OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "config.h" | 5 #include "config.h" |
6 #include "core/frame/csp/CSPDirectiveList.h" | 6 #include "core/frame/csp/CSPDirectiveList.h" |
7 | 7 |
8 #include "core/dom/Document.h" | 8 #include "core/dom/Document.h" |
9 #include "core/dom/SecurityContext.h" | 9 #include "core/dom/SecurityContext.h" |
10 #include "core/dom/SpaceSplitString.h" | 10 #include "core/dom/SpaceSplitString.h" |
(...skipping 730 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
741 | 741 |
742 return String(begin, length); | 742 return String(begin, length); |
743 } | 743 } |
744 | 744 |
745 void CSPDirectiveList::addDirective(const String& name, const String& value) | 745 void CSPDirectiveList::addDirective(const String& name, const String& value) |
746 { | 746 { |
747 ASSERT(!name.isEmpty()); | 747 ASSERT(!name.isEmpty()); |
748 | 748 |
749 if (equalIgnoringCase(name, ContentSecurityPolicy::DefaultSrc)) { | 749 if (equalIgnoringCase(name, ContentSecurityPolicy::DefaultSrc)) { |
750 setCSPDirective<SourceListDirective>(name, value, m_defaultSrc); | 750 setCSPDirective<SourceListDirective>(name, value, m_defaultSrc); |
751 m_policy->usesScriptHashAlgorithms(m_defaultSrc->hashAlgorithmsUsed()); | |
752 m_policy->usesStyleHashAlgorithms(m_defaultSrc->hashAlgorithmsUsed()); | |
Mike West
2015/09/22 04:37:38
Hrm. I wonder if we can get away with combining th
jww
2015/09/22 16:55:38
Sure, I think another CL makes sense.
| |
751 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ScriptSrc)) { | 753 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ScriptSrc)) { |
752 setCSPDirective<SourceListDirective>(name, value, m_scriptSrc); | 754 setCSPDirective<SourceListDirective>(name, value, m_scriptSrc); |
753 m_policy->usesScriptHashAlgorithms(m_scriptSrc->hashAlgorithmsUsed()); | 755 m_policy->usesScriptHashAlgorithms(m_scriptSrc->hashAlgorithmsUsed()); |
754 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ObjectSrc)) { | 756 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ObjectSrc)) { |
755 setCSPDirective<SourceListDirective>(name, value, m_objectSrc); | 757 setCSPDirective<SourceListDirective>(name, value, m_objectSrc); |
756 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FrameAncestors)) { | 758 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FrameAncestors)) { |
757 setCSPDirective<SourceListDirective>(name, value, m_frameAncestors); | 759 setCSPDirective<SourceListDirective>(name, value, m_frameAncestors); |
758 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FrameSrc)) { | 760 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FrameSrc)) { |
759 setCSPDirective<SourceListDirective>(name, value, m_frameSrc); | 761 setCSPDirective<SourceListDirective>(name, value, m_frameSrc); |
760 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ImgSrc)) { | 762 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ImgSrc)) { |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
792 setCSPDirective<SourceListDirective>(name, value, m_manifestSrc); | 794 setCSPDirective<SourceListDirective>(name, value, m_manifestSrc); |
793 } else if (RuntimeEnabledFeatures::suboriginsEnabled() && equalIgnoringCase( name, ContentSecurityPolicy::Suborigin)) { | 795 } else if (RuntimeEnabledFeatures::suboriginsEnabled() && equalIgnoringCase( name, ContentSecurityPolicy::Suborigin)) { |
794 applySuboriginPolicy(name, value); | 796 applySuboriginPolicy(name, value); |
795 } else { | 797 } else { |
796 m_policy->reportUnsupportedDirective(name); | 798 m_policy->reportUnsupportedDirective(name); |
797 } | 799 } |
798 } | 800 } |
799 | 801 |
800 | 802 |
801 } // namespace blink | 803 } // namespace blink |
OLD | NEW |