0007-Revert-Remove-support-for-PING-in-HTML-anchors-priva.patch (20979B)
- From aa8f18d92cc4b753e1cdfe345b5bb0894bcdc2dc Mon Sep 17 00:00:00 2001
- From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
- Date: Wed, 13 Mar 2019 11:04:41 +0100
- Subject: [PATCH 7/8] Revert "Remove support for PING in HTML anchors
- [privacy]"
- This reverts commit 84921f7b5e96acf31472acd7752ca77158b4c657.
- ---
- Source/WebCore/Sources.txt | 1 +
- Source/WebCore/html/HTMLAnchorElement.cpp | 16 ++
- .../html/parser/XSSAuditorDelegate.cpp | 4 +
- Source/WebCore/loader/DocumentLoader.cpp | 6 +
- Source/WebCore/loader/PingLoader.cpp | 218 ++++++++++++++++++
- Source/WebCore/loader/PingLoader.h | 62 +++++
- .../loader/cache/CachedResourceLoader.cpp | 3 +
- .../page/csp/ContentSecurityPolicy.cpp | 5 +
- Source/WebKit/WebProcess/WebPage/WebPage.cpp | 3 +
- 9 files changed, 318 insertions(+)
- create mode 100644 Source/WebCore/loader/PingLoader.cpp
- create mode 100644 Source/WebCore/loader/PingLoader.h
- diff --git a/Source/WebCore/Sources.txt b/Source/WebCore/Sources.txt
- index bbee4a0695..704e50c773 100644
- --- a/Source/WebCore/Sources.txt
- +++ b/Source/WebCore/Sources.txt
- @@ -1276,6 +1276,7 @@ loader/NavigationAction.cpp
- loader/NavigationScheduler.cpp
- loader/NetscapePlugInStreamLoader.cpp
- loader/ServerTimingParser.cpp
- +loader/PingLoader.cpp
- loader/PolicyChecker.cpp
- loader/ProgressTracker.cpp
- loader/ResourceCryptographicDigest.cpp
- diff --git a/Source/WebCore/html/HTMLAnchorElement.cpp b/Source/WebCore/html/HTMLAnchorElement.cpp
- index e53302748d..0155fc70a1 100644
- --- a/Source/WebCore/html/HTMLAnchorElement.cpp
- +++ b/Source/WebCore/html/HTMLAnchorElement.cpp
- @@ -39,6 +39,7 @@
- #include "HTMLPictureElement.h"
- #include "KeyboardEvent.h"
- #include "MouseEvent.h"
- +#include "PingLoader.h"
- #include "PlatformMouseEvent.h"
- #include "RenderImage.h"
- #include "ResourceRequest.h"
- @@ -363,6 +364,19 @@ bool HTMLAnchorElement::isLiveLink() const
- return isLink() && treatLinkAsLiveForEventType(m_wasShiftKeyDownOnMouseDown ? MouseEventWithShiftKey : MouseEventWithoutShiftKey);
- }
- +void HTMLAnchorElement::sendPings(const URL& destinationURL)
- +{
- + if (!document().frame())
- + return;
- +
- + if (!hasAttributeWithoutSynchronization(pingAttr) || !document().settings().hyperlinkAuditingEnabled())
- + return;
- +
- + SpaceSplitString pingURLs(attributeWithoutSynchronization(pingAttr), false);
- + for (unsigned i = 0; i < pingURLs.size(); i++)
- + PingLoader::sendPing(*document().frame(), document().completeURL(pingURLs[i]), destinationURL);
- +}
- +
- #if USE(SYSTEM_PREVIEW)
- bool HTMLAnchorElement::isSystemPreviewLink() const
- {
- @@ -428,6 +442,8 @@ void HTMLAnchorElement::handleClick(Event& event)
- ShouldSendReferrer shouldSendReferrer = hasRel(Relation::NoReferrer) ? NeverSendReferrer : MaybeSendReferrer;
