Unreviewed, rolling out r126852.
authorharaken@chromium.org <haraken@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 28 Aug 2012 07:59:34 +0000 (07:59 +0000)
committerharaken@chromium.org <haraken@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 28 Aug 2012 07:59:34 +0000 (07:59 +0000)
http://trac.webkit.org/changeset/126852
https://bugs.webkit.org/show_bug.cgi?id=94433

broke qt and mac tests

Source/WebCore:

* bindings/js/ScheduledAction.cpp:
(WebCore::ScheduledAction::create):
* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::initScript):
* bindings/v8/V8DOMWindowShell.cpp:
(WebCore::V8DOMWindowShell::initializeIfNeeded):
* bindings/v8/custom/V8DOMWindowCustom.cpp:
(WebCore::WindowSetTimeoutImpl):
* page/ContentSecurityPolicy.cpp:
(CSPDirectiveList):
(WebCore::CSPDirectiveList::reportViolation):
(WebCore::CSPDirectiveList::checkEvalAndReportViolation):
(WebCore::CSPDirectiveList::allowEval):
(WebCore::ContentSecurityPolicy::didReceiveHeader):
(WebCore):
(WebCore::isAllowedByAllWithCallStack):
(WebCore::ContentSecurityPolicy::allowEval):
(WebCore::ContentSecurityPolicy::reportViolation):
(WebCore::ContentSecurityPolicy::logToConsole):
* page/ContentSecurityPolicy.h:
(WebCore):
* page/DOMSecurityPolicy.cpp:
(WebCore::DOMSecurityPolicy::allowsEval):

LayoutTests:

* http/tests/inspector/csp-injected-content-warning-contains-stacktrace-expected.txt: Removed.
* http/tests/inspector/csp-injected-content-warning-contains-stacktrace.html: Removed.
* http/tests/inspector/csp-inline-warning-contains-stacktrace-expected.txt: Removed.
* http/tests/inspector/csp-inline-warning-contains-stacktrace.html: Removed.
* http/tests/inspector/resources/csp-inline-test.js: Removed.
* http/tests/inspector/resources/csp-test.js: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@126854 268f45cc-cd09-0410-ab3c-d52691b4dbfc

15 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/inspector/csp-injected-content-warning-contains-stacktrace-expected.txt [deleted file]
LayoutTests/http/tests/inspector/csp-injected-content-warning-contains-stacktrace.html [deleted file]
LayoutTests/http/tests/inspector/csp-inline-warning-contains-stacktrace-expected.txt [deleted file]
LayoutTests/http/tests/inspector/csp-inline-warning-contains-stacktrace.html [deleted file]
LayoutTests/http/tests/inspector/resources/csp-inline-test.js [deleted file]
LayoutTests/http/tests/inspector/resources/csp-test.js [deleted file]
Source/WebCore/ChangeLog
Source/WebCore/bindings/js/ScheduledAction.cpp
Source/WebCore/bindings/js/ScriptController.cpp
Source/WebCore/bindings/v8/V8DOMWindowShell.cpp
Source/WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp
Source/WebCore/page/ContentSecurityPolicy.cpp
Source/WebCore/page/ContentSecurityPolicy.h
Source/WebCore/page/DOMSecurityPolicy.cpp

index 1fae72e..a94ee50 100644 (file)
@@ -1,3 +1,18 @@
+2012-08-28  Kentaro Hara  <haraken@chromium.org>
+
+        Unreviewed, rolling out r126852.
+        http://trac.webkit.org/changeset/126852
+        https://bugs.webkit.org/show_bug.cgi?id=94433
+
+        broke qt and mac tests
+
+        * http/tests/inspector/csp-injected-content-warning-contains-stacktrace-expected.txt: Removed.
+        * http/tests/inspector/csp-injected-content-warning-contains-stacktrace.html: Removed.
+        * http/tests/inspector/csp-inline-warning-contains-stacktrace-expected.txt: Removed.
+        * http/tests/inspector/csp-inline-warning-contains-stacktrace.html: Removed.
+        * http/tests/inspector/resources/csp-inline-test.js: Removed.
+        * http/tests/inspector/resources/csp-test.js: Removed.
+
 2012-08-28  Csaba Osztrogon√°c  <ossy@webkit.org>
 
