0002-Remove-support-for-PING-in-HTML-anchors-privacy.patch (20913B)
- From 84921f7b5e96acf31472acd7752ca77158b4c657 Mon Sep 17 00:00:00 2001
- From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
- Date: Fri, 2 Nov 2018 18:14:21 +0100
- Subject: [PATCH 2/8] Remove support for PING in HTML anchors [privacy]
- ---
- Source/WebCore/Sources.txt | 1 -
- Source/WebCore/html/HTMLAnchorElement.cpp | 16 --
- .../html/parser/XSSAuditorDelegate.cpp | 4 -
- Source/WebCore/loader/DocumentLoader.cpp | 6 -
- Source/WebCore/loader/PingLoader.cpp | 218 ------------------
- Source/WebCore/loader/PingLoader.h | 62 -----
- .../loader/cache/CachedResourceLoader.cpp | 3 -
- .../page/csp/ContentSecurityPolicy.cpp | 5 -
- Source/WebKit/WebProcess/WebPage/WebPage.cpp | 3 -
- 9 files changed, 318 deletions(-)
- delete mode 100644 Source/WebCore/loader/PingLoader.cpp
- delete mode 100644 Source/WebCore/loader/PingLoader.h
- diff --git a/Source/WebCore/Sources.txt b/Source/WebCore/Sources.txt
- index 704e50c773..bbee4a0695 100644
- --- a/Source/WebCore/Sources.txt
- +++ b/Source/WebCore/Sources.txt
- @@ -1276,7 +1276,6 @@ loader/NavigationAction.cpp
- loader/NavigationScheduler.cpp
- loader/NetscapePlugInStreamLoader.cpp
- loader/ServerTimingParser.cpp
- -loader/PingLoader.cpp
- loader/PolicyChecker.cpp
- loader/ProgressTracker.cpp
- loader/ResourceCryptographicDigest.cpp
- diff --git a/Source/WebCore/html/HTMLAnchorElement.cpp b/Source/WebCore/html/HTMLAnchorElement.cpp
- index 0155fc70a1..e53302748d 100644
- --- a/Source/WebCore/html/HTMLAnchorElement.cpp
- +++ b/Source/WebCore/html/HTMLAnchorElement.cpp
- @@ -39,7 +39,6 @@
- #include "HTMLPictureElement.h"
- #include "KeyboardEvent.h"
- #include "MouseEvent.h"
- -#include "PingLoader.h"
- #include "PlatformMouseEvent.h"
- #include "RenderImage.h"
- #include "ResourceRequest.h"
- @@ -364,19 +363,6 @@ bool HTMLAnchorElement::isLiveLink() const
- return isLink() && treatLinkAsLiveForEventType(m_wasShiftKeyDownOnMouseDown ? MouseEventWithShiftKey : MouseEventWithoutShiftKey);
- }
- -void HTMLAnchorElement::sendPings(const URL& destinationURL)
- -{
- - if (!document().frame())
- - return;
- -
- - if (!hasAttributeWithoutSynchronization(pingAttr) || !document().settings().hyperlinkAuditingEnabled())
- - return;
- -
- - SpaceSplitString pingURLs(attributeWithoutSynchronization(pingAttr), false);
- - for (unsigned i = 0; i < pingURLs.size(); i++)
- - PingLoader::sendPing(*document().frame(), document().completeURL(pingURLs[i]), destinationURL);
- -}
- -
- #if USE(SYSTEM_PREVIEW)
- bool HTMLAnchorElement::isSystemPreviewLink() const
- {
- @@ -442,8 +428,6 @@ void HTMLAnchorElement::handleClick(Event& event)
- ShouldSendReferrer shouldSendReferrer = hasRel(Relation::NoReferrer) ? NeverSendReferrer : MaybeSendReferrer;
- auto newFrameOpenerPolicy = hasRel(Relation::NoOpener) ? std::make_optional(NewFrameOpenerPolicy::Suppress) : std::nullopt;
- frame->loader().urlSelected(completedURL, target(), &event, LockHistory::No, LockBackForwardList::No, shouldSendReferrer, document().shouldOpenExternalURLsPolicyToPropagate(), newFrameOpenerPolicy, downloadAttribute, systemPreviewInfo);
- -
- - sendPings(completedURL);
- }
- HTMLAnchorElement::EventType HTMLAnchorElement::eventType(Event& event)
- diff --git a/Source/WebCore/html/parser/XSSAuditorDelegate.cpp b/Source/WebCore/html/parser/XSSAuditorDelegate.cpp
- index 80b4213669..e8c69162aa 100644
- --- a/Source/WebCore/html/parser/XSSAuditorDelegate.cpp
- +++ b/Source/WebCore/html/parser/XSSAuditorDelegate.cpp
- @@ -35,7 +35,6 @@
- #include "FrameLoaderClient.h"
- #include "HTMLParserIdioms.h"
- #include "NavigationScheduler.h"
