Esempio n. 1
0
void XSSAuditorDelegate::didBlockScript(const XSSInfo& xssInfo) {
  ASSERT(isMainThread());

  UseCounter::count(m_document, xssInfo.m_didBlockEntirePage
                                    ? UseCounter::XSSAuditorBlockedEntirePage
                                    : UseCounter::XSSAuditorBlockedScript);

  m_document->addConsoleMessage(ConsoleMessage::create(
      JSMessageSource, ErrorMessageLevel, xssInfo.buildConsoleError()));

  FrameLoader& frameLoader = m_document->frame()->loader();
  if (xssInfo.m_didBlockEntirePage)
    frameLoader.stopAllLoaders();

  if (!m_didSendNotifications) {
    m_didSendNotifications = true;

    frameLoader.client()->didDetectXSS(m_document->url(),
                                       xssInfo.m_didBlockEntirePage);

    if (!m_reportURL.isEmpty())
      PingLoader::sendViolationReport(m_document->frame(), m_reportURL,
                                      generateViolationReport(xssInfo),
                                      PingLoader::XSSAuditorViolationReport);
  }

  if (xssInfo.m_didBlockEntirePage)
    m_document->frame()->navigationScheduler().schedulePageBlock(m_document);
}
void XSSAuditorDelegate::didBlockScript(const XSSInfo& xssInfo)
{
    ASSERT(isMainThread());

    m_document.addConsoleMessage(MessageSource::JS, MessageLevel::Error, buildConsoleError(xssInfo));

    FrameLoader& frameLoader = m_document.frame()->loader();
    if (xssInfo.m_didBlockEntirePage)
        frameLoader.stopAllLoaders();

    if (!m_didSendNotifications) {
        m_didSendNotifications = true;

        frameLoader.client().didDetectXSS(m_document.url(), xssInfo.m_didBlockEntirePage);

        if (!m_reportURL.isEmpty())
            PingLoader::sendViolationReport(*m_document.frame(), m_reportURL, generateViolationReport(xssInfo));
    }

    if (xssInfo.m_didBlockEntirePage)
        m_document.frame()->navigationScheduler().scheduleLocationChange(m_document.securityOrigin(), SecurityOrigin::urlWithUniqueSecurityOrigin(), String());
}