2011-04-07 Adam Barth <abarth@webkit.org>

2011-04-07  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        Implement img-src style-src and font-src
        https://bugs.webkit.org/show_bug.cgi?id=58018

        Test a bunch of allow/block tests for these new directives.

        * http/tests/security/contentSecurityPolicy/image-allowed-expected.txt: Added.
        * http/tests/security/contentSecurityPolicy/image-allowed.html: Added.
        * http/tests/security/contentSecurityPolicy/image-blocked-expected.txt: Added.
        * http/tests/security/contentSecurityPolicy/image-blocked.html: Added.
        * http/tests/security/contentSecurityPolicy/resources/blue.css: Added.
        * http/tests/security/contentSecurityPolicy/resources/style.xsl: Added.
        * http/tests/security/contentSecurityPolicy/style-allowed-expected.txt: Added.
        * http/tests/security/contentSecurityPolicy/style-allowed.html: Added.
        * http/tests/security/contentSecurityPolicy/style-blocked-expected.txt: Added.
        * http/tests/security/contentSecurityPolicy/style-blocked.html: Added.
        * http/tests/security/contentSecurityPolicy/xsl-allowed.php: Added.
        * http/tests/security/contentSecurityPolicy/xsl-blocked-expected.txt: Added.
        * http/tests/security/contentSecurityPolicy/xsl-blocked.php: Added.
2011-04-07  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        Implement img-src style-src and font-src
        https://bugs.webkit.org/show_bug.cgi?id=58018

        These are pretty straight forward given the rest of the infrastructure
        we've built so far.

        Tests: http/tests/security/contentSecurityPolicy/image-allowed.html
               http/tests/security/contentSecurityPolicy/image-blocked.html
               http/tests/security/contentSecurityPolicy/style-allowed.html
               http/tests/security/contentSecurityPolicy/style-blocked.html
               http/tests/security/contentSecurityPolicy/xsl-allowed.php
               http/tests/security/contentSecurityPolicy/xsl-blocked.php

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::canRequest):
        * page/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::allowImageFromSource):
        (WebCore::ContentSecurityPolicy::allowStyleFromSource):
        (WebCore::ContentSecurityPolicy::allowFontFromSource):
        (WebCore::ContentSecurityPolicy::addDirective):
        * page/ContentSecurityPolicy.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@83235 268f45cc-cd09-0410-ab3c-d52691b4dbfc