OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
62 return isASCIIAlphanumeric(c) || c == '-'; | 62 return isASCIIAlphanumeric(c) || c == '-'; |
63 } | 63 } |
64 | 64 |
65 bool isDirectiveValueCharacter(UChar c) | 65 bool isDirectiveValueCharacter(UChar c) |
66 { | 66 { |
67 return isASCIISpace(c) || (c >= 0x21 && c <= 0x7e); // Whitespace + VCHAR | 67 return isASCIISpace(c) || (c >= 0x21 && c <= 0x7e); // Whitespace + VCHAR |
68 } | 68 } |
69 | 69 |
70 bool isNonceCharacter(UChar c) | 70 bool isNonceCharacter(UChar c) |
71 { | 71 { |
72 return (c >= 0x21 && c <= 0x7e) && c != ',' && c != ';'; // VCHAR - ',' - '; ' | 72 return isASCIIAlphanumeric(c); |
73 } | 73 } |
74 | 74 |
75 bool isSourceCharacter(UChar c) | 75 bool isSourceCharacter(UChar c) |
76 { | 76 { |
77 return !isASCIISpace(c); | 77 return !isASCIISpace(c); |
78 } | 78 } |
79 | 79 |
80 bool isPathComponentCharacter(UChar c) | 80 bool isPathComponentCharacter(UChar c) |
81 { | 81 { |
82 return c != '?' && c != '#'; | 82 return c != '?' && c != '#'; |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
117 static const char objectSrc[] = "object-src"; | 117 static const char objectSrc[] = "object-src"; |
118 static const char reportURI[] = "report-uri"; | 118 static const char reportURI[] = "report-uri"; |
119 static const char sandbox[] = "sandbox"; | 119 static const char sandbox[] = "sandbox"; |
120 static const char scriptSrc[] = "script-src"; | 120 static const char scriptSrc[] = "script-src"; |
121 static const char styleSrc[] = "style-src"; | 121 static const char styleSrc[] = "style-src"; |
122 | 122 |
123 // CSP 1.1 Directives | 123 // CSP 1.1 Directives |
124 static const char baseURI[] = "base-uri"; | 124 static const char baseURI[] = "base-uri"; |
125 static const char formAction[] = "form-action"; | 125 static const char formAction[] = "form-action"; |
126 static const char pluginTypes[] = "plugin-types"; | 126 static const char pluginTypes[] = "plugin-types"; |
127 static const char scriptNonce[] = "script-nonce"; | 127 static const char scriptNonce[] = "script-nonce"; |
Mike West
2013/05/14 08:07:38
You can kill this now, I believe.
jww
2013/05/14 20:49:30
Done.
| |
128 static const char reflectedXSS[] = "reflected-xss"; | 128 static const char reflectedXSS[] = "reflected-xss"; |
129 | 129 |
130 bool isDirectiveName(const String& name) | 130 bool isDirectiveName(const String& name) |
131 { | 131 { |
132 return (equalIgnoringCase(name, connectSrc) | 132 return (equalIgnoringCase(name, connectSrc) |
133 || equalIgnoringCase(name, defaultSrc) | 133 || equalIgnoringCase(name, defaultSrc) |
134 || equalIgnoringCase(name, fontSrc) | 134 || equalIgnoringCase(name, fontSrc) |
135 || equalIgnoringCase(name, frameSrc) | 135 || equalIgnoringCase(name, frameSrc) |
136 || equalIgnoringCase(name, imgSrc) | 136 || equalIgnoringCase(name, imgSrc) |
137 || equalIgnoringCase(name, mediaSrc) | 137 || equalIgnoringCase(name, mediaSrc) |
138 || equalIgnoringCase(name, objectSrc) | 138 || equalIgnoringCase(name, objectSrc) |
139 || equalIgnoringCase(name, reportURI) | 139 || equalIgnoringCase(name, reportURI) |
140 || equalIgnoringCase(name, sandbox) | 140 || equalIgnoringCase(name, sandbox) |
141 || equalIgnoringCase(name, scriptSrc) | 141 || equalIgnoringCase(name, scriptSrc) |
142 || equalIgnoringCase(name, styleSrc) | 142 || equalIgnoringCase(name, styleSrc) |
143 || equalIgnoringCase(name, baseURI) | 143 || equalIgnoringCase(name, baseURI) |
144 || equalIgnoringCase(name, formAction) | 144 || equalIgnoringCase(name, formAction) |
145 || equalIgnoringCase(name, pluginTypes) | 145 || equalIgnoringCase(name, pluginTypes) |
146 || equalIgnoringCase(name, scriptNonce) | 146 || equalIgnoringCase(name, scriptNonce) |
Mike West
2013/05/14 08:07:38
And this.