- -#include "PingLoader.h"
- #include <wtf/JSONValues.h>
- #include <wtf/text/StringBuilder.h>
- #include <wtf/text/CString.h>
- @@ -104,9 +103,6 @@ void XSSAuditorDelegate::didBlockScript(const XSSInfo& xssInfo)
- m_didSendNotifications = true;
- frameLoader.client().didDetectXSS(m_document.url(), xssInfo.m_didBlockEntirePage);
- -
- - if (!m_reportURL.isEmpty())
- - PingLoader::sendViolationReport(*m_document.frame(), m_reportURL, generateViolationReport(xssInfo), ViolationReportType::XSSAuditor);
- }
- if (xssInfo.m_didBlockEntirePage)
- diff --git a/Source/WebCore/loader/DocumentLoader.cpp b/Source/WebCore/loader/DocumentLoader.cpp
- index b9fc289660..37cf9602b2 100644
- --- a/Source/WebCore/loader/DocumentLoader.cpp
- +++ b/Source/WebCore/loader/DocumentLoader.cpp
- @@ -65,7 +65,6 @@
- #include "MemoryCache.h"
- #include "NetworkLoadMetrics.h"
- #include "Page.h"
- -#include "PingLoader.h"
- #include "PlatformStrategies.h"
- #include "PolicyChecker.h"
- #include "ProgressTracker.h"
- @@ -2058,11 +2057,6 @@ void DocumentLoader::addConsoleMessage(MessageSource messageSource, MessageLevel
- static_cast<ScriptExecutionContext*>(m_frame->document())->addConsoleMessage(messageSource, messageLevel, message, requestIdentifier);
- }
- -void DocumentLoader::sendCSPViolationReport(URL&& reportURL, Ref<FormData>&& report)
- -{
- - PingLoader::sendViolationReport(*m_frame, WTFMove(reportURL), WTFMove(report), ViolationReportType::ContentSecurityPolicy);
- -}
- -
- void DocumentLoader::enqueueSecurityPolicyViolationEvent(SecurityPolicyViolationEvent::Init&& eventInit)
- {
- m_frame->document()->enqueueSecurityPolicyViolationEvent(WTFMove(eventInit));
- diff --git a/Source/WebCore/loader/PingLoader.cpp b/Source/WebCore/loader/PingLoader.cpp
- deleted file mode 100644
- index 134e5560e6..0000000000
- --- a/Source/WebCore/loader/PingLoader.cpp
- +++ /dev/null
- @@ -1,218 +0,0 @@
- -/*
- - * Copyright (C) 2010 Google Inc. All rights reserved.
- - * Copyright (C) 2015 Roopesh Chander (roop@roopc.net)
- - * Copyright (C) 2015-2017 Apple Inc. All rights reserved.
- - *
- - * Redistribution and use in source and binary forms, with or without
- - * modification, are permitted provided that the following conditions are
- - * met:
- - *
- - * * Redistributions of source code must retain the above copyright
- - * notice, this list of conditions and the following disclaimer.
- - * * Redistributions in binary form must reproduce the above
- - * copyright notice, this list of conditions and the following disclaimer
- - * in the documentation and/or other materials provided with the
- - * distribution.
- - * * Neither the name of Google Inc. nor the names of its
- - * contributors may be used to endorse or promote products derived from
- - * this software without specific prior written permission.
- - *
- - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- - *
- - */
- -
- -#include "config.h"
- -#include "PingLoader.h"
- -
- -#include "ContentSecurityPolicy.h"
- -#include "Document.h"
- -#include "Frame.h"
- -#include "FrameLoader.h"
- -#include "FrameLoaderClient.h"
- -#include "InspectorInstrumentation.h"
- -#include "LoaderStrategy.h"
- -#include "NetworkLoadMetrics.h"
- -#include "Page.h"
- -#include "PlatformStrategies.h"
- -#include "ProgressTracker.h"
- -#include "ResourceHandle.h"
- -#include "ResourceLoadInfo.h"
- -#include "ResourceRequest.h"
- -#include "ResourceResponse.h"
- -#include "SecurityOrigin.h"
- -#include "SecurityPolicy.h"
- -#include "UserContentController.h"
- -#include <wtf/text/CString.h>
- -
- -namespace WebCore {
- -
- -#if !ENABLE(CONTENT_EXTENSIONS)
- -
- -// Returns true if we should block the load.
