| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CSPDirectiveList_h | 5 #ifndef CSPDirectiveList_h |
| 6 #define CSPDirectiveList_h | 6 #define CSPDirectiveList_h |
| 7 | 7 |
| 8 #include "core/fetch/Resource.h" | 8 #include "core/fetch/Resource.h" |
| 9 #include "core/frame/csp/ContentSecurityPolicy.h" | 9 #include "core/frame/csp/ContentSecurityPolicy.h" |
| 10 #include "core/frame/csp/MediaListDirective.h" | 10 #include "core/frame/csp/MediaListDirective.h" |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 63 bool allowStyleNonce(const String&) const; | 63 bool allowStyleNonce(const String&) const; |
| 64 bool allowScriptHash(const CSPHashValue&) const; | 64 bool allowScriptHash(const CSPHashValue&) const; |
| 65 bool allowStyleHash(const CSPHashValue&) const; | 65 bool allowStyleHash(const CSPHashValue&) const; |
| 66 | 66 |
| 67 const String& evalDisabledErrorMessage() const { return m_evalDisabledErrorM
essage; } | 67 const String& evalDisabledErrorMessage() const { return m_evalDisabledErrorM
essage; } |
| 68 ReflectedXSSDisposition reflectedXSSDisposition() const { return m_reflected
XSSDisposition; } | 68 ReflectedXSSDisposition reflectedXSSDisposition() const { return m_reflected
XSSDisposition; } |
| 69 ReferrerPolicy referrerPolicy() const { return m_referrerPolicy; } | 69 ReferrerPolicy referrerPolicy() const { return m_referrerPolicy; } |
| 70 bool didSetReferrerPolicy() const { return m_didSetReferrerPolicy; } | 70 bool didSetReferrerPolicy() const { return m_didSetReferrerPolicy; } |
| 71 bool isReportOnly() const { return m_reportOnly; } | 71 bool isReportOnly() const { return m_reportOnly; } |
| 72 const Vector<String>& reportEndpoints() const { return m_reportEndpoints; } | 72 const Vector<String>& reportEndpoints() const { return m_reportEndpoints; } |
| 73 bool isFrameAncestorsEnforced() const { return m_frameAncestors.get() && !m_
reportOnly; } |
| 73 | 74 |
| 74 // Used to copy plugin-types into a plugin document in a nested | 75 // Used to copy plugin-types into a plugin document in a nested |
| 75 // browsing context. | 76 // browsing context. |
| 76 bool hasPluginTypes() const { return !!m_pluginTypes; } | 77 bool hasPluginTypes() const { return !!m_pluginTypes; } |
| 77 const String& pluginTypesText() const; | 78 const String& pluginTypesText() const; |
| 78 | 79 |
| 79 bool shouldSendCSPHeader(Resource::Type) const; | 80 bool shouldSendCSPHeader(Resource::Type) const; |
| 80 | 81 |
| 81 private: | 82 private: |
| 82 CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, Co
ntentSecurityPolicyHeaderSource); | 83 CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, Co
ntentSecurityPolicyHeaderSource); |
| (...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 158 | 159 |
| 159 Vector<String> m_reportEndpoints; | 160 Vector<String> m_reportEndpoints; |
| 160 | 161 |
| 161 String m_evalDisabledErrorMessage; | 162 String m_evalDisabledErrorMessage; |
| 162 }; | 163 }; |
| 163 | 164 |
| 164 | 165 |
| 165 } // namespace | 166 } // namespace |
| 166 | 167 |
| 167 #endif | 168 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1326823003:
CSP: 'frame-ancestors' should override 'x-frame-options'. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master