jww
2013/05/14 20:49:30
Done.
| |
147 || equalIgnoringCase(name, reflectedXSS) | 147 || equalIgnoringCase(name, reflectedXSS) |
148 ); | 148 ); |
149 } | 149 } |
150 | 150 |
151 UseCounter::Feature getUseCounterType(ContentSecurityPolicy::HeaderType type) | 151 UseCounter::Feature getUseCounterType(ContentSecurityPolicy::HeaderType type) |
152 { | 152 { |
153 switch (type) { | 153 switch (type) { |
154 case ContentSecurityPolicy::PrefixedEnforce: | 154 case ContentSecurityPolicy::PrefixedEnforce: |
155 return UseCounter::PrefixedContentSecurityPolicy; | 155 return UseCounter::PrefixedContentSecurityPolicy; |
156 case ContentSecurityPolicy::Enforce: | 156 case ContentSecurityPolicy::Enforce: |
(...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
313 }; | 313 }; |
314 | 314 |
315 class CSPSourceList { | 315 class CSPSourceList { |
316 public: | 316 public: |
317 CSPSourceList(ContentSecurityPolicy*, const String& directiveName); | 317 CSPSourceList(ContentSecurityPolicy*, const String& directiveName); |
318 | 318 |
319 void parse(const String&); | 319 void parse(const String&); |
320 bool matches(const KURL&); | 320 bool matches(const KURL&); |
321 bool allowInline() const { return m_allowInline; } | 321 bool allowInline() const { return m_allowInline; } |
322 bool allowEval() const { return m_allowEval; } | 322 bool allowEval() const { return m_allowEval; } |
323 bool allowNonce(const String& nonce) const { return !nonce.isNull() && m_non ces.contains(nonce); } | |
323 | 324 |
324 private: | 325 private: |
325 void parse(const UChar* begin, const UChar* end); | 326 void parse(const UChar* begin, const UChar* end); |
326 | 327 |
327 bool parseSource(const UChar* begin, const UChar* end, String& scheme, Strin g& host, int& port, String& path, bool& hostHasWildcard, bool& portHasWildcard); | 328 bool parseSource(const UChar* begin, const UChar* end, String& scheme, Strin g& host, int& port, String& path, bool& hostHasWildcard, bool& portHasWildcard); |
328 bool parseScheme(const UChar* begin, const UChar* end, String& scheme); | 329 bool parseScheme(const UChar* begin, const UChar* end, String& scheme); |
329 bool parseHost(const UChar* begin, const UChar* end, String& host, bool& hos tHasWildcard); | 330 bool parseHost(const UChar* begin, const UChar* end, String& host, bool& hos tHasWildcard); |
330 bool parsePort(const UChar* begin, const UChar* end, int& port, bool& portHa sWildcard); | 331 bool parsePort(const UChar* begin, const UChar* end, int& port, bool& portHa sWildcard); |
331 bool parsePath(const UChar* begin, const UChar* end, String& path); | 332 bool parsePath(const UChar* begin, const UChar* end, String& path); |
332 | 333 |
333 void addSourceSelf(); | 334 void addSourceSelf(); |
334 void addSourceStar(); | 335 void addSourceStar(); |
335 void addSourceUnsafeInline(); | 336 void addSourceUnsafeInline(); |
336 void addSourceUnsafeEval(); | 337 void addSourceUnsafeEval(); |
338 void addSourceNonce(String& nonce); | |
abarth-chromium
2013/05/14 05:58:16
const String& <-- we generally use const referen
jww
2013/05/14 20:49:30
Done.
