OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
154 | 154 |
155 void ContentSecurityPolicy::bindToExecutionContext(ExecutionContext* executionCo
ntext) | 155 void ContentSecurityPolicy::bindToExecutionContext(ExecutionContext* executionCo
ntext) |
156 { | 156 { |
157 m_executionContext = executionContext; | 157 m_executionContext = executionContext; |
158 applyPolicySideEffectsToExecutionContext(); | 158 applyPolicySideEffectsToExecutionContext(); |
159 } | 159 } |
160 | 160 |
161 void ContentSecurityPolicy::applyPolicySideEffectsToExecutionContext() | 161 void ContentSecurityPolicy::applyPolicySideEffectsToExecutionContext() |
162 { | 162 { |
163 ASSERT(m_executionContext); | 163 ASSERT(m_executionContext); |
| 164 ASSERT(securityOrigin()); |
164 // Ensure that 'self' processes correctly. | 165 // Ensure that 'self' processes correctly. |
165 m_selfProtocol = securityOrigin()->protocol(); | 166 m_selfProtocol = securityOrigin()->protocol(); |
166 m_selfSource = adoptPtr(new CSPSource(this, m_selfProtocol, securityOrigin()
->host(), securityOrigin()->port(), String(), CSPSource::NoWildcard, CSPSource::
NoWildcard)); | 167 m_selfSource = adoptPtr(new CSPSource(this, m_selfProtocol, securityOrigin()
->host(), securityOrigin()->port(), String(), CSPSource::NoWildcard, CSPSource::
NoWildcard)); |
167 | 168 |
168 // If we're in a Document, set the referrer policy, mixed content checking,
and sandbox | 169 // If we're in a Document, set the referrer policy, mixed content checking,
and sandbox |
169 // flags, then dump all the parsing error messages, then poke at histograms. | 170 // flags, then dump all the parsing error messages, then poke at histograms. |
170 if (Document* document = this->document()) { | 171 if (Document* document = this->document()) { |
171 if (m_sandboxMask != SandboxNone) { | 172 if (m_sandboxMask != SandboxNone) { |
172 UseCounter::count(document, UseCounter::SandboxViaCSP); | 173 UseCounter::count(document, UseCounter::SandboxViaCSP); |
173 document->enforceSandboxFlags(m_sandboxMask); | 174 document->enforceSandboxFlags(m_sandboxMask); |
174 } | 175 } |
175 if (m_enforceStrictMixedContentChecking) | 176 if (m_enforceStrictMixedContentChecking) |
176 document->enforceStrictMixedContentChecking(); | 177 document->enforceStrictMixedContentChecking(); |
177 if (didSetReferrerPolicy()) | 178 if (didSetReferrerPolicy()) |
178 document->setReferrerPolicy(m_referrerPolicy); | 179 document->setReferrerPolicy(m_referrerPolicy); |
179 if (m_insecureRequestsPolicy > document->insecureRequestsPolicy()) | 180 if (m_insecureRequestsPolicy > document->insecureRequestsPolicy()) { |
180 document->setInsecureRequestsPolicy(m_insecureRequestsPolicy); | 181 document->setInsecureRequestsPolicy(m_insecureRequestsPolicy); |
| 182 if (!securityOrigin()->host().isNull()) |
| 183 document->addInsecureNavigationUpgrade(securityOrigin()->host().
impl()->hash()); |
| 184 } |
181 | 185 |
182 for (const auto& consoleMessage : m_consoleMessages) | 186 for (const auto& consoleMessage : m_consoleMessages) |
183 m_executionContext->addConsoleMessage(consoleMessage); | 187 m_executionContext->addConsoleMessage(consoleMessage); |
184 m_consoleMessages.clear(); | 188 m_consoleMessages.clear(); |
185 | 189 |
186 for (const auto& policy : m_policies) | 190 for (const auto& policy : m_policies) |
187 UseCounter::count(*document, getUseCounterType(policy->headerType())
); | 191 UseCounter::count(*document, getUseCounterType(policy->headerType())
); |
188 } | 192 } |
189 | 193 |
190 // We disable 'eval()' even in the case of report-only policies, and rely on
the check in the | 194 // We disable 'eval()' even in the case of report-only policies, and rely on
the check in the |
(...skipping 736 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
927 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. | 931 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. |
928 return !m_violationReportsSent.contains(report.impl()->hash()); | 932 return !m_violationReportsSent.contains(report.impl()->hash()); |
929 } | 933 } |
930 | 934 |
931 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 935 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
932 { | 936 { |
933 m_violationReportsSent.add(report.impl()->hash()); | 937 m_violationReportsSent.add(report.impl()->hash()); |
934 } | 938 } |
935 | 939 |
936 } // namespace blink | 940 } // namespace blink |
OLD | NEW |