Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(239)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/frame/ContentSecurityPolicy.h

Issue 134863007: CSP: Replace 'static_cast' with 'toDocument'. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: rebase Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Source/core/dom/Document.h ('k') | Source/core/frame/ContentSecurityPolicy.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2011 Google, Inc. All rights reserved. 2 * Copyright (C) 2011 Google, Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution. 11 * documentation and/or other materials provided with the distribution.
12 * 12 *
13 * THIS SOFTWARE IS PROVIDED BY GOOGLE INC. ``AS IS'' AND ANY 13 * THIS SOFTWARE IS PROVIDED BY GOOGLE INC. ``AS IS'' AND ANY
14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR 16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY 20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */ 24 */
25 25
26 #ifndef ContentSecurityPolicy_h 26 #ifndef ContentSecurityPolicy_h
27 #define ContentSecurityPolicy_h 27 #define ContentSecurityPolicy_h
28 28
29 #include "bindings/v8/ScriptState.h" 29 #include "bindings/v8/ScriptState.h"
30 #include "core/dom/Document.h"
30 #include "platform/network/HTTPParsers.h" 31 #include "platform/network/HTTPParsers.h"
31 #include "platform/weborigin/ReferrerPolicy.h" 32 #include "platform/weborigin/ReferrerPolicy.h"
32 #include "wtf/HashSet.h" 33 #include "wtf/HashSet.h"
33 #include "wtf/PassOwnPtr.h" 34 #include "wtf/PassOwnPtr.h"
34 #include "wtf/Vector.h" 35 #include "wtf/Vector.h"
35 #include "wtf/text/StringHash.h" 36 #include "wtf/text/StringHash.h"
36 #include "wtf/text/TextPosition.h" 37 #include "wtf/text/TextPosition.h"
37 #include "wtf/text/WTFString.h" 38 #include "wtf/text/WTFString.h"
38 39
39 namespace WTF { 40 namespace WTF {
(...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after
155 KURL completeURL(const String&) const; 156 KURL completeURL(const String&) const;
156 SecurityOrigin* securityOrigin() const; 157 SecurityOrigin* securityOrigin() const;
157 void enforceSandboxFlags(SandboxFlags) const; 158 void enforceSandboxFlags(SandboxFlags) const;
158 String evalDisabledErrorMessage() const; 159 String evalDisabledErrorMessage() const;
159 String styleEvalDisabledErrorMessage() const; 160 String styleEvalDisabledErrorMessage() const;
160 161
161 bool experimentalFeaturesEnabled() const; 162 bool experimentalFeaturesEnabled() const;
162 163
163 static bool shouldBypassMainWorld(ExecutionContext*); 164 static bool shouldBypassMainWorld(ExecutionContext*);
164 165
165 ExecutionContextClient* client() { return m_client; } 166 ExecutionContextClient* client() const { return m_client; }
167 Document* document() const { return client()->isDocument() ? toDocument(clie nt()) : 0; }
166 168
167 private: 169 private:
168 explicit ContentSecurityPolicy(ExecutionContextClient*); 170 explicit ContentSecurityPolicy(ExecutionContextClient*);
169 171
170 void logToConsole(const String& message) const; 172 void logToConsole(const String& message) const;
171 void addPolicyFromHeaderValue(const String&, HeaderType, HeaderSource); 173 void addPolicyFromHeaderValue(const String&, HeaderType, HeaderSource);
172 174
173 bool shouldSendViolationReport(const String&) const; 175 bool shouldSendViolationReport(const String&) const;
174 void didSendViolationReport(const String&); 176 void didSendViolationReport(const String&);
175 177
176 ExecutionContextClient* m_client; 178 ExecutionContextClient* m_client;
177 bool m_overrideInlineStyleAllowed; 179 bool m_overrideInlineStyleAllowed;
178 CSPDirectiveListVector m_policies; 180 CSPDirectiveListVector m_policies;
179 181
180 HashSet<unsigned, AlreadyHashed> m_violationReportsSent; 182 HashSet<unsigned, AlreadyHashed> m_violationReportsSent;
181 183
182 // We put the hash functions used on the policy object so that we only need 184 // We put the hash functions used on the policy object so that we only need
183 // to calculate a hash once and then distribute it to all of the directives 185 // to calculate a hash once and then distribute it to all of the directives
184 // for validation. 186 // for validation.
185 uint8_t m_scriptHashAlgorithmsUsed; 187 uint8_t m_scriptHashAlgorithmsUsed;
186 uint8_t m_styleHashAlgorithmsUsed; 188 uint8_t m_styleHashAlgorithmsUsed;
187 }; 189 };
188 190
189 } 191 }
190 192
191 #endif 193 #endif
OLDNEW
« no previous file with comments | « Source/core/dom/Document.h ('k') | Source/core/frame/ContentSecurityPolicy.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698