc)) { ContentSecurityPolicy 649 Source/core/frame/csp/CSPDirectiveList.cpp } else if (equalIgnoringCase(name, ContentSecurityPolicy::MediaSrc)) { ContentSecurityPolicy 651 Source/core/frame/csp/CSPDirectiveList.cpp } else if (equalIgnoringCase(name, ContentSecurityPolicy::ConnectSrc)) { ContentSecurityPolicy 653 Source/core/frame/csp/CSPDirectiveList.cpp } else if (equalIgnoringCase(name, ContentSecurityPolicy::Sandbox)) { ContentSecurityPolicy 655 Source/core/frame/csp/CSPDirectiveList.cpp } else if (equalIgnoringCase(name, ContentSecurityPolicy::ReportURI)) { ContentSecurityPolicy 658 Source/core/frame/csp/CSPDirectiveList.cpp if (equalIgnoringCase(name, ContentSecurityPolicy::BaseURI)) ContentSecurityPolicy 660 Source/core/frame/csp/CSPDirectiveList.cpp else if (equalIgnoringCase(name, ContentSecurityPolicy::ChildSrc)) ContentSecurityPolicy 662 Source/core/frame/csp/CSPDirectiveList.cpp else if (equalIgnoringCase(name, ContentSecurityPolicy::FormAction)) ContentSecurityPolicy 664 Source/core/frame/csp/CSPDirectiveList.cpp else if (equalIgnoringCase(name, ContentSecurityPolicy::PluginTypes)) ContentSecurityPolicy 666 Source/core/frame/csp/CSPDirectiveList.cpp else if (equalIgnoringCase(name, ContentSecurityPolicy::ReflectedXSS)) ContentSecurityPolicy 668 Source/core/frame/csp/CSPDirectiveList.cpp else if (equalIgnoringCase(name, ContentSecurityPolicy::Referrer)) ContentSecurityPolicy 21 Source/core/frame/csp/CSPDirectiveList.h class ContentSecurityPolicy; ContentSecurityPolicy 27 Source/core/frame/csp/CSPDirectiveList.h static PassOwnPtr<CSPDirectiveList> create(ContentSecurityPolicy*, const UChar* begin, const UChar* end, ContentSecurityPolicyHeaderType, ContentSecurityPolicyHeaderSource); ContentSecurityPolicy 35 Source/core/frame/csp/CSPDirectiveList.h bool allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 36 Source/core/frame/csp/CSPDirectiveList.h bool allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 37 Source/core/frame/csp/CSPDirectiveList.h bool allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 38 Source/core/frame/csp/CSPDirectiveList.h bool allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 39 Source/core/frame/csp/CSPDirectiveList.h bool allowEval(ScriptState*, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 40 Source/core/frame/csp/CSPDirectiveList.h bool allowPluginType(const String& type, const String& typeAttribute, const KURL&, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 42 Source/core/frame/csp/CSPDirectiveList.h bool allowScriptFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 43 Source/core/frame/csp/CSPDirectiveList.h bool allowObjectFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 44 Source/core/frame/csp/CSPDirectiveList.h bool allowChildFrameFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 45 Source/core/frame/csp/CSPDirectiveList.h bool allowImageFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 46 Source/core/frame/csp/CSPDirectiveList.h bool allowStyleFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 47 Source/core/frame/csp/CSPDirectiveList.h bool allowFontFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 48 Source/core/frame/csp/CSPDirectiveList.h bool allowMediaFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 49 Source/core/frame/csp/CSPDirectiveList.h bool allowConnectToSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 50 Source/core/frame/csp/CSPDirectiveList.h bool allowFormAction(const KURL&, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 51 Source/core/frame/csp/CSPDirectiveList.h bool allowBaseURI(const KURL&, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 52 Source/core/frame/csp/CSPDirectiveList.h bool allowAncestors(LocalFrame*, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 53 Source/core/frame/csp/CSPDirectiveList.h bool allowChildContextFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const; ContentSecurityPolicy 67 Source/core/frame/csp/CSPDirectiveList.h CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, ContentSecurityPolicyHeaderSource); ContentSecurityPolicy 105 Source/core/frame/csp/CSPDirectiveList.h ContentSecurityPolicy* m_policy; ContentSecurityPolicy 16 Source/core/frame/csp/CSPSource.cpp CSPSource::CSPSource(ContentSecurityPolicy* policy, const String& scheme, const String& host, int port, const String& path, bool hostHasWildcard, bool portHasWildcard) ContentSecurityPolicy 12 Source/core/frame/csp/CSPSource.h class ContentSecurityPolicy; ContentSecurityPolicy 17 Source/core/frame/csp/CSPSource.h CSPSource(ContentSecurityPolicy*, const String& scheme, const String& host, int port, const String& path, bool hostHasWildcard, bool portHasWildcard); ContentSecurityPolicy 27 Source/core/frame/csp/CSPSource.h ContentSecurityPolicy* m_policy; ContentSecurityPolicy 64 Source/core/frame/csp/CSPSourceList.cpp CSPSourceList::CSPSourceList(ContentSecurityPolicy* policy, const String& directiveName) ContentSecurityPolicy 15 Source/core/frame/csp/CSPSourceList.h class ContentSecurityPolicy; ContentSecurityPolicy 21 Source/core/frame/csp/CSPSourceList.h