         [Qt] Unreviewed gardening, skip failing tests.
diff --git a/LayoutTests/http/tests/inspector/csp-injected-content-warning-contains-stacktrace-expected.txt b/LayoutTests/http/tests/inspector/csp-injected-content-warning-contains-stacktrace-expected.txt
deleted file mode 100644 (file)
index e9649bf..0000000
+++ /dev/null
@@ -1,15 +0,0 @@
-CONSOLE MESSAGE: Refused to load the image 'http://127.0.0.1:8000/resources/abe.png' because it violates the following Content Security Policy directive: "img-src 'none'".
-
-This test injects a blocked image from JavaScript. The resulting console error should contain a stack trace.
-
-
-Message[0]: csp-injected-content-warning-contains-stacktrace.html:12 Refused to load the image 'http://127.0.0.1:8000/resources/abe.png' because it violates the following Content Security Policy directive: "img-src 'none'".
-
-Stack Trace:
-
-    0) http://127.0.0.1:8000/inspector/csp-injected-content-warning-contains-stacktrace.html / thisTest / 12 / 25
-    1) (internal script) /  / (line number) / (column number)
-    2) (internal script) / InjectedScript._evaluateOn / (line number) / (column number)
-    3) (internal script) / InjectedScript._evaluateAndWrap / (line number) / (column number)
-    4) (internal script) / InjectedScript.evaluate / (line number) / (column number)
-
diff --git a/LayoutTests/http/tests/inspector/csp-injected-content-warning-contains-stacktrace.html b/LayoutTests/http/tests/inspector/csp-injected-content-warning-contains-stacktrace.html
deleted file mode 100644 (file)
index dcc3007..0000000
+++ /dev/null
@@ -1,21 +0,0 @@
-<!DOCTYPE html>
-<html>
-    <head>
-        <meta http-equiv="X-WebKit-CSP" content="img-src 'none'">
-        <script src="/inspector/console-test.js"></script>
-        <script src="/inspector/debugger-test.js"></script>
-        <script src="/inspector/inspector-test.js"></script>
-        <script src="/inspector/resources/csp-test.js"></script>
-        <script>
-            function thisTest() {
-                var img = document.createElement('img');
-                img.src = "../resources/abe.png";
-                document.body.appendChild(img);
-            }
-        </script>
-    </head>
-    <body onload="runTest()">
-        <p>This test injects a blocked image from JavaScript. The resulting console
-        error should contain a stack trace.</p>
-    </body>
-</html>
diff --git a/LayoutTests/http/tests/inspector/csp-inline-warning-contains-stacktrace-expected.txt b/LayoutTests/http/tests/inspector/csp-inline-warning-contains-stacktrace-expected.txt
deleted file mode 100644 (file)
index d105d04..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-CONSOLE MESSAGE: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'".
-
-This test injects an inline script from JavaScript. The resulting console error should contain a stack trace.
-
-Message[0]: csp-inline-test.js:4 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'".
-
-Stack Trace:
-
-    0) http://127.0.0.1:8000/inspector/resources/csp-inline-test.js / thisTest / 4 / 19
-    1) (internal script) /  / (line number) / (column number)
-    2) (internal script) / InjectedScript._evaluateOn / (line number) / (column number)
-    3) (internal script) / InjectedScript._evaluateAndWrap / (line number) / (column number)
-    4) (internal script) / InjectedScript.evaluate / (line number) / (column number)
-
diff --git a/LayoutTests/http/tests/inspector/csp-inline-warning-contains-stacktrace.html b/LayoutTests/http/tests/inspector/csp-inline-warning-contains-stacktrace.html
deleted file mode 100644 (file)
index 06318cb..0000000
+++ /dev/null
@@ -1,15 +0,0 @@
-<!DOCTYPE html>
-<html>
-    <head>
-        <meta http-equiv="X-WebKit-CSP" content="script-src 'self'">
-        <script src="/inspector/console-test.js"></script>
-        <script src="/inspector/debugger-test.js"></script>
