Chromium Code Reviews Chromium Code Reviews
Issue 1009583003:
Add CSP header for resources with an active policy (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "config.h" | 5 #include "config.h" |
| 6 #include "core/frame/csp/CSPDirectiveList.h" | 6 #include "core/frame/csp/CSPDirectiveList.h" |
| 7 | 7 |
| 8 #include "core/dom/Document.h" | 8 #include "core/dom/Document.h" |
| 9 #include "core/dom/SecurityContext.h" | 9 #include "core/dom/SecurityContext.h" |
| 10 #include "core/frame/LocalFrame.h" | 10 #include "core/frame/LocalFrame.h" |
| (...skipping 390 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 401 { | 401 { |
| 402 return checkHash(operativeDirective(m_styleSrc.get()), hashValue); | 402 return checkHash(operativeDirective(m_styleSrc.get()), hashValue); |
| 403 } | 403 } |
| 404 | 404 |
| 405 const String& CSPDirectiveList::pluginTypesText() const | 405 const String& CSPDirectiveList::pluginTypesText() const |
| 406 { | 406 { |
| 407 ASSERT(hasPluginTypes()); | 407 ASSERT(hasPluginTypes()); |
| 408 return m_pluginTypes->text(); | 408 return m_pluginTypes->text(); |
| 409 } | 409 } |
| 410 | 410 |
| 411 bool CSPDirectiveList::hasScriptPolicy() const | |
| 412 { | |
| 413 return !!operativeDirective(m_scriptSrc.get()); | |
| 414 } | |
| 415 | |
| 416 bool CSPDirectiveList::hasStylePolicy() const | |
| 417 { | |
| 418 return !!operativeDirective(m_styleSrc.get()); | |
| 419 } | |
| 420 | |
| 421 bool CSPDirectiveList::hasImagePolicy() const | |
| 422 { | |
| 423 return !!operativeDirective(m_imgSrc.get()); | |
| 424 } | |
| 425 | |
| 426 bool CSPDirectiveList::hasFontPolicy() const | |
| 427 { | |
| 428 return !!operativeDirective(m_fontSrc.get()); | |
| 429 } | |
| 430 | |
| 431 bool CSPDirectiveList::hasMediaPolicy() const | |
| 432 { | |
| 433 return !!operativeDirective(m_mediaSrc.get()); | |
| 434 } | |
| 435 | |
| 436 bool CSPDirectiveList::hasPluginPolicy() const | |
| 437 { | |
| 438 return !!operativeDirective(m_objectSrc.get()); | |
|
Mike West
2015/03/16 10:39:11
Should this take `plugin-types` into account as we
estark
2015/03/17 18:27:34
I can't quite figure out if it's necessary or not,
| |
| 439 } | |
| 440 | |
| 411 // policy = directive-list | 441 // policy = directive-list |
| 412 // directive-list = [ directive *( ";" [ directive ] ) ] | 442 // directive-list = [ directive *( ";" [ directive ] ) ] |
| 413 // | 443 // |
| 414 void CSPDirectiveList::parse(const UChar* begin, const UChar* end) | 444 void CSPDirectiveList::parse(const UChar* begin, const UChar* end) |
| 415 { | 445 { |
| 416 m_header = String(begin, end - begin); | 446 m_header = String(begin, end - begin); |
| 417 | 447 |
| 418 if (begin == end) | 448 if (begin == end) |
| 419 return; | 449 return; |
| 420 | 450 |
| (...skipping 309 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 730 enableInsecureRequestsUpgrade(name, value); | 760 enableInsecureRequestsUpgrade(name, value); |
| 731 else | 761 else |
| 732 m_policy->reportUnsupportedDirective(name); | 762 m_policy->reportUnsupportedDirective(name); |
| 733 } else { | 763 } else { |
| 734 m_policy->reportUnsupportedDirective(name); | 764 m_policy->reportUnsupportedDirective(name); |
| 735 } | 765 } |
| 736 } | 766 } |
| 737 | 767 |
| 738 | 768 |
| 739 } // namespace blink | 769 } // namespace blink |
| OLD | NEW |
