OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
161 } | 161 } |
162 | 162 |
163 void ContentSecurityPolicy::applyPolicySideEffectsToExecutionContext() | 163 void ContentSecurityPolicy::applyPolicySideEffectsToExecutionContext() |
164 { | 164 { |
165 ASSERT(m_executionContext); | 165 ASSERT(m_executionContext); |
166 ASSERT(securityOrigin()); | 166 ASSERT(securityOrigin()); |
167 // Ensure that 'self' processes correctly. | 167 // Ensure that 'self' processes correctly. |
168 m_selfProtocol = securityOrigin()->protocol(); | 168 m_selfProtocol = securityOrigin()->protocol(); |
169 m_selfSource = adoptPtr(new CSPSource(this, m_selfProtocol, securityOrigin()
->host(), securityOrigin()->port(), String(), CSPSource::NoWildcard, CSPSource::
NoWildcard)); | 169 m_selfSource = adoptPtr(new CSPSource(this, m_selfProtocol, securityOrigin()
->host(), securityOrigin()->port(), String(), CSPSource::NoWildcard, CSPSource::
NoWildcard)); |
170 | 170 |
171 // If we're in a Document, set the referrer policy, mixed content checking,
and sandbox | 171 if (didSetReferrerPolicy()) |
| 172 m_executionContext->setReferrerPolicy(m_referrerPolicy); |
| 173 |
| 174 // If we're in a Document, set mixed content checking and sandbox |
172 // flags, then dump all the parsing error messages, then poke at histograms. | 175 // flags, then dump all the parsing error messages, then poke at histograms. |
173 if (Document* document = this->document()) { | 176 if (Document* document = this->document()) { |
174 if (m_sandboxMask != SandboxNone) { | 177 if (m_sandboxMask != SandboxNone) { |
175 UseCounter::count(document, UseCounter::SandboxViaCSP); | 178 UseCounter::count(document, UseCounter::SandboxViaCSP); |
176 document->enforceSandboxFlags(m_sandboxMask); | 179 document->enforceSandboxFlags(m_sandboxMask); |
177 } | 180 } |
178 if (m_enforceStrictMixedContentChecking) | 181 if (m_enforceStrictMixedContentChecking) |
179 document->enforceStrictMixedContentChecking(); | 182 document->enforceStrictMixedContentChecking(); |
180 if (didSetReferrerPolicy()) | |
181 document->setReferrerPolicy(m_referrerPolicy); | |
182 if (m_insecureRequestsPolicy == SecurityContext::InsecureRequestsUpgrade
) { | 183 if (m_insecureRequestsPolicy == SecurityContext::InsecureRequestsUpgrade
) { |
183 UseCounter::count(document, UseCounter::UpgradeInsecureRequestsEnabl
ed); | 184 UseCounter::count(document, UseCounter::UpgradeInsecureRequestsEnabl
ed); |
184 document->setInsecureRequestsPolicy(m_insecureRequestsPolicy); | 185 document->setInsecureRequestsPolicy(m_insecureRequestsPolicy); |
185 if (!securityOrigin()->host().isNull()) | 186 if (!securityOrigin()->host().isNull()) |
186 document->addInsecureNavigationUpgrade(securityOrigin()->host().
impl()->hash()); | 187 document->addInsecureNavigationUpgrade(securityOrigin()->host().
impl()->hash()); |
187 } | 188 } |
188 | 189 |
189 for (const auto& consoleMessage : m_consoleMessages) | 190 for (const auto& consoleMessage : m_consoleMessages) |
190 m_executionContext->addConsoleMessage(consoleMessage); | 191 m_executionContext->addConsoleMessage(consoleMessage); |
191 m_consoleMessages.clear(); | 192 m_consoleMessages.clear(); |
(...skipping 776 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
968 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. | 969 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. |
969 return !m_violationReportsSent.contains(report.impl()->hash()); | 970 return !m_violationReportsSent.contains(report.impl()->hash()); |
970 } | 971 } |
971 | 972 |
972 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 973 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
973 { | 974 { |
974 m_violationReportsSent.add(report.impl()->hash()); | 975 m_violationReportsSent.add(report.impl()->hash()); |
975 } | 976 } |
976 | 977 |
977 } // namespace blink | 978 } // namespace blink |
OLD | NEW |