-        <script src="/inspector/inspector-test.js"></script>
-        <script src="/inspector/resources/csp-test.js"></script>
-        <script src="/inspector/resources/csp-inline-test.js"></script>
-    </head>
-    <body>
-        <p>This test injects an inline script from JavaScript. The resulting
-        console error should contain a stack trace.</p>
-    </body>
-</html>
diff --git a/LayoutTests/http/tests/inspector/resources/csp-inline-test.js b/LayoutTests/http/tests/inspector/resources/csp-inline-test.js
deleted file mode 100644 (file)
index 678344f..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-function thisTest() {
-    var s = document.createElement('script');
-    s.innerText = "alert('FAIL.');"
-    document.body.appendChild(s);
-}
-window.onload = runTest;
diff --git a/LayoutTests/http/tests/inspector/resources/csp-test.js b/LayoutTests/http/tests/inspector/resources/csp-test.js
deleted file mode 100644 (file)
index 449cbc5..0000000
+++ /dev/null
@@ -1,33 +0,0 @@
-function test() {
-    InspectorTest.addConsoleSniffer(addMessage, true);
-
-    var messageCount = 0;
-    function addMessage(message) {
-        if (messageCount++)
-            return;
-        var messages = WebInspector.consoleView.messages;
-        for (var i = 0; i < messages.length; ++i) {
-            var m = messages[i];
-            InspectorTest.addResult("Message[" + i + "]: " + WebInspector.displayNameForURL(m.url) + ":" + m.line + " " + m.message);
-            var trace = m.stackTrace;
-            if (!trace) {
-                InspectorTest.addResult("FAIL: no stack trace attached to message #" + i);
-            } else {
-                InspectorTest.addResult("Stack Trace:\n");
-                for (var j = 0; j < trace.length; j++) {
-                    var url = trace[j].url;
-                    var lineNumber = trace[j].lineNumber;
-                    var columnNumber = trace[j].columnNumber;
-                    if (!trace[j].url) {
-                        url = "(internal script)";
-                        lineNumber = "(line number)";
-                        columnNumber = "(column number)";
-                    }
-                    InspectorTest.addResult("    " + j + ") " + url + " / " + trace[j].functionName + " / " + lineNumber + " / " + columnNumber);
-                }
-            }
-        }
-        InspectorTest.completeTest();
-    }
-    InspectorTest.evaluateInPage("thisTest()");
-}
index 6fb6a3a..4a4a3af 100644 (file)
@@ -1,3 +1,35 @@
+2012-08-28  Kentaro Hara  <haraken@chromium.org>
+
+        Unreviewed, rolling out r126852.
+        http://trac.webkit.org/changeset/126852
+        https://bugs.webkit.org/show_bug.cgi?id=94433
+
+        broke qt and mac tests
+
+        * bindings/js/ScheduledAction.cpp:
+        (WebCore::ScheduledAction::create):
+        * bindings/js/ScriptController.cpp:
+        (WebCore::ScriptController::initScript):
+        * bindings/v8/V8DOMWindowShell.cpp:
+        (WebCore::V8DOMWindowShell::initializeIfNeeded):
+        * bindings/v8/custom/V8DOMWindowCustom.cpp:
+        (WebCore::WindowSetTimeoutImpl):
+        * page/ContentSecurityPolicy.cpp:
+        (CSPDirectiveList):
+        (WebCore::CSPDirectiveList::reportViolation):
+        (WebCore::CSPDirectiveList::checkEvalAndReportViolation):
+        (WebCore::CSPDirectiveList::allowEval):
+        (WebCore::ContentSecurityPolicy::didReceiveHeader):
+        (WebCore):
+        (WebCore::isAllowedByAllWithCallStack):
+        (WebCore::ContentSecurityPolicy::allowEval):
+        (WebCore::ContentSecurityPolicy::reportViolation):
+        (WebCore::ContentSecurityPolicy::logToConsole):
+        * page/ContentSecurityPolicy.h:
+        (WebCore):
+        * page/DOMSecurityPolicy.cpp:
+        (WebCore::DOMSecurityPolicy::allowsEval):
+
 2012-08-28  Mike West  <mkwst@chromium.org>
 
