Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(130)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: extensions/common/csp_validator.cc

Issue 1272823003: Update SplitString calls to new form (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « extensions/browser/api/networking_private/networking_private_linux.cc ('k') | extensions/common/features/base_feature_provider.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/common/csp_validator.h" 5 #include "extensions/common/csp_validator.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/strings/string_split.h" 9 #include "base/strings/string_split.h"
10 #include "base/strings/string_tokenizer.h" 10 #include "base/strings/string_tokenizer.h"
(...skipping 222 matching lines...) Expand 10 before | Expand all | Expand 10 after
233 233
234 return policy.find_first_of(kBadChars, 0, arraysize(kBadChars)) == 234 return policy.find_first_of(kBadChars, 0, arraysize(kBadChars)) ==
235 std::string::npos; 235 std::string::npos;
236 } 236 }
237 237
238 std::string SanitizeContentSecurityPolicy( 238 std::string SanitizeContentSecurityPolicy(
239 const std::string& policy, 239 const std::string& policy,
240 int options, 240 int options,
241 std::vector<InstallWarning>* warnings) { 241 std::vector<InstallWarning>* warnings) {
242 // See http://www.w3.org/TR/CSP/#parse-a-csp-policy for parsing algorithm. 242 // See http://www.w3.org/TR/CSP/#parse-a-csp-policy for parsing algorithm.
243 std::vector<std::string> directives; 243 std::vector<std::string> directives = base::SplitString(
244 base::SplitString(policy, ';', &directives); 244 policy, ";", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL);
245 245
246 DirectiveStatus default_src_status(kDefaultSrc); 246 DirectiveStatus default_src_status(kDefaultSrc);
247 DirectiveStatus script_src_status(kScriptSrc); 247 DirectiveStatus script_src_status(kScriptSrc);
248 DirectiveStatus object_src_status(kObjectSrc); 248 DirectiveStatus object_src_status(kObjectSrc);
249 249
250 bool allow_insecure_object_src = 250 bool allow_insecure_object_src =
251 AllowedToHaveInsecureObjectSrc(options, directives); 251 AllowedToHaveInsecureObjectSrc(options, directives);
252 252
253 std::vector<std::string> sane_csp_parts; 253 std::vector<std::string> sane_csp_parts;
254 std::vector<InstallWarning> default_src_csp_warnings; 254 std::vector<InstallWarning> default_src_csp_warnings;
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
300 manifest_errors::kInvalidCSPMissingSecureSrc, kObjectSrc))); 300 manifest_errors::kInvalidCSPMissingSecureSrc, kObjectSrc)));
301 } 301 }
302 } 302 }
303 303
304 return base::JoinString(sane_csp_parts, " "); 304 return base::JoinString(sane_csp_parts, " ");
305 } 305 }
306 306
307 bool ContentSecurityPolicyIsSandboxed( 307 bool ContentSecurityPolicyIsSandboxed(
308 const std::string& policy, Manifest::Type type) { 308 const std::string& policy, Manifest::Type type) {
309 // See http://www.w3.org/TR/CSP/#parse-a-csp-policy for parsing algorithm. 309 // See http://www.w3.org/TR/CSP/#parse-a-csp-policy for parsing algorithm.
310 std::vector<std::string> directives;
311 base::SplitString(policy, ';', &directives);
312
313 bool seen_sandbox = false; 310 bool seen_sandbox = false;
314 311 for (const std::string& input : base::SplitString(
315 for (size_t i = 0; i < directives.size(); ++i) { 312 policy, ";", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL)) {
316 std::string& input = directives[i];
317 base::StringTokenizer tokenizer(input, " \t\r\n"); 313 base::StringTokenizer tokenizer(input, " \t\r\n");
318 if (!tokenizer.GetNext()) 314 if (!tokenizer.GetNext())
319 continue; 315 continue;
320 316
321 std::string directive_name = tokenizer.token(); 317 std::string directive_name = tokenizer.token();
322 base::StringToLowerASCII(&directive_name); 318 base::StringToLowerASCII(&directive_name);
323 319
324 if (directive_name != kSandboxDirectiveName) 320 if (directive_name != kSandboxDirectiveName)
325 continue; 321 continue;
326 322
(...skipping 14 matching lines...) Expand all
341 } 337 }
342 } 338 }
343 } 339 }
344 340
345 return seen_sandbox; 341 return seen_sandbox;
346 } 342 }
347 343
348 } // namespace csp_validator 344 } // namespace csp_validator
349 345
350 } // namespace extensions 346 } // namespace extensions
OLDNEW
« no previous file with comments | « extensions/browser/api/networking_private/networking_private_linux.cc ('k') | extensions/common/features/base_feature_provider.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698