- -static inline bool processContentExtensionRulesForLoad(const Frame&, ResourceRequest&, ResourceType)
- -{
- - return false;
- -}
- -
- -#else
- -
- -// Returns true if we should block the load.
- -static bool processContentExtensionRulesForLoad(const Frame& frame, ResourceRequest& request, ResourceType resourceType)
- -{
- - auto* documentLoader = frame.loader().documentLoader();
- - if (!documentLoader)
- - return false;
- - auto* page = frame.page();
- - if (!page)
- - return false;
- - auto status = page->userContentProvider().processContentExtensionRulesForLoad(request.url(), resourceType, *documentLoader);
- - applyBlockedStatusToRequest(status, page, request);
- - return status.blockedLoad;
- -}
- -
- -#endif
- -
- -void PingLoader::loadImage(Frame& frame, const URL& url)
- -{
- - ASSERT(frame.document());
- - auto& document = *frame.document();
- -
- - if (!document.securityOrigin().canDisplay(url)) {
- - FrameLoader::reportLocalLoadFailed(&frame, url);
- - return;
- - }
- -
- - ResourceRequest request(url);
- - if (processContentExtensionRulesForLoad(frame, request, ResourceType::Image))
- - return;
- -
- - document.contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(request, ContentSecurityPolicy::InsecureRequestType::Load);
- -
- - request.setHTTPHeaderField(HTTPHeaderName::CacheControl, "max-age=0");
- -
- - HTTPHeaderMap originalRequestHeader = request.httpHeaderFields();
- -
- - String referrer = SecurityPolicy::generateReferrerHeader(document.referrerPolicy(), request.url(), frame.loader().outgoingReferrer());
- - if (!referrer.isEmpty())
- - request.setHTTPReferrer(referrer);
- - frame.loader().addExtraFieldsToSubresourceRequest(request);
- -
- - startPingLoad(frame, request, WTFMove(originalRequestHeader), ShouldFollowRedirects::Yes);
- -}
- -
- -// http://www.whatwg.org/specs/web-apps/current-work/multipage/links.html#hyperlink-auditing
- -void PingLoader::sendPing(Frame& frame, const URL& pingURL, const URL& destinationURL)
- -{
- - ASSERT(frame.document());
- -
- - if (!pingURL.protocolIsInHTTPFamily())
- - return;
- -
- - ResourceRequest request(pingURL);
- - if (processContentExtensionRulesForLoad(frame, request, ResourceType::Raw))
- - return;
- -
- - auto& document = *frame.document();
- - document.contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(request, ContentSecurityPolicy::InsecureRequestType::Load);
- -
- - request.setHTTPMethod("POST");
- - request.setHTTPContentType("text/ping");
- - request.setHTTPBody(FormData::create("PING"));
- - request.setHTTPHeaderField(HTTPHeaderName::CacheControl, "max-age=0");
- -
- - HTTPHeaderMap originalRequestHeader = request.httpHeaderFields();
- -
- - frame.loader().addExtraFieldsToSubresourceRequest(request);
- -
- - auto& sourceOrigin = document.securityOrigin();
- - FrameLoader::addHTTPOriginIfNeeded(request, sourceOrigin.toString());
- - request.setHTTPHeaderField(HTTPHeaderName::PingTo, destinationURL);
- - if (!SecurityPolicy::shouldHideReferrer(pingURL, frame.loader().outgoingReferrer())) {
- - request.setHTTPHeaderField(HTTPHeaderName::PingFrom, document.url());
- - if (!sourceOrigin.isSameSchemeHostPort(SecurityOrigin::create(pingURL).get())) {
- - String referrer = SecurityPolicy::generateReferrerHeader(document.referrerPolicy(), pingURL, frame.loader().outgoingReferrer());
- - if (!referrer.isEmpty())
- - request.setHTTPReferrer(referrer);
- - }
- - }
- -
- - startPingLoad(frame, request, WTFMove(originalRequestHeader), ShouldFollowRedirects::Yes);
- -}
- -
- -void PingLoader::sendViolationReport(Frame& frame, const URL& reportURL, Ref<FormData>&& report, ViolationReportType reportType)
- -{
- - ASSERT(frame.document());
- -
- - ResourceRequest request(reportURL);
- - if (processContentExtensionRulesForLoad(frame, request, ResourceType::Raw))
- - return;
- -
- - auto& document = *frame.document();
- - document.contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(request, ContentSecurityPolicy::InsecureRequestType::Load);
- -
- - request.setHTTPMethod("POST"_s);
- - request.setHTTPBody(WTFMove(report));
- - switch (reportType) {