         Add call stacks to Content Security Policy checks when relevant.
index 0128b27..c469bf8 100644 (file)
@@ -55,7 +55,8 @@ PassOwnPtr<ScheduledAction> ScheduledAction::create(ExecState* exec, DOMWrapperW
     JSValue v = exec->argument(0);
     CallData callData;
     if (getCallData(v, callData) == CallTypeNone) {
-        if (policy && !policy->allowEval())
+        RefPtr<ScriptCallStack> callStack(createScriptCallStackForInspector(exec));
+        if (policy && !policy->allowEval(callStack.release()))
             return nullptr;
         UString string = v.toString(exec)->value(exec);
         if (exec->hadException())
index 5ecd3de..41bbea8 100644 (file)
@@ -222,7 +222,7 @@ JSDOMWindowShell* ScriptController::initScript(DOMWrapperWorld* world)
     windowShell->window()->updateDocument();
 
     if (m_frame->document())
-        windowShell->window()->setEvalEnabled(m_frame->document()->contentSecurityPolicy()->allowEval(ContentSecurityPolicy::SuppressReport));
+        windowShell->window()->setEvalEnabled(m_frame->document()->contentSecurityPolicy()->allowEval(0, ContentSecurityPolicy::SuppressReport));   
 
     if (Page* page = m_frame->page()) {
         attachDebugger(windowShell, page->debugger());
index cdf7fd1..4dfce70 100644 (file)
@@ -320,7 +320,7 @@ bool V8DOMWindowShell::initializeIfNeeded()
     setSecurityToken();
 
     if (m_frame->document())
-        context->AllowCodeGenerationFromStrings(m_frame->document()->contentSecurityPolicy()->allowEval(ContentSecurityPolicy::SuppressReport));
+        context->AllowCodeGenerationFromStrings(m_frame->document()->contentSecurityPolicy()->allowEval(0, ContentSecurityPolicy::SuppressReport));
 
     m_frame->loader()->client()->didCreateScriptContext(m_context.get(), 0, 0);
 
index e18c09c..7280d91 100644 (file)
@@ -128,7 +128,8 @@ v8::Handle<v8::Value> WindowSetTimeoutImpl(const v8::Arguments& args, bool singl
 
         id = DOMTimer::install(scriptContext, action.release(), timeout, singleShot);
     } else {
-        if (imp->document() && !imp->document()->contentSecurityPolicy()->allowEval())
+        RefPtr<ScriptCallStack> callStack(createScriptCallStackForInspector());
+        if (imp->document() && !imp->document()->contentSecurityPolicy()->allowEval(callStack.release()))
             return v8Integer(0, args.GetIsolate());
         ASSERT(imp->frame());
         id = DOMTimer::install(scriptContext, adoptPtr(new ScheduledAction(imp->frame()->script()->currentWorldContext(), functionString)), timeout, singleShot);
index 329b58d..c77170d 100644 (file)
@@ -38,7 +38,6 @@
 #include "PingLoader.h"
 #include "SchemeRegistry.h"
 #include "ScriptCallStack.h"
-#include "ScriptCallStackFactory.h"
 #include "SecurityOrigin.h"
 #include "TextEncoding.h"
 #include <wtf/HashSet.h>
@@ -711,7 +710,7 @@ public:
     bool allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const;
     bool allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const;
     bool allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const;
-    bool allowEval(ContentSecurityPolicy::ReportingStatus) const;
+    bool allowEval(PassRefPtr<ScriptCallStack>, ContentSecurityPolicy::ReportingStatus) const;
     bool allowScriptNonce(const String& nonce, const String& contextURL, const WTF::OrdinalNumber& contextLine, const KURL&) const;
     bool allowPluginType(const String& type, const String& typeAttribute, const KURL&, ContentSecurityPolicy::ReportingStatus) const;
 