CSPSourceList(ContentSecurityPolicy*, const String& directiveName); ContentSecurityPolicy 50 Source/core/frame/csp/CSPSourceList.h ContentSecurityPolicy* m_policy; ContentSecurityPolicy 70 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::ConnectSrc[] = "connect-src"; ContentSecurityPolicy 71 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::DefaultSrc[] = "default-src"; ContentSecurityPolicy 72 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::FontSrc[] = "font-src"; ContentSecurityPolicy 73 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::FrameSrc[] = "frame-src"; ContentSecurityPolicy 74 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::ImgSrc[] = "img-src"; ContentSecurityPolicy 75 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::MediaSrc[] = "media-src"; ContentSecurityPolicy 76 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::ObjectSrc[] = "object-src"; ContentSecurityPolicy 77 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::ReportURI[] = "report-uri"; ContentSecurityPolicy 78 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::Sandbox[] = "sandbox"; ContentSecurityPolicy 79 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::ScriptSrc[] = "script-src"; ContentSecurityPolicy 80 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::StyleSrc[] = "style-src"; ContentSecurityPolicy 83 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::BaseURI[] = "base-uri"; ContentSecurityPolicy 84 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::ChildSrc[] = "child-src"; ContentSecurityPolicy 85 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::FormAction[] = "form-action"; ContentSecurityPolicy 86 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::FrameAncestors[] = "frame-ancestors"; ContentSecurityPolicy 87 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::PluginTypes[] = "plugin-types"; ContentSecurityPolicy 88 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::ReflectedXSS[] = "reflected-xss"; ContentSecurityPolicy 89 Source/core/frame/csp/ContentSecurityPolicy.cpp const char ContentSecurityPolicy::Referrer[] = "referrer"; ContentSecurityPolicy 91 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::isDirectiveName(const String& name) ContentSecurityPolicy 118 Source/core/frame/csp/ContentSecurityPolicy.cpp return UseCounter::ContentSecurityPolicy; ContentSecurityPolicy 133 Source/core/frame/csp/ContentSecurityPolicy.cpp ContentSecurityPolicy::ContentSecurityPolicy(ExecutionContextClient* client) ContentSecurityPolicy 141 Source/core/frame/csp/ContentSecurityPolicy.cpp ContentSecurityPolicy::~ContentSecurityPolicy() ContentSecurityPolicy 145 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::copyStateFrom(const ContentSecurityPolicy* other) ContentSecurityPolicy 152 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::didReceiveHeaders(const ContentSecurityPolicyResponseHeaders& headers) ContentSecurityPolicy 160 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::didReceiveHeader(const String& header, ContentSecurityPolicyHeaderType type, ContentSecurityPolicyHeaderSource source) ContentSecurityPolicy 165 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::addPolicyFromHeaderValue(const String& header, ContentSecurityPolicyHeaderType type, ContentSecurityPolicyHeaderSource source) ContentSecurityPolicy 215 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::setOverrideAllowInlineStyle(bool value) ContentSecurityPolicy 220 Source/core/frame/csp/ContentSecurityPolicy.cpp const String& ContentSecurityPolicy::deprecatedHeader() const ContentSecurityPolicy 225 Source/core/frame/csp/ContentSecurityPolicy.cpp ContentSecurityPolicyHeaderType ContentSecurityPolicy::deprecatedHeaderType() const ContentSecurityPolicy 230 Source/core/frame/csp/ContentSecurityPolicy.cpp template<bool (CSPDirectiveList::*allowed)(ContentSecurityPolicy::ReportingStatus) const> ContentSecurityPolicy 231 Source/core/frame/csp/ContentSecurityPolicy.cpp bool isAllowedByAll(const CSPDirectiveListVector& policies, ContentSecurityPolicy::ReportingStatus reportingStatus) ContentSecurityPolicy 240 Source/core/frame/csp/ContentSecurityPolicy.cpp template<bool (CSPDirectiveList::*allowed)(ScriptState* state, ContentSecurityPolicy::ReportingStatus) const> ContentSecurityPolicy 241 Source/core/frame/csp/ContentSecurityPolicy.cpp bool isAllowedByAllWithState(const CSPDirectiveListVector& policies, ScriptState* state, ContentSecurityPolicy::ReportingStatus reportingStatus) ContentSecurityPolicy 250 Source/core/frame/csp/ContentSecurityPolicy.cpp template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumber&, ContentSecurityPolicy::ReportingStatus) const> ContentSecurityPolicy 251 Source/core/frame/csp/ContentSecurityPolicy.cpp bool isAllowedByAllWithContext(const CSPDirectiveListVector& policies, const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) ContentSecurityPolicy 280 Source/core/frame/csp/ContentSecurityPolicy.cpp template<bool (CSPDirectiveList::*allowFromURL)(const KURL&, ContentSecurityPolicy::ReportingStatus) const> ContentSecurityPolicy 