|
|
@@ -1,5 +1,5 @@
|
|
|
From: uazo <uazo@users.noreply.github.com>
|
|
|
-Date: Fri, 18 Dec 2020 18:11:49 +0000
|
|
|
+Date: Mon, 28 Dec 2020 12:29:56 +0000
|
|
|
Subject: Experimental user scripts support preview
|
|
|
|
|
|
---
|
|
|
@@ -99,12 +99,12 @@ Subject: Experimental user scripts support preview
|
|
|
.../renderer/user_scripts_dispatcher.h | 48 ++
|
|
|
.../renderer/user_scripts_renderer_client.cc | 76 ++
|
|
|
.../renderer/user_scripts_renderer_client.h | 33 +
|
|
|
- .../renderer/web_ui_injection_host.cc | 26 +
|
|
|
+ .../renderer/web_ui_injection_host.cc | 40 +
|
|
|
.../renderer/web_ui_injection_host.h | 28 +
|
|
|
.../strings/userscripts_strings.grdp | 50 ++
|
|
|
tools/gritsettings/resource_ids.spec | 3 +
|
|
|
.../chromium/ui/base/SelectFileDialog.java | 3 +-
|
|
|
- 101 files changed, 8888 insertions(+), 4 deletions(-)
|
|
|
+ 101 files changed, 8902 insertions(+), 4 deletions(-)
|
|
|
create mode 100755 components/user_scripts/android/BUILD.gn
|
|
|
create mode 100755 components/user_scripts/android/java/res/drawable-hdpi/userscript_off.png
|
|
|
create mode 100755 components/user_scripts/android/java/res/drawable-hdpi/userscript_on.png
|
|
|
@@ -9663,12 +9663,20 @@ diff --git a/components/user_scripts/renderer/web_ui_injection_host.cc b/compone
|
|
|
new file mode 100755
|
|
|
--- /dev/null
|
|
|
+++ b/components/user_scripts/renderer/web_ui_injection_host.cc
|
|
|
-@@ -0,0 +1,26 @@
|
|
|
+@@ -0,0 +1,40 @@
|
|
|
+// Copyright 2015 The Chromium Authors. All rights reserved.
|
|
|
+// Use of this source code is governed by a BSD-style license that can be
|
|
|
+// found in the LICENSE file.
|
|
|
+
|
|
|
+#include "web_ui_injection_host.h"
|
|
|
++#include "base/no_destructor.h"
|
|
|
++
|
|
|
++namespace {
|
|
|
++
|
|
|
++// The default secure CSP to be used in order to prevent remote scripts.
|
|
|
++const char kDefaultSecureCSP[] = "script-src 'self'; object-src 'self';";
|
|
|
++
|
|
|
++}
|
|
|
+
|
|
|
+WebUIInjectionHost::WebUIInjectionHost(const HostID& host_id)
|
|
|
+ : InjectionHost(host_id),
|
|
|
@@ -9680,7 +9688,13 @@ new file mode 100755
|
|
|
+
|
|
|
+const std::string* WebUIInjectionHost::GetContentSecurityPolicy() const {
|
|
|
+ // Use the main world CSP.
|
|
|
-+ return nullptr;
|
|
|
++ // return nullptr;
|
|
|
++
|
|
|
++ // The isolated world will use its own CSP which blocks remotely hosted
|
|
|
++ // code.
|
|
|
++ static const base::NoDestructor<std::string> default_isolated_world_csp(
|
|
|
++ kDefaultSecureCSP);
|
|
|
++ return default_isolated_world_csp.get();
|
|
|
+}
|
|
|
+
|
|
|
+const GURL& WebUIInjectionHost::url() const {
|
Carmelo Messina