Bug 783049 - CSP : use existing/old parser for X-Content-Security-Policy header, new/CSP 1.0 spec compliant parser for Content-Security-Policy header - Part 2 (r=bz)

2013-01-09 10:57:04 -08:00
parent f389255c0f
commit 4788e23f28
4 changed files with 91 additions and 15 deletions
--- a/netwerk/protocol/viewsource/nsViewSourceChannel.cpp
+++ b/netwerk/protocol/viewsource/nsViewSourceChannel.cpp
@@ -636,6 +636,10 @@ nsViewSourceChannel::GetResponseHeader(const nsACString & aHeader,
                        nsCaseInsensitiveCStringComparator()) &&
        !aHeader.Equals(NS_LITERAL_CSTRING("X-Content-Security-Policy-Report-Only"),
                        nsCaseInsensitiveCStringComparator()) &&
+        !aHeader.Equals(NS_LITERAL_CSTRING("Content-Security-Policy"),
+                        nsCaseInsensitiveCStringComparator()) &&
+        !aHeader.Equals(NS_LITERAL_CSTRING("Content-Security-Policy-Report-Only"),
+                        nsCaseInsensitiveCStringComparator()) &&
        !aHeader.Equals(NS_LITERAL_CSTRING("X-Frame-Options"),
                        nsCaseInsensitiveCStringComparator())) {
        aValue.Truncate();