- auto newFrameOpenerPolicy = hasRel(Relation::NoOpener) ? std::make_optional(NewFrameOpenerPolicy::Suppress) : std::nullopt;
- frame->loader().urlSelected(completedURL, target(), &event, LockHistory::No, LockBackForwardList::No, shouldSendReferrer, document().shouldOpenExternalURLsPolicyToPropagate(), newFrameOpenerPolicy, downloadAttribute, systemPreviewInfo);
- +
- + sendPings(completedURL);
- }
- HTMLAnchorElement::EventType HTMLAnchorElement::eventType(Event& event)
- diff --git a/Source/WebCore/html/parser/XSSAuditorDelegate.cpp b/Source/WebCore/html/parser/XSSAuditorDelegate.cpp
- index e8c69162aa..80b4213669 100644
- --- a/Source/WebCore/html/parser/XSSAuditorDelegate.cpp
- +++ b/Source/WebCore/html/parser/XSSAuditorDelegate.cpp
- @@ -35,6 +35,7 @@
- #include "FrameLoaderClient.h"
- #include "HTMLParserIdioms.h"
- #include "NavigationScheduler.h"
- +#include "PingLoader.h"
- #include <wtf/JSONValues.h>
- #include <wtf/text/StringBuilder.h>
- #include <wtf/text/CString.h>
- @@ -103,6 +104,9 @@ void XSSAuditorDelegate::didBlockScript(const XSSInfo& xssInfo)
- m_didSendNotifications = true;
- frameLoader.client().didDetectXSS(m_document.url(), xssInfo.m_didBlockEntirePage);
- +
- + if (!m_reportURL.isEmpty())
- + PingLoader::sendViolationReport(*m_document.frame(), m_reportURL, generateViolationReport(xssInfo), ViolationReportType::XSSAuditor);
- }
- if (xssInfo.m_didBlockEntirePage)
- diff --git a/Source/WebCore/loader/DocumentLoader.cpp b/Source/WebCore/loader/DocumentLoader.cpp
- index 37cf9602b2..b9fc289660 100644
- --- a/Source/WebCore/loader/DocumentLoader.cpp
- +++ b/Source/WebCore/loader/DocumentLoader.cpp
- @@ -65,6 +65,7 @@
- #include "MemoryCache.h"
- #include "NetworkLoadMetrics.h"
- #include "Page.h"
- +#include "PingLoader.h"
- #include "PlatformStrategies.h"
- #include "PolicyChecker.h"
- #include "ProgressTracker.h"
- @@ -2057,6 +2058,11 @@ void DocumentLoader::addConsoleMessage(MessageSource messageSource, MessageLevel
- static_cast<ScriptExecutionContext*>(m_frame->document())->addConsoleMessage(messageSource, messageLevel, message, requestIdentifier);
- }
- +void DocumentLoader::sendCSPViolationReport(URL&& reportURL, Ref<FormData>&& report)
- +{
- + PingLoader::sendViolationReport(*m_frame, WTFMove(reportURL), WTFMove(report), ViolationReportType::ContentSecurityPolicy);
- +}
- +
- void DocumentLoader::enqueueSecurityPolicyViolationEvent(SecurityPolicyViolationEvent::Init&& eventInit)
- {
- m_frame->document()->enqueueSecurityPolicyViolationEvent(WTFMove(eventInit));
- diff --git a/Source/WebCore/loader/PingLoader.cpp b/Source/WebCore/loader/PingLoader.cpp
- new file mode 100644
- index 0000000000..134e5560e6
- --- /dev/null
- +++ b/Source/WebCore/loader/PingLoader.cpp
- @@ -0,0 +1,218 @@
- +/*
- + * Copyright (C) 2010 Google Inc. All rights reserved.
- + * Copyright (C) 2015 Roopesh Chander (roop@roopc.net)
- + * Copyright (C) 2015-2017 Apple Inc. All rights reserved.