| |
337 | 339 |
338 ContentSecurityPolicy* m_policy; | 340 ContentSecurityPolicy* m_policy; |
339 Vector<CSPSource> m_list; | 341 Vector<CSPSource> m_list; |
340 String m_directiveName; | 342 String m_directiveName; |
341 bool m_allowStar; | 343 bool m_allowStar; |
342 bool m_allowInline; | 344 bool m_allowInline; |
343 bool m_allowEval; | 345 bool m_allowEval; |
346 // Set of nonces that indicate whitelisted scripts | |
abarth-chromium
2013/05/14 05:58:16
I'd skip this comment. CSPSourceList isn't specif
jww
2013/05/14 20:49:30
Done.
| |
347 HashSet<String> m_nonces; | |
344 }; | 348 }; |
345 | 349 |
346 CSPSourceList::CSPSourceList(ContentSecurityPolicy* policy, const String& direct iveName) | 350 CSPSourceList::CSPSourceList(ContentSecurityPolicy* policy, const String& direct iveName) |
347 : m_policy(policy) | 351 : m_policy(policy) |
348 , m_directiveName(directiveName) | 352 , m_directiveName(directiveName) |
349 , m_allowStar(false) | 353 , m_allowStar(false) |
350 , m_allowInline(false) | 354 , m_allowInline(false) |
351 , m_allowEval(false) | 355 , m_allowEval(false) |
352 { | 356 { |
353 } | 357 } |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
438 if (equalIgnoringCase("'unsafe-inline'", begin, end - begin)) { | 442 if (equalIgnoringCase("'unsafe-inline'", begin, end - begin)) { |
439 addSourceUnsafeInline(); | 443 addSourceUnsafeInline(); |
440 return true; | 444 return true; |
441 } | 445 } |
442 | 446 |
443 if (equalIgnoringCase("'unsafe-eval'", begin, end - begin)) { | 447 if (equalIgnoringCase("'unsafe-eval'", begin, end - begin)) { |
444 addSourceUnsafeEval(); | 448 addSourceUnsafeEval(); |
445 return true; | 449 return true; |
446 } | 450 } |
447 | 451 |
448 const UChar* position = begin; | 452 const UChar* position; |
abarth-chromium
2013/05/14 05:58:16
There's no reason to have this variable declared h
jww
2013/05/14 20:49:30
I declared it up here because I actually use it in
| |
453 | |
454 const char noncePrefix[] = "'nonce-"; | |
455 const int noncePrefixLen = strlen(noncePrefix); | |
abarth-chromium
2013/05/14 05:58:16
It's better if you use a String that's an ASCIILit
jww
2013/05/14 20:49:30
I'm unclear on how to get the length in a compiler
| |
456 | |
457 if (equalIgnoringCase(noncePrefix, begin, noncePrefixLen) && (*(end - 1) == '\'')) { | |
abarth-chromium
2013/05/14 05:58:16
There's no reason to check the end - 1 condition.
Mike West
2013/05/14 08:07:38
Given the length, it might also be reasonable to s
jww
2013/05/14 20:49:30
Done.
jww
2013/05/14 20:49:30
Done.
| |
458 String nonce; | |
459 const UChar* nonceBegin = position = begin + noncePrefixLen; | |
abarth-chromium
2013/05/14 05:58:16
We generally don't use compound statements like th
jww
2013/05/14 20:49:30
Done.
| |
460 skipWhile<isNonceCharacter>(position, end); | |
461 | |
462 // According to the W3C spec, we need to accept the empty string as a | |
463 // valid nonce (that is, "script-src 'nonce-'" is valid and is a nonce | |
464 // of the empty string ""). Hence why we do a <= comparrion rather than | |
465 // just a < comparrison. | |
466 if (nonceBegin <= position) { | |
abarth-chromium
2013/05/14 05:58:16
There's no way this can fail to be true. I'd just
jww
2013/05/14 20:49:30
Done.
