Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(27)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: public/web/WebSecurityPolicy.h

Issue 1049923002: Export shouldTreatURLSchemeAsSecure. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« Source/platform/weborigin/SchemeRegistry.h ('K') | « Source/web/WebSecurityPolicy.cpp ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2009 Google Inc. All rights reserved. 2 * Copyright (C) 2009 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
54 // Registers a URL scheme to be treated as display-isolated. This means 54 // Registers a URL scheme to be treated as display-isolated. This means
55 // that pages cannot display these URLs unless they are from the same 55 // that pages cannot display these URLs unless they are from the same
56 // scheme. For example, pages in other origin cannot create iframes or 56 // scheme. For example, pages in other origin cannot create iframes or
57 // hyperlinks to URLs with the scheme. 57 // hyperlinks to URLs with the scheme.
58 BLINK_EXPORT static void registerURLSchemeAsDisplayIsolated(const WebString& ); 58 BLINK_EXPORT static void registerURLSchemeAsDisplayIsolated(const WebString& );
59 59
60 // Registers a URL scheme to generate mixed content warnings when resources whose 60 // Registers a URL scheme to generate mixed content warnings when resources whose
61 // schemes are not registered as "secure" are embedded. 61 // schemes are not registered as "secure" are embedded.
62 BLINK_EXPORT static void registerURLSchemeAsRestrictingMixedContent(const We bString&); 62 BLINK_EXPORT static void registerURLSchemeAsRestrictingMixedContent(const We bString&);
63 63
64 // Registers a URL scheme to not generate mixed content warnings when 64 // For example, https and wss are secure schemes because they cannot be
Tom Sepez 2015/04/01 17:11:49 nit: same here.
palmer 2015/04/03 19:21:44 Done.
65 // included by page whose scheme is registed as restricting mixed content. 65 // corrupted by active network attackers, nor eavesdropped on by passive
66 // network attackers.. Subresources transported by secure schemes do not
67 // trigger mixed content warnings.
66 BLINK_EXPORT static void registerURLSchemeAsSecure(const WebString&); 68 BLINK_EXPORT static void registerURLSchemeAsSecure(const WebString&);
67 69
70 // Returns true if the scheme has been registered as a secure scheme.
71 BLINK_EXPORT static bool shouldTreatURLSchemeAsSecure(const WebString&);
72
68 // Registers a non-HTTP URL scheme which can be sent CORS requests. 73 // Registers a non-HTTP URL scheme which can be sent CORS requests.
69 BLINK_EXPORT static void registerURLSchemeAsCORSEnabled(const WebString&); 74 BLINK_EXPORT static void registerURLSchemeAsCORSEnabled(const WebString&);
70 75
71 // Registers a URL scheme whose resources can be loaded regardless of a page 's Content Security Policy. 76 // Registers a URL scheme whose resources can be loaded regardless of a page 's Content Security Policy.
72 BLINK_EXPORT static void registerURLSchemeAsBypassingContentSecurityPolicy(c onst WebString&); 77 BLINK_EXPORT static void registerURLSchemeAsBypassingContentSecurityPolicy(c onst WebString&);
73 78
74 // Registers a URL scheme for which some kinds of resources bypass Content S ecurity Policy. 79 // Registers a URL scheme for which some kinds of resources bypass Content S ecurity Policy.
75 // This enum should be kept in sync with Source/platform/weborigin/SchemeReg istry.h. 80 // This enum should be kept in sync with Source/platform/weborigin/SchemeReg istry.h.
76 // Enforced in AssertMatchingEnums.cpp. 81 // Enforced in AssertMatchingEnums.cpp.
77 enum PolicyAreas : uint32_t { 82 enum PolicyAreas : uint32_t {
(...skipping 27 matching lines...) Expand all
105 // by bookmarklets or javascript: URLs typed in the omnibox. 110 // by bookmarklets or javascript: URLs typed in the omnibox.
106 BLINK_EXPORT static void registerURLSchemeAsNotAllowingJavascriptURLs(const WebString&); 111 BLINK_EXPORT static void registerURLSchemeAsNotAllowingJavascriptURLs(const WebString&);
107 112
108 private: 113 private:
109 WebSecurityPolicy(); 114 WebSecurityPolicy();
110 }; 115 };
111 116
112 } // namespace blink 117 } // namespace blink
113 118
114 #endif 119 #endif
OLDNEW
« Source/platform/weborigin/SchemeRegistry.h ('K') | « Source/web/WebSecurityPolicy.cpp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698