- + *
- + * Redistribution and use in source and binary forms, with or without
- + * modification, are permitted provided that the following conditions are
- + * met:
- + *
- + * * Redistributions of source code must retain the above copyright
- + * notice, this list of conditions and the following disclaimer.
- + * * Redistributions in binary form must reproduce the above
- + * copyright notice, this list of conditions and the following disclaimer
- + * in the documentation and/or other materials provided with the
- + * distribution.
- + * * Neither the name of Google Inc. nor the names of its
- + * contributors may be used to endorse or promote products derived from
- + * this software without specific prior written permission.
- + *
- + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- + *
- + */
- +
- +#include "config.h"
- +#include "PingLoader.h"
- +
- +#include "ContentSecurityPolicy.h"
- +#include "Document.h"
- +#include "Frame.h"
- +#include "FrameLoader.h"
- +#include "FrameLoaderClient.h"
- +#include "InspectorInstrumentation.h"
- +#include "LoaderStrategy.h"
- +#include "NetworkLoadMetrics.h"
- +#include "Page.h"
- +#include "PlatformStrategies.h"
- +#include "ProgressTracker.h"
- +#include "ResourceHandle.h"
- +#include "ResourceLoadInfo.h"
- +#include "ResourceRequest.h"
- +#include "ResourceResponse.h"
- +#include "SecurityOrigin.h"
- +#include "SecurityPolicy.h"
- +#include "UserContentController.h"
- +#include <wtf/text/CString.h>
- +
- +namespace WebCore {
- +
- +#if !ENABLE(CONTENT_EXTENSIONS)
- +
- +// Returns true if we should block the load.
- +static inline bool processContentExtensionRulesForLoad(const Frame&, ResourceRequest&, ResourceType)
- +{
- + return false;
- +}
- +
- +#else
- +
- +// Returns true if we should block the load.
- +static bool processContentExtensionRulesForLoad(const Frame& frame, ResourceRequest& request, ResourceType resourceType)
- +{
- + auto* documentLoader = frame.loader().documentLoader();
- + if (!documentLoader)
- + return false;
- + auto* page = frame.page();
- + if (!page)
- + return false;
- + auto status = page->userContentProvider().processContentExtensionRulesForLoad(request.url(), resourceType, *documentLoader);
- + applyBlockedStatusToRequest(status, page, request);
- + return status.blockedLoad;
- +}
- +
- +#endif
- +
- +void PingLoader::loadImage(Frame& frame, const URL& url)
- +{
- + ASSERT(frame.document());
- + auto& document = *frame.document();
- +
- + if (!document.securityOrigin().canDisplay(url)) {
- + FrameLoader::reportLocalLoadFailed(&frame, url);
- + return;
- + }
- +
- + ResourceRequest request(url);
- + if (processContentExtensionRulesForLoad(frame, request, ResourceType::Image))
- + return;
- +
- + document.contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(request, ContentSecurityPolicy::InsecureRequestType::Load);
- +
- + request.setHTTPHeaderField(HTTPHeaderName::CacheControl, "max-age=0");
- +
- + HTTPHeaderMap originalRequestHeader = request.httpHeaderFields();
- +
- + String referrer = SecurityPolicy::generateReferrerHeader(document.referrerPolicy(), request.url(), frame.loader().outgoingReferrer());
- + if (!referrer.isEmpty())
- + request.setHTTPReferrer(referrer);
- + frame.loader().addExtraFieldsToSubresourceRequest(request);
- +
- + startPingLoad(frame, request, WTFMove(originalRequestHeader), ShouldFollowRedirects::Yes);
- +}
- +
- +// http://www.whatwg.org/specs/web-apps/current-work/multipage/links.html#hyperlink-auditing
