diff options
Diffstat (limited to 'chromium/third_party/blink/renderer/core/frame/csp/string_list_directive.cc')
-rw-r--r-- | chromium/third_party/blink/renderer/core/frame/csp/string_list_directive.cc | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/chromium/third_party/blink/renderer/core/frame/csp/string_list_directive.cc b/chromium/third_party/blink/renderer/core/frame/csp/string_list_directive.cc index 049db709c2c..b2977416d76 100644 --- a/chromium/third_party/blink/renderer/core/frame/csp/string_list_directive.cc +++ b/chromium/third_party/blink/renderer/core/frame/csp/string_list_directive.cc @@ -58,21 +58,26 @@ bool StringListDirective::AllowOrProcessValue(const String& src) { allow_any_ = true; return false; } + if (src == "'none'") { + if (list_.size() > 1) { + Policy()->ReportInvalidSourceExpression(GetName(), src); + } + return false; + } return IsPolicyName(src); } -bool StringListDirective::Allows(const String& string_piece, - bool is_duplicate) { +bool StringListDirective::Allows(const String& value, bool is_duplicate) { if (is_duplicate && !allow_duplicates_) return false; - if (is_duplicate && string_piece == "default") + if (is_duplicate && value == "default") return false; - if (!IsPolicyName(string_piece)) + if (!IsPolicyName(value)) return false; - return allow_any_ || list_.Contains(string_piece); + return allow_any_ || list_.Contains(value); } -void StringListDirective::Trace(Visitor* visitor) { +void StringListDirective::Trace(Visitor* visitor) const { CSPDirective::Trace(visitor); } |