OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/site_isolation_policy.h" | 5 #include "content/child/site_isolation_policy.h" |
6 | 6 |
7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
9 #include "base/lazy_instance.h" | 9 #include "base/lazy_instance.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
59 | 59 |
60 data.remove_prefix(offset); | 60 data.remove_prefix(offset); |
61 size_t length = data.length(); | 61 size_t length = data.length(); |
62 | 62 |
63 for (size_t sig_index = 0; sig_index < arr_size; ++sig_index) { | 63 for (size_t sig_index = 0; sig_index < arr_size; ++sig_index) { |
64 const StringPiece& signature = signatures[sig_index]; | 64 const StringPiece& signature = signatures[sig_index]; |
65 size_t signature_length = signature.length(); | 65 size_t signature_length = signature.length(); |
66 if (length < signature_length) | 66 if (length < signature_length) |
67 continue; | 67 continue; |
68 | 68 |
69 if (LowerCaseEqualsASCII(data.begin(), data.begin() + signature_length, | 69 if (base::LowerCaseEqualsASCII(data.begin(), |
70 signature.data())) | 70 data.begin() + signature_length, |
| 71 signature.data())) |
71 return true; | 72 return true; |
72 } | 73 } |
73 return false; | 74 return false; |
74 } | 75 } |
75 | 76 |
76 void IncrementHistogramCount(const std::string& name) { | 77 void IncrementHistogramCount(const std::string& name) { |
77 // The default value of min, max, bucket_count are copied from histogram.h. | 78 // The default value of min, max, bucket_count are copied from histogram.h. |
78 base::HistogramBase* histogram_pointer = base::Histogram::FactoryGet( | 79 base::HistogramBase* histogram_pointer = base::Histogram::FactoryGet( |
79 name, 1, 100000, 50, base::HistogramBase::kUmaTargetedHistogramFlag); | 80 name, 1, 100000, 50, base::HistogramBase::kUmaTargetedHistogramFlag); |
80 histogram_pointer->Add(1); | 81 histogram_pointer->Add(1); |
(...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
187 std::string no_sniff; | 188 std::string no_sniff; |
188 info.headers->EnumerateHeader(NULL, "x-content-type-options", &no_sniff); | 189 info.headers->EnumerateHeader(NULL, "x-content-type-options", &no_sniff); |
189 | 190 |
190 linked_ptr<SiteIsolationResponseMetaData> resp_data( | 191 linked_ptr<SiteIsolationResponseMetaData> resp_data( |
191 new SiteIsolationResponseMetaData); | 192 new SiteIsolationResponseMetaData); |
192 resp_data->frame_origin = frame_origin.spec(); | 193 resp_data->frame_origin = frame_origin.spec(); |
193 resp_data->response_url = response_url; | 194 resp_data->response_url = response_url; |
194 resp_data->resource_type = resource_type; | 195 resp_data->resource_type = resource_type; |
195 resp_data->canonical_mime_type = canonical_mime_type; | 196 resp_data->canonical_mime_type = canonical_mime_type; |
196 resp_data->http_status_code = info.headers->response_code(); | 197 resp_data->http_status_code = info.headers->response_code(); |
197 resp_data->no_sniff = LowerCaseEqualsASCII(no_sniff, "nosniff"); | 198 resp_data->no_sniff = base::LowerCaseEqualsASCII(no_sniff, "nosniff"); |
198 | 199 |
199 return resp_data; | 200 return resp_data; |
200 } | 201 } |
201 | 202 |
202 bool SiteIsolationPolicy::ShouldBlockResponse( | 203 bool SiteIsolationPolicy::ShouldBlockResponse( |
203 const linked_ptr<SiteIsolationResponseMetaData>& resp_data, | 204 const linked_ptr<SiteIsolationResponseMetaData>& resp_data, |
204 const char* raw_data, | 205 const char* raw_data, |
205 int raw_length, | 206 int raw_length, |
206 std::string* alternative_data) { | 207 std::string* alternative_data) { |
207 if (!g_policy_enabled) | 208 if (!g_policy_enabled) |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