- +void PingLoader::sendPing(Frame& frame, const URL& pingURL, const URL& destinationURL)
- +{
- + ASSERT(frame.document());
- +
- + if (!pingURL.protocolIsInHTTPFamily())
- + return;
- +
- + ResourceRequest request(pingURL);
- + if (processContentExtensionRulesForLoad(frame, request, ResourceType::Raw))
- + return;
- +
- + auto& document = *frame.document();
- + document.contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(request, ContentSecurityPolicy::InsecureRequestType::Load);
- +
- + request.setHTTPMethod("POST");
- + request.setHTTPContentType("text/ping");
- + request.setHTTPBody(FormData::create("PING"));
- + request.setHTTPHeaderField(HTTPHeaderName::CacheControl, "max-age=0");
- +
- + HTTPHeaderMap originalRequestHeader = request.httpHeaderFields();
- +
- + frame.loader().addExtraFieldsToSubresourceRequest(request);
- +
- + auto& sourceOrigin = document.securityOrigin();
- + FrameLoader::addHTTPOriginIfNeeded(request, sourceOrigin.toString());
- + request.setHTTPHeaderField(HTTPHeaderName::PingTo, destinationURL);
- + if (!SecurityPolicy::shouldHideReferrer(pingURL, frame.loader().outgoingReferrer())) {
- + request.setHTTPHeaderField(HTTPHeaderName::PingFrom, document.url());
- + if (!sourceOrigin.isSameSchemeHostPort(SecurityOrigin::create(pingURL).get())) {
- + String referrer = SecurityPolicy::generateReferrerHeader(document.referrerPolicy(), pingURL, frame.loader().outgoingReferrer());
- + if (!referrer.isEmpty())
- + request.setHTTPReferrer(referrer);
- + }
- + }
- +
- + startPingLoad(frame, request, WTFMove(originalRequestHeader), ShouldFollowRedirects::Yes);
- +}
- +
- +void PingLoader::sendViolationReport(Frame& frame, const URL& reportURL, Ref<FormData>&& report, ViolationReportType reportType)
- +{
- + ASSERT(frame.document());
- +
- + ResourceRequest request(reportURL);
- + if (processContentExtensionRulesForLoad(frame, request, ResourceType::Raw))
- + return;
- +
- + auto& document = *frame.document();
- + document.contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(request, ContentSecurityPolicy::InsecureRequestType::Load);
- +
- + request.setHTTPMethod("POST"_s);
- + request.setHTTPBody(WTFMove(report));
- + switch (reportType) {
- + case ViolationReportType::ContentSecurityPolicy:
- + request.setHTTPContentType("application/csp-report"_s);
- + break;
- + case ViolationReportType::XSSAuditor:
- + request.setHTTPContentType("application/json"_s);
- + break;
- + }
- +
- + bool removeCookies = true;
- + if (document.securityOrigin().isSameSchemeHostPort(SecurityOrigin::create(reportURL).get()))
- + removeCookies = false;
- + if (removeCookies)
- + request.setAllowCookies(false);
- +
- + HTTPHeaderMap originalRequestHeader = request.httpHeaderFields();
- +
- + frame.loader().addExtraFieldsToSubresourceRequest(request);
- +
- + String referrer = SecurityPolicy::generateReferrerHeader(document.referrerPolicy(), reportURL, frame.loader().outgoingReferrer());
- + if (!referrer.isEmpty())
- + request.setHTTPReferrer(referrer);
- +
- + startPingLoad(frame, request, WTFMove(originalRequestHeader), ShouldFollowRedirects::No);
- +}
- +
- +void PingLoader::startPingLoad(Frame& frame, ResourceRequest& request, HTTPHeaderMap&& originalRequestHeaders, ShouldFollowRedirects shouldFollowRedirects)
- +{
- + unsigned long identifier = frame.page()->progress().createUniqueIdentifier();
- + // FIXME: Why activeDocumentLoader? I would have expected documentLoader().
