OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 412 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
423 { ContentSecurityPolicyHashAlgorithmSha1, HashAlgorithmSha1 }, | 423 { ContentSecurityPolicyHashAlgorithmSha1, HashAlgorithmSha1 }, |
424 { ContentSecurityPolicyHashAlgorithmSha256, HashAlgorithmSha256 }, | 424 { ContentSecurityPolicyHashAlgorithmSha256, HashAlgorithmSha256 }, |
425 { ContentSecurityPolicyHashAlgorithmSha384, HashAlgorithmSha384 }, | 425 { ContentSecurityPolicyHashAlgorithmSha384, HashAlgorithmSha384 }, |
426 { ContentSecurityPolicyHashAlgorithmSha512, HashAlgorithmSha512 } | 426 { ContentSecurityPolicyHashAlgorithmSha512, HashAlgorithmSha512 } |
427 }; | 427 }; |
428 | 428 |
429 // Only bother normalizing the source/computing digests if there are any che
cks to be done. | 429 // Only bother normalizing the source/computing digests if there are any che
cks to be done. |
430 if (hashAlgorithmsUsed == ContentSecurityPolicyHashAlgorithmNone) | 430 if (hashAlgorithmsUsed == ContentSecurityPolicyHashAlgorithmNone) |
431 return false; | 431 return false; |
432 | 432 |
433 StringUTF8Adaptor normalizedSource = normalizeSource(source); | 433 StringUTF8Adaptor utf8Source(source); |
434 | 434 |
435 for (const auto& algorithmMap : kAlgorithmMap) { | 435 for (const auto& algorithmMap : kAlgorithmMap) { |
436 DigestValue digest; | 436 DigestValue digest; |
437 if (algorithmMap.cspHashAlgorithm & hashAlgorithmsUsed) { | 437 if (algorithmMap.cspHashAlgorithm & hashAlgorithmsUsed) { |
438 bool digestSuccess = computeDigest(algorithmMap.algorithm, normalize
dSource.data(), normalizedSource.length(), digest); | 438 bool digestSuccess = computeDigest(algorithmMap.algorithm, utf8Sourc
e.data(), utf8Source.length(), digest); |
439 if (digestSuccess && isAllowedByAllWithHash<allowed>(policies, CSPHa
shValue(algorithmMap.cspHashAlgorithm, digest))) | 439 if (digestSuccess && isAllowedByAllWithHash<allowed>(policies, CSPHa
shValue(algorithmMap.cspHashAlgorithm, digest))) |
440 return true; | 440 return true; |
441 } | 441 } |
442 } | 442 } |
443 | 443 |
444 return false; | 444 return false; |
445 } | 445 } |
446 | 446 |
447 bool ContentSecurityPolicy::allowJavaScriptURLs(const String& contextURL, const
WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportin
gStatus) const | 447 bool ContentSecurityPolicy::allowJavaScriptURLs(const String& contextURL, const
WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportin
gStatus) const |
448 { | 448 { |
(...skipping 575 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1024 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. | 1024 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. |
1025 return !m_violationReportsSent.contains(report.impl()->hash()); | 1025 return !m_violationReportsSent.contains(report.impl()->hash()); |
1026 } | 1026 } |
1027 | 1027 |
1028 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 1028 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
1029 { | 1029 { |
1030 m_violationReportsSent.add(report.impl()->hash()); | 1030 m_violationReportsSent.add(report.impl()->hash()); |
1031 } | 1031 } |
1032 | 1032 |
1033 } // namespace blink | 1033 } // namespace blink |
OLD | NEW |