@@ -743,7 +742,7 @@ private:
     void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDirectiveType>&);
 
     SourceListDirective* operativeDirective(SourceListDirective*) const;
-    void reportViolation(const String& directiveText, const String& consoleMessage, const KURL& blockedURL = KURL(), const String& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::OrdinalNumber::beforeFirst()) const;
+    void reportViolation(const String& directiveText, const String& consoleMessage, const KURL& blockedURL = KURL(), const String& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::OrdinalNumber::beforeFirst(), PassRefPtr<ScriptCallStack> = 0) const;
 
     bool checkEval(SourceListDirective*) const;
     bool checkInline(SourceListDirective*) const;
@@ -751,7 +750,7 @@ private:
     bool checkSource(SourceListDirective*, const KURL&) const;
     bool checkMediaType(MediaListDirective*, const String& type, const String& typeAttribute) const;
 
-    bool checkEvalAndReportViolation(SourceListDirective*, const String& consoleMessage, const String& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::OrdinalNumber::beforeFirst()) const;
+    bool checkEvalAndReportViolation(SourceListDirective*, const String& consoleMessage, const String& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::OrdinalNumber::beforeFirst(), PassRefPtr<ScriptCallStack> = 0) const;
     bool checkInlineAndReportViolation(SourceListDirective*, const String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
     bool checkNonceAndReportViolation(NonceDirective*, const String& nonce, const String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
     bool checkSourceAndReportViolation(SourceListDirective*, const KURL&, const String& type) const;
@@ -806,10 +805,10 @@ PassOwnPtr<CSPDirectiveList> CSPDirectiveList::create(ContentSecurityPolicy* pol
     return directives.release();
 }
 
-void CSPDirectiveList::reportViolation(const String& directiveText, const String& consoleMessage, const KURL& blockedURL, const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+void CSPDirectiveList::reportViolation(const String& directiveText, const String& consoleMessage, const KURL& blockedURL, const String& contextURL, const WTF::OrdinalNumber& contextLine, PassRefPtr<ScriptCallStack> callStack) const
 {
     String message = m_reportOnly ? "[Report Only] " + consoleMessage : consoleMessage;
-    m_policy->reportViolation(directiveText, message, blockedURL, m_reportURIs, m_header, contextURL, contextLine);
+    m_policy->reportViolation(directiveText, message, blockedURL, m_reportURIs, m_header, contextURL, contextLine, callStack);
 }
 
 bool CSPDirectiveList::checkEval(SourceListDirective* directive) const
@@ -846,11 +845,11 @@ SourceListDirective* CSPDirectiveList::operativeDirective(SourceListDirective* d
     return directive ? directive : m_defaultSrc.get();
 }
 
-bool CSPDirectiveList::checkEvalAndReportViolation(SourceListDirective* directive, const String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+bool CSPDirectiveList::checkEvalAndReportViolation(SourceListDirective* directive, const String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine, PassRefPtr<ScriptCallStack> callStack) const
 {
     if (checkEval(directive))
         return true;
-    reportViolation(directive->text(), consoleMessage + "\"" + directive->text() + "\".\n", KURL(), contextURL, contextLine);
+    reportViolation(directive->text(), consoleMessage + "\"" + directive->text() + "\".\n", KURL(), contextURL, contextLine, callStack);
     return denyIfEnforcingPolicy();
 }
 