- + // It seems like the PingLoader should be associated with the current
- + // Document in the Frame, but the activeDocumentLoader will be associated
- + // with the provisional DocumentLoader if there is a provisional
- + // DocumentLoader.
- + bool shouldUseCredentialStorage = frame.loader().client().shouldUseCredentialStorage(frame.loader().activeDocumentLoader(), identifier);
- + FetchOptions options;
- + options.credentials = shouldUseCredentialStorage ? FetchOptions::Credentials::Include : FetchOptions::Credentials::Omit;
- + options.redirect = shouldFollowRedirects == ShouldFollowRedirects::Yes ? FetchOptions::Redirect::Follow : FetchOptions::Redirect::Error;
- +
- + // FIXME: Move ping loads to normal subresource loading to get normal inspector request instrumentation hooks.
- + InspectorInstrumentation::willSendRequestOfType(&frame, identifier, frame.loader().activeDocumentLoader(), request, InspectorInstrumentation::LoadType::Ping);
- +
- + platformStrategies()->loaderStrategy()->startPingLoad(frame, request, WTFMove(originalRequestHeaders), options, [protectedFrame = makeRef(frame), identifier] (const ResourceError& error, const ResourceResponse& response) {
- + if (!response.isNull())
- + InspectorInstrumentation::didReceiveResourceResponse(protectedFrame, identifier, protectedFrame->loader().activeDocumentLoader(), response, nullptr);
- + if (error.isNull()) {
- + NetworkLoadMetrics emptyMetrics;
- + InspectorInstrumentation::didFinishLoading(protectedFrame.ptr(), protectedFrame->loader().activeDocumentLoader(), identifier, emptyMetrics, nullptr);
- + } else
- + InspectorInstrumentation::didFailLoading(protectedFrame.ptr(), protectedFrame->loader().activeDocumentLoader(), identifier, error);
- + });
- +}
- +
- +}
- diff --git a/Source/WebCore/loader/PingLoader.h b/Source/WebCore/loader/PingLoader.h
- new file mode 100644
- index 0000000000..15489dcf04
- --- /dev/null
- +++ b/Source/WebCore/loader/PingLoader.h
- @@ -0,0 +1,62 @@
- +/*
- + * Copyright (C) 2010 Google Inc. All rights reserved.
- + * Copyright (C) 2017 Apple Inc. All rights reserved.
- + *
- + * Redistribution and use in source and binary forms, with or without
- + * modification, are permitted provided that the following conditions are
- + * met:
- + *
- + * * Redistributions of source code must retain the above copyright
- + * notice, this list of conditions and the following disclaimer.
- + * * Redistributions in binary form must reproduce the above
- + * copyright notice, this list of conditions and the following disclaimer
- + * in the documentation and/or other materials provided with the
- + * distribution.
- + * * Neither the name of Google Inc. nor the names of its
- + * contributors may be used to endorse or promote products derived from
- + * this software without specific prior written permission.