292 alternative_data->insert(0, " "); | 293 alternative_data->insert(0, " "); |
293 LOG(ERROR) << resp_data->response_url | 294 LOG(ERROR) << resp_data->response_url |
294 << " is blocked as an illegal cross-site document from " | 295 << " is blocked as an illegal cross-site document from " |
295 << resp_data->frame_origin; | 296 << resp_data->frame_origin; |
296 } | 297 } |
297 return is_blocked; | 298 return is_blocked; |
298 } | 299 } |
299 | 300 |
300 SiteIsolationResponseMetaData::CanonicalMimeType | 301 SiteIsolationResponseMetaData::CanonicalMimeType |
301 SiteIsolationPolicy::GetCanonicalMimeType(const std::string& mime_type) { | 302 SiteIsolationPolicy::GetCanonicalMimeType(const std::string& mime_type) { |
302 if (LowerCaseEqualsASCII(mime_type, kTextHtml)) { | 303 if (base::LowerCaseEqualsASCII(mime_type, kTextHtml)) { |
303 return SiteIsolationResponseMetaData::HTML; | 304 return SiteIsolationResponseMetaData::HTML; |
304 } | 305 } |
305 | 306 |
306 if (LowerCaseEqualsASCII(mime_type, kTextPlain)) { | 307 if (base::LowerCaseEqualsASCII(mime_type, kTextPlain)) { |
307 return SiteIsolationResponseMetaData::Plain; | 308 return SiteIsolationResponseMetaData::Plain; |
308 } | 309 } |
309 | 310 |
310 if (LowerCaseEqualsASCII(mime_type, kAppJson) || | 311 if (base::LowerCaseEqualsASCII(mime_type, kAppJson) || |
311 LowerCaseEqualsASCII(mime_type, kTextJson) || | 312 base::LowerCaseEqualsASCII(mime_type, kTextJson) || |
312 LowerCaseEqualsASCII(mime_type, kTextXjson)) { | 313 base::LowerCaseEqualsASCII(mime_type, kTextXjson)) { |
313 return SiteIsolationResponseMetaData::JSON; | 314 return SiteIsolationResponseMetaData::JSON; |
314 } | 315 } |
315 | 316 |
316 if (LowerCaseEqualsASCII(mime_type, kTextXml) || | 317 if (base::LowerCaseEqualsASCII(mime_type, kTextXml) || |
317 LowerCaseEqualsASCII(mime_type, xAppRssXml) || | 318 base::LowerCaseEqualsASCII(mime_type, xAppRssXml) || |
318 LowerCaseEqualsASCII(mime_type, kAppXml)) { | 319 base::LowerCaseEqualsASCII(mime_type, kAppXml)) { |
319 return SiteIsolationResponseMetaData::XML; | 320 return SiteIsolationResponseMetaData::XML; |
320 } | 321 } |
321 | 322 |
322 return SiteIsolationResponseMetaData::Others; | 323 return SiteIsolationResponseMetaData::Others; |
323 } | 324 } |
324 | 325 |
325 bool SiteIsolationPolicy::IsBlockableScheme(const GURL& url) { | 326 bool SiteIsolationPolicy::IsBlockableScheme(const GURL& url) { |
326 // We exclude ftp:// from here. FTP doesn't provide a Content-Type | 327 // We exclude ftp:// from here. FTP doesn't provide a Content-Type |
327 // header which our policy depends on, so we cannot protect any | 328 // header which our policy depends on, so we cannot protect any |
328 // document from FTP servers. | 329 // document from FTP servers. |
(...skipping 165 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
494 // TODO(dsjang): This is a real hack. The only purpose of this function is to | 495 // TODO(dsjang): This is a real hack. The only purpose of this function is to |
495 // try to see if there's any possibility that this data can be JavaScript | 496 // try to see if there's any possibility that this data can be JavaScript |
496 // (superset of JS). This function will be removed once UMA stats are | 497 // (superset of JS). This function will be removed once UMA stats are |
497 // gathered. | 498 // gathered. |
498 | 499 |
499 // Search for "var " for JS detection. | 500 // Search for "var " for JS detection. |
500 return data.find("var ") != base::StringPiece::npos; | 501 return data.find("var ") != base::StringPiece::npos; |
501 } | 502 } |
502 | 503 |
503 } // namespace content | 504 } // namespace content |
OLD | NEW |