@@ -938,11 +937,11 @@ bool CSPDirectiveList::allowInlineStyle(const String& contextURL, const WTF::Ord
         checkInline(operativeDirective(m_styleSrc.get()));
 }
 
-bool CSPDirectiveList::allowEval(ContentSecurityPolicy::ReportingStatus reportingStatus) const
+bool CSPDirectiveList::allowEval(PassRefPtr<ScriptCallStack> callStack, ContentSecurityPolicy::ReportingStatus reportingStatus) const
 {
     DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to evaluate script because it violates the following Content Security Policy directive: "));
     return reportingStatus == ContentSecurityPolicy::SendReport ?
-        checkEvalAndReportViolation(operativeDirective(m_scriptSrc.get()), consoleMessage, String(), WTF::OrdinalNumber::beforeFirst()) :
+        checkEvalAndReportViolation(operativeDirective(m_scriptSrc.get()), consoleMessage, String(), WTF::OrdinalNumber::beforeFirst(), callStack) :
         checkEval(operativeDirective(m_scriptSrc.get()));
 }
 
@@ -1258,7 +1257,7 @@ void ContentSecurityPolicy::didReceiveHeader(const String& header, HeaderType ty
         begin = position;
     }
 
-    if (!allowEval(SuppressReport))
+    if (!allowEval(0, SuppressReport))
         m_scriptExecutionContext->disableEval();
 }
 
@@ -1277,11 +1276,11 @@ ContentSecurityPolicy::HeaderType ContentSecurityPolicy::deprecatedHeaderType()
     return m_policies.isEmpty() ? EnforcePolicy : m_policies[0]->headerType();
 }
 
-template<bool (CSPDirectiveList::*allowed)( ContentSecurityPolicy::ReportingStatus) const>
-bool isAllowedByAll(const CSPDirectiveListVector& policies, ContentSecurityPolicy::ReportingStatus reportingStatus)
+template<bool (CSPDirectiveList::*allowed)(PassRefPtr<ScriptCallStack>, ContentSecurityPolicy::ReportingStatus) const>
+bool isAllowedByAllWithCallStack(const CSPDirectiveListVector& policies, PassRefPtr<ScriptCallStack> callStack, ContentSecurityPolicy::ReportingStatus reportingStatus)
 {
     for (size_t i = 0; i < policies.size(); ++i) {
-        if (!(policies[i].get()->*allowed)(reportingStatus))
+        if (!(policies[i].get()->*allowed)(callStack, reportingStatus))
             return false;
     }
     return true;
@@ -1342,9 +1341,9 @@ bool ContentSecurityPolicy::allowInlineStyle(const String& contextURL, const WTF
     return isAllowedByAllWithContext<&CSPDirectiveList::allowInlineStyle>(m_policies, contextURL, contextLine, reportingStatus);
 }
 
-bool ContentSecurityPolicy::allowEval(ContentSecurityPolicy::ReportingStatus reportingStatus) const
+bool ContentSecurityPolicy::allowEval(PassRefPtr<ScriptCallStack> callStack, ContentSecurityPolicy::ReportingStatus reportingStatus) const
 {
-    return isAllowedByAll<&CSPDirectiveList::allowEval>(m_policies, reportingStatus);
+    return isAllowedByAllWithCallStack<&CSPDirectiveList::allowEval>(m_policies, callStack, reportingStatus);
 }
 
 bool ContentSecurityPolicy::allowScriptNonce(const String& nonce, const String& contextURL, const WTF::OrdinalNumber& contextLine, const KURL& url) const
@@ -1437,9 +1436,9 @@ void ContentSecurityPolicy::enforceSandboxFlags(SandboxFlags mask) const
     m_scriptExecutionContext->enforceSandboxFlags(mask);
 }
 