281 Source/core/frame/csp/ContentSecurityPolicy.cpp bool isAllowedByAllWithURL(const CSPDirectiveListVector& policies, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) ContentSecurityPolicy 293 Source/core/frame/csp/ContentSecurityPolicy.cpp template<bool (CSPDirectiveList::*allowed)(LocalFrame*, ContentSecurityPolicy::ReportingStatus) const> ContentSecurityPolicy 294 Source/core/frame/csp/ContentSecurityPolicy.cpp bool isAllowedByAllWithFrame(const CSPDirectiveListVector& policies, LocalFrame* frame, ContentSecurityPolicy::ReportingStatus reportingStatus) ContentSecurityPolicy 353 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 358 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 363 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 368 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 375 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowEval(ScriptState* state, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 380 Source/core/frame/csp/ContentSecurityPolicy.cpp String ContentSecurityPolicy::evalDisabledErrorMessage() const ContentSecurityPolicy 389 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowPluginType(const String& type, const String& typeAttribute, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 398 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowScriptFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 403 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowScriptNonce(const String& nonce) const ContentSecurityPolicy 408 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowStyleNonce(const String& nonce) const ContentSecurityPolicy 413 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowScriptHash(const String& source) const ContentSecurityPolicy 418 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowStyleHash(const String& source) const ContentSecurityPolicy 423 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::usesScriptHashAlgorithms(uint8_t algorithms) ContentSecurityPolicy 428 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::usesStyleHashAlgorithms(uint8_t algorithms) ContentSecurityPolicy 433 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowObjectFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 438 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowChildFrameFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 443 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowImageFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 448 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowStyleFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 453 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowFontFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 458 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowMediaFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 463 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowConnectToSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 468 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowFormAction(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 473 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowBaseURI(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 478 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowAncestors(LocalFrame* frame, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 483 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowChildContextFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 488 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::allowWorkerContextFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const ContentSecurityPolicy 503 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::isActive() const ContentSecurityPolicy 508 Source/core/frame/csp/ContentSecurityPolicy.cpp ReflectedXSSDisposition ContentSecurityPolicy::reflectedXSSDisposition() const ContentSecurityPolicy 518 Source/core/frame/csp/ContentSecurityPolicy.cpp ReferrerPolicy ContentSecurityPolicy::referrerPolicy() const ContentSecurityPolicy 533 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::didSetReferrerPolicy() const ContentSecurityPolicy 542 Source/core/frame/csp/ContentSecurityPolicy.cpp SecurityOrigin* ContentSecurityPolicy::securityOrigin() const ContentSecurityPolicy 547 Source/core/frame/csp/ContentSecurityPolicy.cpp const KURL ContentSecurityPolicy::url() const ContentSecurityPolicy 552 Source/core/frame/csp/ContentSecurityPolicy.cpp KURL ContentSecurityPolicy::completeURL(const String& url) const ContentSecurityPolicy 557 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::enforceSandboxFlags(SandboxFlags mask) const ContentSecurityPolicy 602 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL>& reportURIs, const String& header) ContentSecurityPolicy 662 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportInvalidReferrer(const String& invalidValue) const ContentSecurityPolicy 667 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportReportOnlyInMeta(const String& header) const ContentSecurityPolicy 672 