| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_COMMON_EXTENSIONS_CSP_HANDLER_H_ | 5 #ifndef CHROME_COMMON_EXTENSIONS_CSP_HANDLER_H_ |
| 6 #define CHROME_COMMON_EXTENSIONS_CSP_HANDLER_H_ | 6 #define CHROME_COMMON_EXTENSIONS_CSP_HANDLER_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "chrome/common/extensions/extension.h" | 10 #include "chrome/common/extensions/extension.h" |
| 11 #include "chrome/common/extensions/manifest_handler.h" | 11 #include "chrome/common/extensions/manifest_handler.h" |
| 12 | 12 |
| 13 namespace extensions { | 13 namespace extensions { |
| 14 | 14 |
| 15 // A structure to hold the Content-Security-Policy information. | 15 // A structure to hold the Content-Security-Policy information. |
| 16 struct CSPInfo : public Extension::ManifestData { | 16 struct CSPInfo : public Extension::ManifestData { |
| 17 explicit CSPInfo(const std::string& security_policy); | 17 explicit CSPInfo(const std::string& security_policy); |
| 18 virtual ~CSPInfo(); | 18 virtual ~CSPInfo(); |
| 19 | 19 |
| 20 // The Content-Security-Policy for an extension. Extensions can use | 20 // The Content-Security-Policy for an extension. Extensions can use |
| 21 // Content-Security-Policies to mitigate cross-site scripting and other | 21 // Content-Security-Policies to mitigate cross-site scripting and other |
| 22 // vulnerabilities. | 22 // vulnerabilities. |
| 23 std::string content_security_policy; | 23 std::string content_security_policy; |
| 24 | 24 |
| 25 static const std::string& GetContentSecurityPolicy( | 25 static const std::string& GetContentSecurityPolicy( |
| 26 const Extension* extension); | 26 const Extension* extension); |
| 27 |
| 28 // Returns the Content Security Policy that the specified resource should be |
| 29 // served with. |
| 30 static const std::string& GetResourceContentSecurityPolicy( |
| 31 const Extension* extension, |
| 32 const std::string& relative_path); |
| 27 }; | 33 }; |
| 28 | 34 |
| 29 // Parses "content_security_policy" and "app.content_security_policy" keys. | 35 // Parses "content_security_policy" and "app.content_security_policy" keys. |
| 30 class CSPHandler : public ManifestHandler { | 36 class CSPHandler : public ManifestHandler { |
| 31 public: | 37 public: |
| 32 explicit CSPHandler(bool is_platform_app); | 38 explicit CSPHandler(bool is_platform_app); |
| 33 virtual ~CSPHandler(); | 39 virtual ~CSPHandler(); |
| 34 | 40 |
| 35 virtual bool Parse(Extension* extension, string16* error) OVERRIDE; | 41 virtual bool Parse(Extension* extension, string16* error) OVERRIDE; |
| 36 virtual bool AlwaysParseForType(Manifest::Type type) const OVERRIDE; | 42 virtual bool AlwaysParseForType(Manifest::Type type) const OVERRIDE; |
| 37 | 43 |
| 38 private: | 44 private: |
| 39 virtual const std::vector<std::string> Keys() const OVERRIDE; | 45 virtual const std::vector<std::string> Keys() const OVERRIDE; |
| 40 | 46 |
| 41 bool is_platform_app_; | 47 bool is_platform_app_; |
| 42 | 48 |
| 43 DISALLOW_COPY_AND_ASSIGN(CSPHandler); | 49 DISALLOW_COPY_AND_ASSIGN(CSPHandler); |
| 44 }; | 50 }; |
| 45 | 51 |
| 46 } // namespace extensions | 52 } // namespace extensions |
| 47 | 53 |
| 48 #endif // CHROME_COMMON_EXTENSIONS_CSP_HANDLER_H_ | 54 #endif // CHROME_COMMON_EXTENSIONS_CSP_HANDLER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12886023:
Remove SandboxedPages and SandboxedCSP from Extension Class (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master