- - case ViolationReportType::ContentSecurityPolicy:
- - request.setHTTPContentType("application/csp-report"_s);
- - break;
- - case ViolationReportType::XSSAuditor:
- - request.setHTTPContentType("application/json"_s);
- - break;
- - }
- -
- - bool removeCookies = true;
- - if (document.securityOrigin().isSameSchemeHostPort(SecurityOrigin::create(reportURL).get()))
- - removeCookies = false;
- - if (removeCookies)
- - request.setAllowCookies(false);
- -
- - HTTPHeaderMap originalRequestHeader = request.httpHeaderFields();
- -
- - frame.loader().addExtraFieldsToSubresourceRequest(request);
- -
- - String referrer = SecurityPolicy::generateReferrerHeader(document.referrerPolicy(), reportURL, frame.loader().outgoingReferrer());
- - if (!referrer.isEmpty())
- - request.setHTTPReferrer(referrer);
- -
- - startPingLoad(frame, request, WTFMove(originalRequestHeader), ShouldFollowRedirects::No);
- -}
- -
- -void PingLoader::startPingLoad(Frame& frame, ResourceRequest& request, HTTPHeaderMap&& originalRequestHeaders, ShouldFollowRedirects shouldFollowRedirects)
- -{
- - unsigned long identifier = frame.page()->progress().createUniqueIdentifier();
- - // FIXME: Why activeDocumentLoader? I would have expected documentLoader().
- - // It seems like the PingLoader should be associated with the current
- - // Document in the Frame, but the activeDocumentLoader will be associated
- - // with the provisional DocumentLoader if there is a provisional
- - // DocumentLoader.
- - bool shouldUseCredentialStorage = frame.loader().client().shouldUseCredentialStorage(frame.loader().activeDocumentLoader(), identifier);
- - FetchOptions options;
- - options.credentials = shouldUseCredentialStorage ? FetchOptions::Credentials::Include : FetchOptions::Credentials::Omit;
- - options.redirect = shouldFollowRedirects == ShouldFollowRedirects::Yes ? FetchOptions::Redirect::Follow : FetchOptions::Redirect::Error;
- -
- - // FIXME: Move ping loads to normal subresource loading to get normal inspector request instrumentation hooks.
- - InspectorInstrumentation::willSendRequestOfType(&frame, identifier, frame.loader().activeDocumentLoader(), request, InspectorInstrumentation::LoadType::Ping);
- -
- - platformStrategies()->loaderStrategy()->startPingLoad(frame, request, WTFMove(originalRequestHeaders), options, [protectedFrame = makeRef(frame), identifier] (const ResourceError& error, const ResourceResponse& response) {
- - if (!response.isNull())
- - InspectorInstrumentation::didReceiveResourceResponse(protectedFrame, identifier, protectedFrame->loader().activeDocumentLoader(), response, nullptr);
- - if (error.isNull()) {
- - NetworkLoadMetrics emptyMetrics;
- - InspectorInstrumentation::didFinishLoading(protectedFrame.ptr(), protectedFrame->loader().activeDocumentLoader(), identifier, emptyMetrics, nullptr);
- - } else
- - InspectorInstrumentation::didFailLoading(protectedFrame.ptr(), protectedFrame->loader().activeDocumentLoader(), identifier, error);
- - });
- -}
- -
- -}
- diff --git a/Source/WebCore/loader/PingLoader.h b/Source/WebCore/loader/PingLoader.h
- deleted file mode 100644
- index 15489dcf04..0000000000
- --- a/Source/WebCore/loader/PingLoader.h
- +++ /dev/null
- @@ -1,62 +0,0 @@
- -/*
- - * Copyright (C) 2010 Google Inc. All rights reserved.
- - * Copyright (C) 2017 Apple Inc. All rights reserved.
- - *
- - * Redistribution and use in source and binary forms, with or without
- - * modification, are permitted provided that the following conditions are
- - * met:
- - *
- - * * Redistributions of source code must retain the above copyright
- - * notice, this list of conditions and the following disclaimer.
- - * * Redistributions in binary form must reproduce the above
- - * copyright notice, this list of conditions and the following disclaimer
- - * in the documentation and/or other materials provided with the
- - * distribution.
- - * * Neither the name of Google Inc. nor the names of its
- - * contributors may be used to endorse or promote products derived from
- - * this software without specific prior written permission.