| |
467 nonce = String(nonceBegin, position - nonceBegin); | |
468 } else { | |
469 // This is a really odd error condition. Maybe this should be an | |
470 // ASSERT or do-not-reach? | |
471 return false; | |
472 } | |
473 | |
474 if ((position + 1) != end && *position != '\'') { | |
475 // There is an invalid nonce character here. We should report the | |
476 // invalid character, but also eat up any characters until the | |
477 // single quote. | |
478 position = end; | |
abarth-chromium
2013/05/14 05:58:16
Position is a local variable. THere's no reason t
jww
2013/05/14 20:49:30
Whoops. Remnants of an old misunderstanding :-)
On
| |
479 return false; | |
480 } | |
481 | |
482 addSourceNonce(nonce); | |
483 return true; | |
484 } | |
485 | |
486 position = begin; | |
449 const UChar* beginHost = begin; | 487 const UChar* beginHost = begin; |
450 const UChar* beginPath = end; | 488 const UChar* beginPath = end; |
451 const UChar* beginPort = 0; | 489 const UChar* beginPort = 0; |
452 | 490 |
453 skipWhile<isNotColonOrSlash>(position, end); | 491 skipWhile<isNotColonOrSlash>(position, end); |
454 | 492 |
455 if (position == end) { | 493 if (position == end) { |
456 // host | 494 // host |
457 // ^ | 495 // ^ |
458 return parseHost(beginHost, position, host, hostHasWildcard); | 496 return parseHost(beginHost, position, host, hostHasWildcard); |
(...skipping 195 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
654 void CSPSourceList::addSourceUnsafeInline() | 692 void CSPSourceList::addSourceUnsafeInline() |
655 { | 693 { |
656 m_allowInline = true; | 694 m_allowInline = true; |
657 } | 695 } |
658 | 696 |
659 void CSPSourceList::addSourceUnsafeEval() | 697 void CSPSourceList::addSourceUnsafeEval() |
660 { | 698 { |
661 m_allowEval = true; | 699 m_allowEval = true; |
662 } | 700 } |
663 | 701 |
702 void CSPSourceList::addSourceNonce(String& nonce) | |
703 { | |
704 m_nonces.add(String(nonce)); | |
abarth-chromium
2013/05/14 05:58:16
There's no reason to call the String constructor a
jww
2013/05/14 20:49:30
Done.
| |
705 } | |
706 | |
664 class CSPDirective { | 707 class CSPDirective { |
665 public: | 708 public: |
666 CSPDirective(const String& name, const String& value, ContentSecurityPolicy* policy) | 709 CSPDirective(const String& name, const String& value, ContentSecurityPolicy* policy) |
667 : m_name(name) | 710 : m_name(name) |
668 , m_text(name + ' ' + value) | 711 , m_text(name + ' ' + value) |
669 , m_policy(policy) | 712 , m_policy(policy) |
670 { | 713 { |
671 } | 714 } |
672 | 715 |
673 const String& text() const { return m_text; } | 716 const String& text() const { return m_text; } |
674 | 717 |
675 protected: | 718 protected: |
676 const ContentSecurityPolicy* policy() const { return m_policy; } | 719 const ContentSecurityPolicy* policy() const { return m_policy; } |
677 | 720 |
678 private: | 721 private: |
679 String m_name; | 722 String m_name; |
680 String m_text; | 723 String m_text; |
681 ContentSecurityPolicy* m_policy; | 724 ContentSecurityPolicy* m_policy; |
682 }; | 725 }; |
683 | 726 |
684 class NonceDirective : public CSPDirective { | |
685 public: | |
686 NonceDirective(const String& name, const String& value, ContentSecurityPolic y* policy) | |
687 : CSPDirective(name, value, policy) | |
688 { | |
689 parse(value); | |
690 } | |
691 | |
692 bool allows(const String& nonce) const | |
693 { | |
694 return (!m_scriptNonce.isEmpty() && nonce.stripWhiteSpace() == m_scriptN once); | |
695 } | |
696 | |
697 private: | |
698 void parse(const String& value) | |
699 { | |
700 String nonce; | |
701 const UChar* position = value.characters(); | |
702 const UChar* end = position + value.length(); | |
703 | |
704 skipWhile<isASCIISpace>(position, end); | |
705 const UChar* nonceBegin = position; | |
706 if (position == end) { | |
707 policy()->reportInvalidNonce(String()); | |
708 m_scriptNonce = ""; | |
709 return; | |
710 } | |
711 skipWhile<isNonceCharacter>(position, end); | |
712 if (nonceBegin < position) | |
713 nonce = String(nonceBegin, position - nonceBegin); | |
