Remove InlineType argument from AllowInlineScript()

It's always InlineType::kBlock.

Bug: 934651
Change-Id: I12090136c066387c004e09de63d0286daac12f9f
Reviewed-on: https://chromium-review.googlesource.com/c/1485126
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Andy Paicu <andypaicu@chromium.org>
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Cr-Commit-Position: refs/heads/master@{#636636}

third_party/blink/renderer/core/frame/csp/content_security_policy.cc

@@ -540,7 +540,6 @@ bool ContentSecurityPolicy::AllowInlineScript(
     const String& nonce,
     const WTF::OrdinalNumber& context_line,
     const String& script_content,
-    InlineType inline_type,
     SecurityViolationReportingPolicy reporting_policy) const {
   DCHECK(element);
 
@@ -551,7 +550,8 @@ bool ContentSecurityPolicy::AllowInlineScript(
   bool is_allowed = true;
   for (const auto& policy : policies_) {
     is_allowed &=
-        CheckScriptHashAgainstPolicy(csp_hash_values, policy, inline_type) ||
+        CheckScriptHashAgainstPolicy(csp_hash_values, policy,
+                                     InlineType::kBlock) ||
         policy->AllowInlineScript(element, context_url, nonce, context_line,
                                   reporting_policy, script_content);
   }

third_party/blink/renderer/core/frame/csp/content_security_policy.h

@@ -355,7 +355,6 @@ class CORE_EXPORT ContentSecurityPolicy
                          const String& nonce,
                          const WTF::OrdinalNumber& context_line,
                          const String& script_content,
-                         InlineType,
                          SecurityViolationReportingPolicy =
                              SecurityViolationReportingPolicy::kReport) const;
   bool AllowInlineStyle(Element*,

third_party/blink/renderer/core/frame/csp/content_security_policy_test.cc

@@ -732,10 +732,9 @@ TEST_F(ContentSecurityPolicyTest, NonceInline) {
     policy->DidReceiveHeader(String("script-src ") + test.policy,
                              kContentSecurityPolicyHeaderTypeEnforce,
                              kContentSecurityPolicyHeaderSourceHTTP);
-    EXPECT_EQ(test.allowed,
-              policy->AllowInlineScript(
-                  element, context_url, String(test.nonce), context_line,
-                  content, ContentSecurityPolicy::InlineType::kBlock));
+    EXPECT_EQ(test.allowed, policy->AllowInlineScript(element, context_url,
+                                                      String(test.nonce),
+                                                      context_line, content));
     EXPECT_EQ(expected_reports, policy->violation_reports_sent_.size());
 
     // Enforce 'style-src'
@@ -757,8 +756,7 @@ TEST_F(ContentSecurityPolicyTest, NonceInline) {
                              kContentSecurityPolicyHeaderTypeReport,
                              kContentSecurityPolicyHeaderSourceHTTP);
     EXPECT_TRUE(policy->AllowInlineScript(
-        element, context_url, String(test.nonce), context_line, content,
-        ContentSecurityPolicy::InlineType::kBlock));
+        element, context_url, String(test.nonce), context_line, content));
     EXPECT_EQ(expected_reports, policy->violation_reports_sent_.size());
 
     // Report 'style-src'
@@ -1550,9 +1548,8 @@ TEST_F(ContentSecurityPolicyTest, EmptyCSPIsNoOp) {
   EXPECT_TRUE(csp->AllowScriptFromSource(
       example_url, nonce, IntegrityMetadataSet(), kParserInserted));
   EXPECT_TRUE(csp->AllowStyleFromSource(example_url, nonce));
-  EXPECT_TRUE(csp->AllowInlineScript(
-      element, context_url, nonce, ordinal_number, source,
-      ContentSecurityPolicy::InlineType::kBlock));
+  EXPECT_TRUE(csp->AllowInlineScript(element, context_url, nonce,
+                                     ordinal_number, source));
   EXPECT_TRUE(csp->AllowInlineStyle(element, context_url, nonce, ordinal_number,
                                     source,
                                     ContentSecurityPolicy::InlineType::kBlock));

third_party/blink/renderer/core/html/html_script_element.cc

@@ -243,11 +243,9 @@ const AtomicString& HTMLScriptElement::GetNonceForElement() const {
 bool HTMLScriptElement::AllowInlineScriptForCSP(
     const AtomicString& nonce,
     const WTF::OrdinalNumber& context_line,
-    const String& script_content,
-    ContentSecurityPolicy::InlineType inline_type) {
+    const String& script_content) {
   return GetDocument().GetContentSecurityPolicy()->AllowInlineScript(
-      this, GetDocument().Url(), nonce, context_line, script_content,
-      inline_type);
+      this, GetDocument().Url(), nonce, context_line, script_content);
 }
 
