CSP 1.1: Make the CSP_NEXT flag runtime enabled.
authormkwst@chromium.org <mkwst@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 1 Dec 2012 06:53:25 +0000 (06:53 +0000)
committermkwst@chromium.org <mkwst@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 1 Dec 2012 06:53:25 +0000 (06:53 +0000)
commitd090884829ea97b2aeffd330ab715d13b4638e1d
treeef752951e8a99302a1a1faa9475791e6003b2490
parenta8359ef71376e965113e0ea465dbc6638e3af8ce
CSP 1.1: Make the CSP_NEXT flag runtime enabled.
https://bugs.webkit.org/show_bug.cgi?id=103652

Reviewed by Adam Barth.

Source/WebCore:

Content Security Policy 1.1 continues to live behind the CSP_NEXT flag,
this patch adds another layer on top of that in order to enable runtime
decisions about whether it should be active.

* bindings/generic/RuntimeEnabledFeatures.cpp:
(WebCore):
* bindings/generic/RuntimeEnabledFeatures.h:
(RuntimeEnabledFeatures):
(WebCore::RuntimeEnabledFeatures::experimentalContentSecurityPolicyFeaturesEnabled):
(WebCore::RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled):
    Adds methods in order to correctly handle enabling and disabling
    CSP 1.1 features.
* dom/Document.idl:
    Gate the 'document.securityPolicy' object on the runtime flag.
* page/ContentSecurityPolicy.cpp:
(WebCore::CSPDirectiveList::addDirective):
    Check that experimental features are runtime enabled before
    processing 1.1 directives.
(WebCore::ContentSecurityPolicy::experimentalFeaturesEnabled):
(WebCore):
* page/ContentSecurityPolicy.h:
    Adds a new method which checks against the runtime flag to determine
    whether CSP 1.1 features are enabled.

Source/WebKit/chromium:

The CSP_NEXT flag continues to be enabled on the Chromium port, but this
patch now locks the features away behind the securityPolicy runtime
flag.

* public/WebRuntimeFeatures.h:
(WebRuntimeFeatures):
* src/WebRuntimeFeatures.cpp:
(WebKit::WebRuntimeFeatures::enableExperimentalContentSecurityPolicyFeatures):
(WebKit):
(WebKit::WebRuntimeFeatures::isExperimentalContentSecurityPolicyFeaturesEnabled):
    Adds the feature to WebRuntimeFeatures so it can be toggled from
    inside Chromium.

Tools:

Ensures that the new SecurityPolicy runtime flag is enabled for Chromium's tests.

* DumpRenderTree/chromium/TestShell.cpp:
(TestShell::TestShell):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@136305 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/WebCore/ChangeLog
Source/WebCore/bindings/generic/RuntimeEnabledFeatures.cpp
Source/WebCore/bindings/generic/RuntimeEnabledFeatures.h
Source/WebCore/dom/Document.idl
Source/WebCore/page/ContentSecurityPolicy.cpp
Source/WebCore/page/ContentSecurityPolicy.h
Source/WebKit/chromium/ChangeLog
Source/WebKit/chromium/public/WebRuntimeFeatures.h
Source/WebKit/chromium/src/WebRuntimeFeatures.cpp
Tools/ChangeLog
Tools/DumpRenderTree/chromium/TestShell.cpp