714 | |
715 // Trim off trailing whitespace: If we're not at the end of the string, log | |
716 // an error. | |
717 skipWhile<isASCIISpace>(position, end); | |
718 if (position < end) { | |
719 policy()->reportInvalidNonce(value); | |
720 m_scriptNonce = ""; | |
721 } else | |
722 m_scriptNonce = nonce; | |
723 } | |
724 | |
725 String m_scriptNonce; | |
726 }; | |
727 | |
728 class MediaListDirective : public CSPDirective { | 727 class MediaListDirective : public CSPDirective { |
729 public: | 728 public: |
730 MediaListDirective(const String& name, const String& value, ContentSecurityP olicy* policy) | 729 MediaListDirective(const String& name, const String& value, ContentSecurityP olicy* policy) |
731 : CSPDirective(name, value, policy) | 730 : CSPDirective(name, value, policy) |
732 { | 731 { |
733 parse(value); | 732 parse(value); |
734 } | 733 } |
735 | 734 |
736 bool allows(const String& type) | 735 bool allows(const String& type) |
737 { | 736 { |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
810 m_sourceList.parse(value); | 809 m_sourceList.parse(value); |
811 } | 810 } |
812 | 811 |
813 bool allows(const KURL& url) | 812 bool allows(const KURL& url) |
814 { | 813 { |
815 return m_sourceList.matches(url.isEmpty() ? policy()->url() : url); | 814 return m_sourceList.matches(url.isEmpty() ? policy()->url() : url); |
816 } | 815 } |
817 | 816 |
818 bool allowInline() const { return m_sourceList.allowInline(); } | 817 bool allowInline() const { return m_sourceList.allowInline(); } |
819 bool allowEval() const { return m_sourceList.allowEval(); } | 818 bool allowEval() const { return m_sourceList.allowEval(); } |
819 bool allowNonce(const String& nonce) const { return m_sourceList.allowNonce( nonce.stripWhiteSpace()); } | |
820 | 820 |
821 private: | 821 private: |
822 CSPSourceList m_sourceList; | 822 CSPSourceList m_sourceList; |
823 }; | 823 }; |
824 | 824 |
825 class CSPDirectiveList { | 825 class CSPDirectiveList { |
826 WTF_MAKE_FAST_ALLOCATED; | 826 WTF_MAKE_FAST_ALLOCATED; |
827 public: | 827 public: |
828 static PassOwnPtr<CSPDirectiveList> create(ContentSecurityPolicy*, const Str ing&, ContentSecurityPolicy::HeaderType); | 828 static PassOwnPtr<CSPDirectiveList> create(ContentSecurityPolicy*, const Str ing&, ContentSecurityPolicy::HeaderType); |
829 | 829 |
830 const String& header() const { return m_header; } | 830 const String& header() const { return m_header; } |
831 ContentSecurityPolicy::HeaderType headerType() const { return m_headerType; } | 831 ContentSecurityPolicy::HeaderType headerType() const { return m_headerType; } |
832 | 832 |
833 bool allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const; | 833 bool allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const; |
834 bool allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNu mber& contextLine, ContentSecurityPolicy::ReportingStatus) const; | 834 bool allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNu mber& contextLine, ContentSecurityPolicy::ReportingStatus) const; |
835 bool allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& c ontextLine, ContentSecurityPolicy::ReportingStatus) const; | 835 bool allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& c ontextLine, ContentSecurityPolicy::ReportingStatus) const; |
836 bool allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& co ntextLine, ContentSecurityPolicy::ReportingStatus) const; | 836 bool allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& co ntextLine, ContentSecurityPolicy::ReportingStatus) const; |
837 bool allowEval(ScriptState*, ContentSecurityPolicy::ReportingStatus) const; | 837 bool allowEval(ScriptState*, ContentSecurityPolicy::ReportingStatus) const; |
838 bool allowScriptNonce(const String& nonce, const String& contextURL, const W TF::OrdinalNumber& contextLine, const KURL&) const; | |
839 bool allowPluginType(const String& type, const String& typeAttribute, const KURL&, ContentSecurityPolicy::ReportingStatus) const; | 838 bool allowPluginType(const String& type, const String& typeAttribute, const KURL&, ContentSecurityPolicy::ReportingStatus) const; |
