Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(166)

Side by Side Diff: third_party/WebKit/Source/core/frame/csp/CSPSource.cpp

Issue 1367933003: CSP source *.x.y should not match host x.y (Closed) Base URL: https://chromium.googlesource.com/chromium/src@master
Patch Set: Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "config.h" 5 #include "config.h"
6 #include "core/frame/csp/CSPSource.h" 6 #include "core/frame/csp/CSPSource.h"
7 7
8 #include "core/frame/UseCounter.h"
8 #include "core/frame/csp/ContentSecurityPolicy.h" 9 #include "core/frame/csp/ContentSecurityPolicy.h"
9 #include "platform/weborigin/KURL.h" 10 #include "platform/weborigin/KURL.h"
10 #include "platform/weborigin/KnownPorts.h" 11 #include "platform/weborigin/KnownPorts.h"
11 #include "platform/weborigin/SecurityOrigin.h" 12 #include "platform/weborigin/SecurityOrigin.h"
12 #include "wtf/text/WTFString.h" 13 #include "wtf/text/WTFString.h"
13 14
14 namespace blink { 15 namespace blink {
15 16
16 CSPSource::CSPSource(ContentSecurityPolicy* policy, const String& scheme, const String& host, int port, const String& path, WildcardDisposition hostWildcard, Wi ldcardDisposition portWildcard) 17 CSPSource::CSPSource(ContentSecurityPolicy* policy, const String& scheme, const String& host, int port, const String& path, WildcardDisposition hostWildcard, Wi ldcardDisposition portWildcard)
17 : m_policy(policy) 18 : m_policy(policy)
(...skipping 19 matching lines...) Expand all
37 bool CSPSource::schemeMatches(const KURL& url) const 38 bool CSPSource::schemeMatches(const KURL& url) const
38 { 39 {
39 if (m_scheme.isEmpty()) 40 if (m_scheme.isEmpty())
40 return m_policy->protocolMatchesSelf(url); 41 return m_policy->protocolMatchesSelf(url);
41 return equalIgnoringCase(url.protocol(), m_scheme); 42 return equalIgnoringCase(url.protocol(), m_scheme);
42 } 43 }
43 44
44 bool CSPSource::hostMatches(const KURL& url) const 45 bool CSPSource::hostMatches(const KURL& url) const
45 { 46 {
46 const String& host = url.host(); 47 const String& host = url.host();
47 if (equalIgnoringCase(host, m_host)) 48 Document* document = m_policy->document();
48 return true; 49 bool match;
49 return m_hostWildcard == HasWildcard && host.endsWith("." + m_host, TextCase Insensitive);
50 50
51 bool equalHosts = equalIgnoringCase(host, m_host);
52 if (m_hostWildcard == HasWildcard) {
53 match = host.endsWith("." + m_host, TextCaseInsensitive);
54
55 // Chrome used to, incorrectly, match *.x.y to x.y. This was fixed, but
56 // the following count measures when a match fails that would have
57 // passed the old, incorrect style, in case a lot of sites were
58 // relying on that behavior.
59 if (document && equalHosts)
60 UseCounter::count(*document, UseCounter::CSPSourceWildcardWouldMatch ExactHost);
61 } else {
62 match = equalHosts;
63 }
64
65 return match;
51 } 66 }
52 67
53 bool CSPSource::pathMatches(const KURL& url) const 68 bool CSPSource::pathMatches(const KURL& url) const
54 { 69 {
55 if (m_path.isEmpty()) 70 if (m_path.isEmpty())
56 return true; 71 return true;
57 72
58 String path = decodeURLEscapeSequences(url.path()); 73 String path = decodeURLEscapeSequences(url.path());
59 74
60 if (m_path.endsWith("/")) 75 if (m_path.endsWith("/"))
(...skipping 20 matching lines...) Expand all
81 96
82 return false; 97 return false;
83 } 98 }
84 99
85 bool CSPSource::isSchemeOnly() const 100 bool CSPSource::isSchemeOnly() const
86 { 101 {
87 return m_host.isEmpty(); 102 return m_host.isEmpty();
88 } 103 }
89 104
90 } // namespace 105 } // namespace
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698