- - *
- - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- - *
- - */
- -
- -#pragma once
- -
- -#include <wtf/Forward.h>
- -#include <wtf/Ref.h>
- -
- -namespace WebCore {
- -
- -class FormData;
- -class Frame;
- -class HTTPHeaderMap;
- -class URL;
- -class ResourceRequest;
- -
- -enum class ViolationReportType {
- - ContentSecurityPolicy,
- - XSSAuditor,
- -};
- -
- -class PingLoader {
- -public:
- - static void loadImage(Frame&, const URL&);
- - static void sendPing(Frame&, const URL& pingURL, const URL& destinationURL);
- - WEBCORE_EXPORT static void sendViolationReport(Frame&, const URL& reportURL, Ref<FormData>&& report, ViolationReportType);
- -
- -private:
- - enum class ShouldFollowRedirects { No, Yes };
- - static void startPingLoad(Frame&, ResourceRequest&, HTTPHeaderMap&& originalRequestHeaders, ShouldFollowRedirects);
- -};
- -
- -} // namespace WebCore
- diff --git a/Source/WebCore/loader/cache/CachedResourceLoader.cpp b/Source/WebCore/loader/cache/CachedResourceLoader.cpp
- index 9d3d108113..614cfee9b5 100644
- --- a/Source/WebCore/loader/cache/CachedResourceLoader.cpp
- +++ b/Source/WebCore/loader/cache/CachedResourceLoader.cpp
- @@ -57,7 +57,6 @@
- #include "Logging.h"
- #include "MemoryCache.h"
- #include "Page.h"
- -#include "PingLoader.h"
- #include "PlatformStrategies.h"
- #include "RenderElement.h"
- #include "ResourceLoadInfo.h"
- @@ -202,8 +201,6 @@ ResourceErrorOr<CachedResourceHandle<CachedImage>> CachedResourceLoader::request
- if (Document* document = frame->document())
- request.upgradeInsecureRequestIfNeeded(*document);
- URL requestURL = request.resourceRequest().url();
- - if (requestURL.isValid() && canRequest(CachedResource::Type::ImageResource, requestURL, request, ForPreload::No))
- - PingLoader::loadImage(*frame, requestURL);
- return CachedResourceHandle<CachedImage> { };
- }
- }
- diff --git a/Source/WebCore/page/csp/ContentSecurityPolicy.cpp b/Source/WebCore/page/csp/ContentSecurityPolicy.cpp
- index 9b966fa02b..f1b1b51da1 100644
- --- a/Source/WebCore/page/csp/ContentSecurityPolicy.cpp
- +++ b/Source/WebCore/page/csp/ContentSecurityPolicy.cpp
- @@ -45,7 +45,6 @@
- #include "JSExecState.h"
- #include "JSWindowProxy.h"
- #include "ParsingUtilities.h"
- -#include "PingLoader.h"
- #include "ResourceRequest.h"
- #include "RuntimeEnabledFeatures.h"
- #include "SchemeRegistry.h"
- @@ -759,10 +758,6 @@ void ContentSecurityPolicy::reportViolation(const String& effectiveViolatedDirec
- if (m_client) {
- for (const auto& url : reportURIs)
- m_client->sendCSPViolationReport(URL { m_protectedURL, url }, report.copyRef());
- - } else {
- - auto& document = downcast<Document>(*m_scriptExecutionContext);
- - for (const auto& url : reportURIs)
- - PingLoader::sendViolationReport(*document.frame(), URL { m_protectedURL, url }, report.copyRef(), ViolationReportType::ContentSecurityPolicy);
- }
- }
- diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.cpp b/Source/WebKit/WebProcess/WebPage/WebPage.cpp
- index 5de12b10cc..e161de3599 100644
- --- a/Source/WebKit/WebProcess/WebPage/WebPage.cpp
- +++ b/Source/WebKit/WebProcess/WebPage/WebPage.cpp
- @@ -181,7 +181,6 @@
- #include <WebCore/NotImplemented.h>
- #include <WebCore/Page.h>
- #include <WebCore/PageConfiguration.h>
- -#include <WebCore/PingLoader.h>
- #include <WebCore/PlatformKeyboardEvent.h>
- #include <WebCore/PluginDocument.h>
- #include <WebCore/PrintContext.h>
- @@ -3359,8 +3358,6 @@ void WebPage::sendCSPViolationReport(uint64_t frameID, const WebCore::URL& repor
- auto report = reportData.takeData();
- if (!report)
- return;
- - if (auto* frame = WebProcess::singleton().webFrame(frameID))
- - PingLoader::sendViolationReport(*frame->coreFrame(), reportURL, report.releaseNonNull(), ViolationReportType::ContentSecurityPolicy);
- }
- void WebPage::enqueueSecurityPolicyViolationEvent(uint64_t frameID, SecurityPolicyViolationEvent::Init&& eventInit)
- --
- 2.19.2