840 | 839 |
841 bool allowScriptFromSource(const KURL&, ContentSecurityPolicy::ReportingStat us) const; | 840 bool allowScriptFromSource(const KURL&, ContentSecurityPolicy::ReportingStat us) const; |
842 bool allowObjectFromSource(const KURL&, ContentSecurityPolicy::ReportingStat us) const; | 841 bool allowObjectFromSource(const KURL&, ContentSecurityPolicy::ReportingStat us) const; |
843 bool allowChildFrameFromSource(const KURL&, ContentSecurityPolicy::Reporting Status) const; | 842 bool allowChildFrameFromSource(const KURL&, ContentSecurityPolicy::Reporting Status) const; |
844 bool allowImageFromSource(const KURL&, ContentSecurityPolicy::ReportingStatu s) const; | 843 bool allowImageFromSource(const KURL&, ContentSecurityPolicy::ReportingStatu s) const; |
845 bool allowStyleFromSource(const KURL&, ContentSecurityPolicy::ReportingStatu s) const; | 844 bool allowStyleFromSource(const KURL&, ContentSecurityPolicy::ReportingStatu s) const; |
846 bool allowFontFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus ) const; | 845 bool allowFontFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus ) const; |
847 bool allowMediaFromSource(const KURL&, ContentSecurityPolicy::ReportingStatu s) const; | 846 bool allowMediaFromSource(const KURL&, ContentSecurityPolicy::ReportingStatu s) const; |
848 bool allowConnectToSource(const KURL&, ContentSecurityPolicy::ReportingStatu s) const; | 847 bool allowConnectToSource(const KURL&, ContentSecurityPolicy::ReportingStatu s) const; |
849 bool allowFormAction(const KURL&, ContentSecurityPolicy::ReportingStatus) co nst; | 848 bool allowFormAction(const KURL&, ContentSecurityPolicy::ReportingStatus) co nst; |
850 bool allowBaseURI(const KURL&, ContentSecurityPolicy::ReportingStatus) const ; | 849 bool allowBaseURI(const KURL&, ContentSecurityPolicy::ReportingStatus) const ; |
850 bool allowNonce(const String&) const; | |
851 | 851 |
852 void gatherReportURIs(DOMStringList&) const; | 852 void gatherReportURIs(DOMStringList&) const; |
853 const String& evalDisabledErrorMessage() { return m_evalDisabledErrorMessage ; } | 853 const String& evalDisabledErrorMessage() { return m_evalDisabledErrorMessage ; } |
854 ContentSecurityPolicy::ReflectedXSSDisposition reflectedXSSDisposition() con st { return m_reflectedXSSDisposition; } | 854 ContentSecurityPolicy::ReflectedXSSDisposition reflectedXSSDisposition() con st { return m_reflectedXSSDisposition; } |
855 bool isReportOnly() const { return m_reportOnly; } | 855 bool isReportOnly() const { return m_reportOnly; } |
856 const Vector<KURL>& reportURIs() const { return m_reportURIs; } | 856 const Vector<KURL>& reportURIs() const { return m_reportURIs; } |
857 | 857 |
858 private: | 858 private: |
859 CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicy::HeaderType); | 859 CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicy::HeaderType); |
860 | 860 |
861 void parse(const String&); | 861 void parse(const String&); |
862 | 862 |
863 bool parseDirective(const UChar* begin, const UChar* end, String& name, Stri ng& value); | 863 bool parseDirective(const UChar* begin, const UChar* end, String& name, Stri ng& value); |
864 void parseReportURI(const String& name, const String& value); | 864 void parseReportURI(const String& name, const String& value); |
865 void parseScriptNonce(const String& name, const String& value); | |
866 void parsePluginTypes(const String& name, const String& value); | 865 void parsePluginTypes(const String& name, const String& value); |
867 void parseReflectedXSS(const String& name, const String& value); | 866 void parseReflectedXSS(const String& name, const String& value); |
868 void addDirective(const String& name, const String& value); | 867 void addDirective(const String& name, const String& value); |
869 void applySandboxPolicy(const String& name, const String& sandboxPolicy); | 868 void applySandboxPolicy(const String& name, const String& sandboxPolicy); |
870 | 869 |
871 template <class CSPDirectiveType> | 870 template <class CSPDirectiveType> |