- + *
- + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- + *
- + */
- +
- +#pragma once
- +
- +#include <wtf/Forward.h>
- +#include <wtf/Ref.h>
- +
- +namespace WebCore {
- +
- +class FormData;
- +class Frame;
- +class HTTPHeaderMap;
- +class URL;
- +class ResourceRequest;
- +
- +enum class ViolationReportType {
- + ContentSecurityPolicy,
- + XSSAuditor,
- +};
- +
- +class PingLoader {
- +public:
- + static void loadImage(Frame&, const URL&);
- + static void sendPing(Frame&, const URL& pingURL, const URL& destinationURL);
- + WEBCORE_EXPORT static void sendViolationReport(Frame&, const URL& reportURL, Ref<FormData>&& report, ViolationReportType);
- +
- +private:
- + enum class ShouldFollowRedirects { No, Yes };
- + static void startPingLoad(Frame&, ResourceRequest&, HTTPHeaderMap&& originalRequestHeaders, ShouldFollowRedirects);
- +};
- +
- +} // namespace WebCore
- diff --git a/Source/WebCore/loader/cache/CachedResourceLoader.cpp b/Source/WebCore/loader/cache/CachedResourceLoader.cpp
- index 614cfee9b5..9d3d108113 100644
- --- a/Source/WebCore/loader/cache/CachedResourceLoader.cpp
- +++ b/Source/WebCore/loader/cache/CachedResourceLoader.cpp
- @@ -57,6 +57,7 @@
- #include "Logging.h"
- #include "MemoryCache.h"
- #include "Page.h"
- +#include "PingLoader.h"
- #include "PlatformStrategies.h"
- #include "RenderElement.h"
- #include "ResourceLoadInfo.h"
- @@ -201,6 +202,8 @@ ResourceErrorOr<CachedResourceHandle<CachedImage>> CachedResourceLoader::request
- if (Document* document = frame->document())
- request.upgradeInsecureRequestIfNeeded(*document);
- URL requestURL = request.resourceRequest().url();
- + if (requestURL.isValid() && canRequest(CachedResource::Type::ImageResource, requestURL, request, ForPreload::No))
- + PingLoader::loadImage(*frame, requestURL);
- return CachedResourceHandle<CachedImage> { };
- }
- }
- diff --git a/Source/WebCore/page/csp/ContentSecurityPolicy.cpp b/Source/WebCore/page/csp/ContentSecurityPolicy.cpp
- index f1b1b51da1..9b966fa02b 100644
- --- a/Source/WebCore/page/csp/ContentSecurityPolicy.cpp
- +++ b/Source/WebCore/page/csp/ContentSecurityPolicy.cpp
- @@ -45,6 +45,7 @@
- #include "JSExecState.h"
- #include "JSWindowProxy.h"
- #include "ParsingUtilities.h"
- +#include "PingLoader.h"
- #include "ResourceRequest.h"
- #include "RuntimeEnabledFeatures.h"
- #include "SchemeRegistry.h"
- @@ -758,6 +759,10 @@ void ContentSecurityPolicy::reportViolation(const String& effectiveViolatedDirec
- if (m_client) {
- for (const auto& url : reportURIs)
- m_client->sendCSPViolationReport(URL { m_protectedURL, url }, report.copyRef());
- + } else {
- + auto& document = downcast<Document>(*m_scriptExecutionContext);
- + for (const auto& url : reportURIs)
- + PingLoader::sendViolationReport(*document.frame(), URL { m_protectedURL, url }, report.copyRef(), ViolationReportType::ContentSecurityPolicy);
- }
- }
- diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.cpp b/Source/WebKit/WebProcess/WebPage/WebPage.cpp
- index e161de3599..5de12b10cc 100644
- --- a/Source/WebKit/WebProcess/WebPage/WebPage.cpp
- +++ b/Source/WebKit/WebProcess/WebPage/WebPage.cpp
- @@ -181,6 +181,7 @@
- #include <WebCore/NotImplemented.h>
- #include <WebCore/Page.h>
- #include <WebCore/PageConfiguration.h>
- +#include <WebCore/PingLoader.h>
- #include <WebCore/PlatformKeyboardEvent.h>
- #include <WebCore/PluginDocument.h>
- #include <WebCore/PrintContext.h>
- @@ -3358,6 +3359,8 @@ void WebPage::sendCSPViolationReport(uint64_t frameID, const WebCore::URL& repor
- auto report = reportData.takeData();
- if (!report)
- return;
- + if (auto* frame = WebProcess::singleton().webFrame(frameID))
- + PingLoader::sendViolationReport(*frame->coreFrame(), reportURL, report.releaseNonNull(), ViolationReportType::ContentSecurityPolicy);
- }
- void WebPage::enqueueSecurityPolicyViolationEvent(uint64_t frameID, SecurityPolicyViolationEvent::Init&& eventInit)
- --
- 2.19.2