Chromium Code Reviews Chromium Code Reviews
Issue 1109633002:
Basic experimental suborigin CSP directive and SecurityOrigin mods (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. |
| 3 * Copyright (C) 2012 Google Inc. All Rights Reserved. | 3 * Copyright (C) 2012 Google Inc. All Rights Reserved. |
| 4 * | 4 * |
| 5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
| 6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
| 7 * are met: | 7 * are met: |
| 8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
| (...skipping 19 matching lines...) Expand all Loading... | |
| 30 | 30 |
| 31 #include "core/CoreExport.h" | 31 #include "core/CoreExport.h" |
| 32 #include "core/dom/ContextLifecycleNotifier.h" | 32 #include "core/dom/ContextLifecycleNotifier.h" |
| 33 #include "core/dom/ContextLifecycleObserver.h" | 33 #include "core/dom/ContextLifecycleObserver.h" |
| 34 #include "core/dom/SecurityContext.h" | 34 #include "core/dom/SecurityContext.h" |
| 35 #include "core/dom/SuspendableTask.h" | 35 #include "core/dom/SuspendableTask.h" |
| 36 #include "core/fetch/AccessControlStatus.h" | 36 #include "core/fetch/AccessControlStatus.h" |
| 37 #include "platform/Supplementable.h" | 37 #include "platform/Supplementable.h" |
| 38 #include "platform/heap/Handle.h" | 38 #include "platform/heap/Handle.h" |
| 39 #include "platform/weborigin/KURL.h" | 39 #include "platform/weborigin/KURL.h" |
| 40 #include "platform/weborigin/SecurityOrigin.h" | |
| 40 #include "wtf/Deque.h" | 41 #include "wtf/Deque.h" |
| 41 #include "wtf/Noncopyable.h" | 42 #include "wtf/Noncopyable.h" |
| 42 #include "wtf/OwnPtr.h" | 43 #include "wtf/OwnPtr.h" |
| 43 #include "wtf/PassOwnPtr.h" | 44 #include "wtf/PassOwnPtr.h" |
| 44 | 45 |
| 45 namespace blink { | 46 namespace blink { |
| 46 | 47 |
| 47 class ActiveDOMObject; | 48 class ActiveDOMObject; |
| 48 class ConsoleMessage; | 49 class ConsoleMessage; |
| 49 class DOMTimerCoordinator; | 50 class DOMTimerCoordinator; |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 136 | 137 |
| 137 // Gets the next id in a circular sequence from 1 to 2^31-1. | 138 // Gets the next id in a circular sequence from 1 to 2^31-1. |
| 138 int circularSequentialID(); | 139 int circularSequentialID(); |
| 139 | 140 |
| 140 virtual EventTarget* errorEventTarget() = 0; | 141 virtual EventTarget* errorEventTarget() = 0; |
| 141 virtual EventQueue* eventQueue() const = 0; | 142 virtual EventQueue* eventQueue() const = 0; |
| 142 | 143 |
| 143 void enforceStrictMixedContentChecking() { m_strictMixedContentCheckingEnfor ced = true; } | 144 void enforceStrictMixedContentChecking() { m_strictMixedContentCheckingEnfor ced = true; } |
| 144 bool shouldEnforceStrictMixedContentChecking() const { return m_strictMixedC ontentCheckingEnforced; } | 145 bool shouldEnforceStrictMixedContentChecking() const { return m_strictMixedC ontentCheckingEnforced; } |
| 145 | 146 |
| 147 void enforceSuborigin(const String& name); | |
| 148 bool hasSuborigin() { return securityContext().securityOrigin()->hasSuborigi n(); } | |
|
jochen (gone - plz use gerrit)
2015/04/27 19:35:10
if you moved the bodies to the .cc you wouldn't ne
jww
2015/05/30 01:11:07
Done.
| |
| 149 String suboriginName() { return securityContext().securityOrigin()->suborigi nName(); } | |
| 150 | |
| 146 // Methods related to window interaction. It should be used to manage window | 151 // Methods related to window interaction. It should be used to manage window |
| 147 // focusing and window creation permission for an ExecutionContext. | 152 // focusing and window creation permission for an ExecutionContext. |
| 148 void allowWindowInteraction(); | 153 void allowWindowInteraction(); |
| 149 void consumeWindowInteraction(); | 154 void consumeWindowInteraction(); |
| 150 bool isWindowInteractionAllowed() const; | 155 bool isWindowInteractionAllowed() const; |
| 151 | 156 |
| 152 // Decides whether this context is privileged, as described in | 157 // Decides whether this context is privileged, as described in |
| 153 // https://w3c.github.io/webappsec/specs/powerfulfeatures/#settings-privileg ed. | 158 // https://w3c.github.io/webappsec/specs/powerfulfeatures/#settings-privileg ed. |
| 154 virtual bool isPrivilegedContext(String& errorMessage, const PrivilegeContex tCheck = StandardPrivilegeCheck) = 0; | 159 virtual bool isPrivilegedContext(String& errorMessage, const PrivilegeContex tCheck = StandardPrivilegeCheck) = 0; |
| 155 | 160 |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 189 // increment and decrement the counter. | 194 // increment and decrement the counter. |
| 190 int m_windowInteractionTokens; | 195 int m_windowInteractionTokens; |
| 191 | 196 |
| 192 Deque<OwnPtr<SuspendableTask>> m_suspendedTasks; | 197 Deque<OwnPtr<SuspendableTask>> m_suspendedTasks; |
| 193 bool m_isRunSuspendableTasksScheduled; | 198 bool m_isRunSuspendableTasksScheduled; |
| 194 }; | 199 }; |
| 195 | 200 |
| 196 } // namespace blink | 201 } // namespace blink |
| 197 | 202 |
| 198 #endif // ExecutionContext_h | 203 #endif // ExecutionContext_h |
| OLD | NEW |
