From a90a5cba08fdf6c0ceb95101c275108a152a3aed Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 12 Jun 2024 07:35:37 +0200 Subject: Merging upstream version 127.0. Signed-off-by: Daniel Baumann --- dom/security/nsCSPContext.h | 38 ++++++++++++++++++++++---------------- 1 file changed, 22 insertions(+), 16 deletions(-) (limited to 'dom/security/nsCSPContext.h') diff --git a/dom/security/nsCSPContext.h b/dom/security/nsCSPContext.h index e4fe5af315..f957c85e48 100644 --- a/dom/security/nsCSPContext.h +++ b/dom/security/nsCSPContext.h @@ -32,6 +32,8 @@ class nsIEventTarget; struct ConsoleMsgQueueElem; namespace mozilla { +template +class Variant; namespace dom { class Element; } @@ -77,11 +79,23 @@ class nsCSPContext : public nsIContentSecurityPolicy { uint32_t aLineNumber, uint32_t aColumnNumber, uint32_t aSeverityFlag); + enum BlockedContentSource { + eUnknown, + eInline, + eEval, + eSelf, + eWasmEval, + }; + + // Roughly implements a violation's resource + // (https://w3c.github.io/webappsec-csp/#framework-violation). + using Resource = mozilla::Variant; + /** * Construct SecurityPolicyViolationEventInit structure. * - * @param aBlockedURI - * A nsIURI: the source of the violation. + * @param aResource + * The source of the violation. * @param aOriginalUri * The original URI if the blocked content is a redirect, else null * @param aViolatedDirective @@ -98,10 +112,10 @@ class nsCSPContext : public nsIContentSecurityPolicy { * The output */ nsresult GatherSecurityPolicyViolationEventData( - nsIURI* aBlockedURI, const nsACString& aBlockedString, - nsIURI* aOriginalURI, const nsAString& aViolatedDirective, - uint32_t aViolatedPolicyIndex, const nsAString& aSourceFile, - const nsAString& aScriptSample, uint32_t aLineNum, uint32_t aColumnNum, + Resource& aResource, nsIURI* aOriginalURI, + const nsAString& aViolatedDirective, uint32_t aViolatedPolicyIndex, + const nsAString& aSourceFile, const nsAString& aScriptSample, + uint32_t aLineNum, uint32_t aColumnNum, mozilla::dom::SecurityPolicyViolationEventInit& aViolationEventInit); nsresult SendReports( @@ -114,20 +128,12 @@ class nsCSPContext : public nsIContentSecurityPolicy { const mozilla::dom::SecurityPolicyViolationEventInit& aViolationEventInit); - enum BlockedContentSource { - eUnknown, - eInline, - eEval, - eSelf, - eWasmEval, - }; - nsresult AsyncReportViolation( mozilla::dom::Element* aTriggeringElement, nsICSPEventListener* aCSPEventListener, nsIURI* aBlockedURI, BlockedContentSource aBlockedContentSource, nsIURI* aOriginalURI, - const nsAString& aViolatedDirective, - const nsAString& aViolatedDirectiveString, + const nsAString& aViolatedDirectiveName, + const nsAString& aViolatedDirectiveNameAndValue, const CSPDirective aEffectiveDirective, uint32_t aViolatedPolicyIndex, const nsAString& aObserverSubject, const nsAString& aSourceFile, bool aReportSample, const nsAString& aScriptSample, uint32_t aLineNum, -- cgit v1.2.3