872 void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDire ctiveType>&); | 871 void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDire ctiveType>&); |
873 | 872 |
874 SourceListDirective* operativeDirective(SourceListDirective*) const; | 873 SourceListDirective* operativeDirective(SourceListDirective*) const; |
875 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL = KURL(), const Str ing& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::Ordinal Number::beforeFirst(), ScriptState* = 0) const; | 874 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL = KURL(), const Str ing& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::Ordinal Number::beforeFirst(), ScriptState* = 0) const; |
876 | 875 |
877 bool checkEval(SourceListDirective*) const; | 876 bool checkEval(SourceListDirective*) const; |
878 bool checkInline(SourceListDirective*) const; | 877 bool checkInline(SourceListDirective*) const; |
879 bool checkNonce(NonceDirective*, const String&) const; | 878 bool checkNonce(SourceListDirective*, const String&) const; |
880 bool checkSource(SourceListDirective*, const KURL&) const; | 879 bool checkSource(SourceListDirective*, const KURL&) const; |
881 bool checkMediaType(MediaListDirective*, const String& type, const String& t ypeAttribute) const; | 880 bool checkMediaType(MediaListDirective*, const String& type, const String& t ypeAttribute) const; |
882 | 881 |
883 void setEvalDisabledErrorMessage(const String& errorMessage) { m_evalDisable dErrorMessage = errorMessage; } | 882 void setEvalDisabledErrorMessage(const String& errorMessage) { m_evalDisable dErrorMessage = errorMessage; } |
884 | 883 |
885 bool checkEvalAndReportViolation(SourceListDirective*, const String& console Message, const String& contextURL = String(), const WTF::OrdinalNumber& contextL ine = WTF::OrdinalNumber::beforeFirst(), ScriptState* = 0) const; | 884 bool checkEvalAndReportViolation(SourceListDirective*, const String& console Message, const String& contextURL = String(), const WTF::OrdinalNumber& contextL ine = WTF::OrdinalNumber::beforeFirst(), ScriptState* = 0) const; |
886 bool checkInlineAndReportViolation(SourceListDirective*, const String& conso leMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine, bool isScript) const; | 885 bool checkInlineAndReportViolation(SourceListDirective*, const String& conso leMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine, bool isScript) const; |
887 bool checkNonceAndReportViolation(NonceDirective*, const String& nonce, cons t String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& co ntextLine) const; | |
888 | 886 |
889 bool checkSourceAndReportViolation(SourceListDirective*, const KURL&, const String& effectiveDirective) const; | 887 bool checkSourceAndReportViolation(SourceListDirective*, const KURL&, const String& effectiveDirective) const; |
890 bool checkMediaTypeAndReportViolation(MediaListDirective*, const String& typ e, const String& typeAttribute, const String& consoleMessage) const; | 888 bool checkMediaTypeAndReportViolation(MediaListDirective*, const String& typ e, const String& typeAttribute, const String& consoleMessage) const; |
891 | 889 |
892 bool denyIfEnforcingPolicy() const { return m_reportOnly; } | 890 bool denyIfEnforcingPolicy() const { return m_reportOnly; } |
893 | 891 |
894 ContentSecurityPolicy* m_policy; | 892 ContentSecurityPolicy* m_policy; |
895 | 893 |
896 String m_header; | 894 String m_header; |
897 ContentSecurityPolicy::HeaderType m_headerType; | 895 ContentSecurityPolicy::HeaderType m_headerType; |
898 | 896 |
899 bool m_reportOnly; | 897 bool m_reportOnly; |
900 bool m_haveSandboxPolicy; | 898 bool m_haveSandboxPolicy; |
901 ContentSecurityPolicy::ReflectedXSSDisposition m_reflectedXSSDisposition; | 899 ContentSecurityPolicy::ReflectedXSSDisposition m_reflectedXSSDisposition; |
902 | 900 |
903 OwnPtr<MediaListDirective> m_pluginTypes; | 901 OwnPtr<MediaListDirective> m_pluginTypes; |
904 OwnPtr<NonceDirective> m_scriptNonce; | |