 Document& HTMLScriptElement::GetDocument() const {

third_party/blink/renderer/core/html/html_script_element.h

@@ -101,8 +101,7 @@ class CORE_EXPORT HTMLScriptElement final : public HTMLElement,
   }
   bool AllowInlineScriptForCSP(const AtomicString& nonce,
                                const WTF::OrdinalNumber&,
-                               const String& script_content,
-                               ContentSecurityPolicy::InlineType) override;
+                               const String& script_content) override;
   void DispatchLoadEvent() override;
   void DispatchErrorEvent() override;
   void SetScriptElementForBinding(

third_party/blink/renderer/core/loader/http_equiv.cc

@@ -184,7 +184,6 @@ void HttpEquiv::ProcessHttpEquivRefresh(Document& document,
   UseCounter::Count(document, WebFeature::kMetaRefresh);
   if (!document.GetContentSecurityPolicy()->AllowInlineScript(
           element, NullURL(), "", OrdinalNumber(), "",
-          ContentSecurityPolicy::InlineType::kBlock,
           SecurityViolationReportingPolicy::kSuppressReporting)) {
     UseCounter::Count(document,
                       WebFeature::kMetaRefreshWhenCSPBlocksInlineScript);
@@ -200,7 +199,6 @@ void HttpEquiv::ProcessHttpEquivSetCookie(Document& document,
 
   if (!document.GetContentSecurityPolicy()->AllowInlineScript(
           element, NullURL(), "", OrdinalNumber(), "",
-          ContentSecurityPolicy::InlineType::kBlock,
           SecurityViolationReportingPolicy::kSuppressReporting)) {
     UseCounter::Count(document,
                       WebFeature::kMetaSetCookieWhenCSPBlocksInlineScript);

third_party/blink/renderer/core/script/mock_script_element_base.h

@@ -46,11 +46,10 @@ class MockScriptElementBase
   MOCK_CONST_METHOD0(GetNonceForElement, const AtomicString&());
   MOCK_CONST_METHOD0(ElementHasDuplicateAttributes, bool());
   MOCK_CONST_METHOD0(InitiatorName, AtomicString());
-  MOCK_METHOD4(AllowInlineScriptForCSP,
+  MOCK_METHOD3(AllowInlineScriptForCSP,
                bool(const AtomicString&,
                     const WTF::OrdinalNumber&,
-                    const String&,
-                    ContentSecurityPolicy::InlineType));
+                    const String&));
   MOCK_CONST_METHOD0(GetDocument, Document&());
   MOCK_METHOD1(SetScriptElementForBinding,
                void(HTMLScriptElementOrSVGScriptElement&));

third_party/blink/renderer/core/script/pending_script.cc

@@ -160,9 +160,8 @@ void PendingScript::ExecuteScriptBlock(const KURL& document_url) {
 
     AtomicString nonce = element_->GetNonceForElement();
     if (!should_bypass_main_world_csp &&
-        !element_->AllowInlineScriptForCSP(
-            nonce, StartingPosition().line_, script->InlineSourceTextForCSP(),
-            ContentSecurityPolicy::InlineType::kBlock)) {
+        !element_->AllowInlineScriptForCSP(nonce, StartingPosition().line_,
+                                           script->InlineSourceTextForCSP())) {
       // Consider as if:
       //
       // <spec step="2">If the script's script is null, ...</spec>

third_party/blink/renderer/core/script/script_element_base.h

@@ -22,7 +22,6 @@
 #define THIRD_PARTY_BLINK_RENDERER_CORE_SCRIPT_SCRIPT_ELEMENT_BASE_H_
 
 #include "third_party/blink/renderer/core/core_export.h"
-#include "third_party/blink/renderer/core/frame/csp/content_security_policy.h"
 #include "third_party/blink/renderer/platform/heap/handle.h"
 #include "third_party/blink/renderer/platform/heap/heap.h"
 #include "third_party/blink/renderer/platform/wtf/text/atomic_string.h"
@@ -62,8 +61,7 @@ class CORE_EXPORT ScriptElementBase : public GarbageCollectedMixin {
 
   virtual bool AllowInlineScriptForCSP(const AtomicString& nonce,
                                        const WTF::OrdinalNumber&,
-                                       const String& script_content,
-                                       ContentSecurityPolicy::InlineType) = 0;
+                                       const String& script_content) = 0;
   virtual Document& GetDocument() const = 0;
   virtual void SetScriptElementForBinding(
       HTMLScriptElementOrSVGScriptElement&) = 0;

third_party/blink/renderer/core/svg/svg_script_element.cc

@@ -136,11 +136,9 @@ const AtomicString& SVGScriptElement::GetNonceForElement() const {
 bool SVGScriptElement::AllowInlineScriptForCSP(
     const AtomicString& nonce,
     const WTF::OrdinalNumber& context_line,
-    const String& script_content,
-    ContentSecurityPolicy::InlineType inline_type) {
+    const String& script_content) {
   return GetDocument().GetContentSecurityPolicy()->AllowInlineScript(
-      this, GetDocument().Url(), nonce, context_line, script_content,
-      inline_type);
+      this, GetDocument().Url(), nonce, context_line, script_content);
 }
 
 Document& SVGScriptElement::GetDocument() const {

third_party/blink/renderer/core/svg/svg_script_element.h

@@ -91,8 +91,7 @@ class SVGScriptElement final : public SVGElement,
   }
   bool AllowInlineScriptForCSP(const AtomicString& nonce,
                                const WTF::OrdinalNumber&,
-                               const String& script_content,
-                               ContentSecurityPolicy::InlineType) override;
+                               const String& script_content) override;
   Document& GetDocument() const override;
   void DispatchLoadEvent() override;
   void DispatchErrorEvent() override;