Implement "Report-Only" mode for CSP
Created attachment 92639 [details] Patch
Comment on attachment 92639 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=92639&action=review > Source/WebCore/page/ContentSecurityPolicy.cpp:553 > + return m_reportOnly; This is a bit confusing since in the "pass" case, return m_reportOnly would return the inverse of what you wanted. Maybe this should be some helper function? I'm not sure the name. falseIfEnforcingPolicy()? !enforcingPolicy()? false || m_reportOnly? I'm not sure. This may be fine as is, just smells a little funny.
The "pass" case is handled two lines above. This return statement is only encountered after we've fired off the violation report.
I can see wrapping it in a function though. return denyIfEnforcingPolicy(); ???
Created attachment 92662 [details] Patch
Comment on attachment 92662 [details] Patch LGTM.
Of course now it feels like we should have an Allow/Deny enum (mapping to 1, 0 of course). :)
Comment on attachment 92662 [details] Patch Clearing flags on attachment: 92662 Committed r85993: <http://trac.webkit.org/changeset/85993>
All reviewed patches have been landed. Closing bug.