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportMetaOutsideHead(const String& header) const ContentSecurityPolicy 677 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportInvalidInReportOnly(const String& name) const ContentSecurityPolicy 682 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportUnsupportedDirective(const String& name) const ContentSecurityPolicy 702 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportDirectiveAsSourceExpression(const String& directiveName, const String& sourceExpression) const ContentSecurityPolicy 708 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportDuplicateDirective(const String& name) const ContentSecurityPolicy 714 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportInvalidPluginTypes(const String& pluginType) const ContentSecurityPolicy 724 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportInvalidSandboxFlags(const String& invalidFlags) const ContentSecurityPolicy 729 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportInvalidReflectedXSS(const String& invalidValue) const ContentSecurityPolicy 734 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportInvalidDirectiveValueCharacter(const String& directiveName, const String& value) const ContentSecurityPolicy 740 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportInvalidPathCharacter(const String& directiveName, const String& value, const char invalidChar) const ContentSecurityPolicy 751 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportInvalidSourceExpression(const String& directiveName, const String& source) const ContentSecurityPolicy 759 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportMissingReportURI(const String& policy) const ContentSecurityPolicy 764 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::logToConsole(const String& message) const ContentSecurityPolicy 769 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::reportBlockedScriptExecutionToInspector(const String& directiveText) const ContentSecurityPolicy 774 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::experimentalFeaturesEnabled() const ContentSecurityPolicy 779 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::shouldBypassMainWorld(ExecutionContext* context) ContentSecurityPolicy 789 Source/core/frame/csp/ContentSecurityPolicy.cpp bool ContentSecurityPolicy::shouldSendViolationReport(const String& report) const ContentSecurityPolicy 795 Source/core/frame/csp/ContentSecurityPolicy.cpp void ContentSecurityPolicy::didSendViolationReport(const String& report) ContentSecurityPolicy 60 Source/core/frame/csp/ContentSecurityPolicy.h class ContentSecurityPolicy : public RefCounted<ContentSecurityPolicy> { ContentSecurityPolicy 85 Source/core/frame/csp/ContentSecurityPolicy.h static PassRefPtr<ContentSecurityPolicy> create(ExecutionContextClient* client) ContentSecurityPolicy 87 Source/core/frame/csp/ContentSecurityPolicy.h return adoptRef(new ContentSecurityPolicy(client)); ContentSecurityPolicy 89 Source/core/frame/csp/ContentSecurityPolicy.h ~ContentSecurityPolicy(); ContentSecurityPolicy 91 Source/core/frame/csp/ContentSecurityPolicy.h void copyStateFrom(const ContentSecurityPolicy*); ContentSecurityPolicy 180 Source/core/frame/csp/ContentSecurityPolicy.h explicit ContentSecurityPolicy(ExecutionContextClient*); ContentSecurityPolicy 16 Source/core/frame/csp/MediaListDirective.cpp MediaListDirective::MediaListDirective(const String& name, const String& value, ContentSecurityPolicy* policy) ContentSecurityPolicy 15 Source/core/frame/csp/MediaListDirective.h class ContentSecurityPolicy; ContentSecurityPolicy 20 Source/core/frame/csp/MediaListDirective.h MediaListDirective(const String& name, const String& value, ContentSecurityPolicy*); ContentSecurityPolicy 16 Source/core/frame/csp/SourceListDirective.cpp SourceListDirective::SourceListDirective(const String& name, const String& value, ContentSecurityPolicy* policy) ContentSecurityPolicy 16 Source/core/frame/csp/SourceListDirective.h class ContentSecurityPolicy; ContentSecurityPolicy 22 Source/core/frame/csp/SourceListDirective.h SourceListDirective(const String& name, const String& value, ContentSecurityPolicy*); ContentSecurityPolicy 95 Source/core/inspector/InspectorCSSAgent.h ContentSecurityPolicy* m_contentSecurityPolicy; ContentSecurityPolicy 145 Source/core/page/EventSource.cpp options.contentSecurityPolicyEnforcement = ContentSecurityPolicy::shouldBypassMainWorld(executionContext()) ? DoNotEnforceContentSecurityPolicy : EnforceConnectSrcDirective; ContentSecurityPolicy 103 Source/core/workers/WorkerGlobalScope.cpp setContentSecurityPolicy(ContentSecurityPolicy::create(this)); ContentSecurityPolicy 546 Source/core/xml/XMLHttpRequest.cpp if (!ContentSecurityPolicy::shouldBypassMainWorld(executionContext()) && !executionContext()->contentSecurityPolicy()->allowConnectToSource(url)) { ContentSecurityPolicy 820 Source/core/xml/XMLHttpRequest.cpp options.contentSecurityPolicyEnforcement = ContentSecurityPolicy::shouldBypassMainWorld(executionContext()) ? DoNotEnforceContentSecurityPolicy : EnforceConnectSrcDirective;