-void ContentSecurityPolicy::reportViolation(const String& directiveText, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL>& reportURIs, const String& header, const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+void ContentSecurityPolicy::reportViolation(const String& directiveText, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL>& reportURIs, const String& header, const String& contextURL, const WTF::OrdinalNumber& contextLine, PassRefPtr<ScriptCallStack> callStack) const
 {
-    logToConsole(consoleMessage, contextURL, contextLine);
+    logToConsole(consoleMessage, contextURL, contextLine, callStack);
 
     if (reportURIs.isEmpty())
         return;
@@ -1523,12 +1522,9 @@ void ContentSecurityPolicy::reportInvalidSourceExpression(const String& directiv
     logToConsole(message);
 }
 
-void ContentSecurityPolicy::logToConsole(const String& message, const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+void ContentSecurityPolicy::logToConsole(const String& message, const String& contextURL, const WTF::OrdinalNumber& contextLine, PassRefPtr<ScriptCallStack> callStack) const
 {
-    RefPtr<ScriptCallStack> callStack;
-    if (InspectorInstrumentation::hasFrontends())
-        callStack = createScriptCallStack(ScriptCallStack::maxCallStackSizeToCapture, true);
-    m_scriptExecutionContext->addConsoleMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, message, contextURL, contextLine.oneBasedInt(), (callStack && callStack->size() > 0) ? callStack : 0);
+    m_scriptExecutionContext->addConsoleMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, message, contextURL, contextLine.oneBasedInt(), callStack);
 }
 
 }
index 7b4f4f1..3c39051 100644 (file)
@@ -40,6 +40,7 @@ class OrdinalNumber;
 namespace WebCore {
 
 class CSPDirectiveList;
+class ScriptCallStack;
 class DOMStringList;
 class ScriptExecutionContext;
 class SecurityOrigin;
@@ -78,7 +79,7 @@ public:
     bool allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine, ReportingStatus = SendReport) const;
     bool allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine, ReportingStatus = SendReport) const;
     bool allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine, ReportingStatus = SendReport) const;
-    bool allowEval(ReportingStatus = SendReport) const;
+    bool allowEval(PassRefPtr<ScriptCallStack>, ReportingStatus = SendReport) const;
     bool allowScriptNonce(const String& nonce, const String& contextURL, const WTF::OrdinalNumber& contextLine, const KURL& = KURL()) const;
     bool allowPluginType(const String& type, const String& typeAttribute, const KURL&, ReportingStatus = SendReport) const;
 
@@ -103,7 +104,7 @@ public:
     void reportInvalidPluginTypes(const String&) const;
     void reportInvalidSourceExpression(const String& directiveName, const String& source) const;
     void reportUnrecognizedDirective(const String&) const;
-    void reportViolation(const String& directiveText, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL>& reportURIs, const String& header, const String& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::OrdinalNumber::beforeFirst()) const;
+    void reportViolation(const String& directiveText, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL>& reportURIs, const String& header, const String& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::OrdinalNumber::beforeFirst(), PassRefPtr<ScriptCallStack> = 0) const;
 
     const KURL& url() const;
     KURL completeURL(const String&) const;
@@ -113,7 +114,7 @@ public:
 private:
     explicit ContentSecurityPolicy(ScriptExecutionContext*);
 
-    void logToConsole(const String& message, const String& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::OrdinalNumber::beforeFirst()) const;
+    void logToConsole(const String& message, const String& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::OrdinalNumber::beforeFirst(), PassRefPtr<ScriptCallStack> = 0) const;
 
     ScriptExecutionContext* m_scriptExecutionContext;
     bool m_overrideInlineStyleAllowed;
index 90197dd..00c76ee 100644 (file)
@@ -120,7 +120,7 @@ bool DOMSecurityPolicy::allowsEval() const
     if (!isActive())
         return true;
 
-    return scriptExecutionContext()->contentSecurityPolicy()->allowEval(ContentSecurityPolicy::SuppressReport);
+    return scriptExecutionContext()->contentSecurityPolicy()->allowEval(0, ContentSecurityPolicy::SuppressReport);
 }