905 OwnPtr<SourceListDirective> m_baseURI; | 902 OwnPtr<SourceListDirective> m_baseURI; |
906 OwnPtr<SourceListDirective> m_connectSrc; | 903 OwnPtr<SourceListDirective> m_connectSrc; |
907 OwnPtr<SourceListDirective> m_defaultSrc; | 904 OwnPtr<SourceListDirective> m_defaultSrc; |
908 OwnPtr<SourceListDirective> m_fontSrc; | 905 OwnPtr<SourceListDirective> m_fontSrc; |
909 OwnPtr<SourceListDirective> m_formAction; | 906 OwnPtr<SourceListDirective> m_formAction; |
910 OwnPtr<SourceListDirective> m_frameSrc; | 907 OwnPtr<SourceListDirective> m_frameSrc; |
911 OwnPtr<SourceListDirective> m_imgSrc; | 908 OwnPtr<SourceListDirective> m_imgSrc; |
912 OwnPtr<SourceListDirective> m_mediaSrc; | 909 OwnPtr<SourceListDirective> m_mediaSrc; |
913 OwnPtr<SourceListDirective> m_objectSrc; | 910 OwnPtr<SourceListDirective> m_objectSrc; |
914 OwnPtr<SourceListDirective> m_scriptSrc; | 911 OwnPtr<SourceListDirective> m_scriptSrc; |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
954 bool CSPDirectiveList::checkEval(SourceListDirective* directive) const | 951 bool CSPDirectiveList::checkEval(SourceListDirective* directive) const |
955 { | 952 { |
956 return !directive || directive->allowEval(); | 953 return !directive || directive->allowEval(); |
957 } | 954 } |
958 | 955 |
959 bool CSPDirectiveList::checkInline(SourceListDirective* directive) const | 956 bool CSPDirectiveList::checkInline(SourceListDirective* directive) const |
960 { | 957 { |
961 return !directive || directive->allowInline(); | 958 return !directive || directive->allowInline(); |
962 } | 959 } |
963 | 960 |
964 bool CSPDirectiveList::checkNonce(NonceDirective* directive, const String& nonce ) const | 961 bool CSPDirectiveList::checkNonce(SourceListDirective* directive, const String& nonce) const |
965 { | 962 { |
966 return !directive || directive->allows(nonce); | 963 return !directive || directive->allowNonce(nonce); |
967 } | 964 } |
968 | 965 |
969 bool CSPDirectiveList::checkSource(SourceListDirective* directive, const KURL& u rl) const | 966 bool CSPDirectiveList::checkSource(SourceListDirective* directive, const KURL& u rl) const |
970 { | 967 { |
971 return !directive || directive->allows(url); | 968 return !directive || directive->allows(url); |
972 } | 969 } |
973 | 970 |
974 bool CSPDirectiveList::checkMediaType(MediaListDirective* directive, const Strin g& type, const String& typeAttribute) const | 971 bool CSPDirectiveList::checkMediaType(MediaListDirective* directive, const Strin g& type, const String& typeAttribute) const |
975 { | 972 { |
976 if (!directive) | 973 if (!directive) |
(...skipping 18 matching lines...) Expand all Loading... | |
995 suffix = " Note that 'script-src' was not explicitly set, so 'default-sr c' is used as a fallback."; | 992 suffix = " Note that 'script-src' was not explicitly set, so 'default-sr c' is used as a fallback."; |
996 | 993 |
997 reportViolation(directive->text(), scriptSrc, consoleMessage + "\"" + direct ive->text() + "\"." + suffix + "\n", KURL(), contextURL, contextLine, state); | 994 reportViolation(directive->text(), scriptSrc, consoleMessage + "\"" + direct ive->text() + "\"." + suffix + "\n", KURL(), contextURL, contextLine, state); |
998 if (!m_reportOnly) { | 995 if (!m_reportOnly) { |
999 m_policy->reportBlockedScriptExecutionToInspector(directive->text()); | 996 m_policy->reportBlockedScriptExecutionToInspector(directive->text()); |
1000 return false; | 997 return false; |
1001 } | 998 } |
1002 return true; | 999 return true; |
1003 } | 1000 } |
1004 | 1001 |
1005 bool CSPDirectiveList::checkNonceAndReportViolation(NonceDirective* directive, c onst String& nonce, const String& consoleMessage, const String& contextURL, cons t WTF::OrdinalNumber& contextLine) const | |
1006 { | |
1007 if (checkNonce(directive, nonce)) | |
1008 return true; | |
1009 reportViolation(directive->text(), scriptNonce, consoleMessage + "\"" + dire ctive->text() + "\".\n", KURL(), contextURL, contextLine); | |
1010 return denyIfEnforcingPolicy(); | |
1011 } | |
1012 | |
1013 bool CSPDirectiveList::checkMediaTypeAndReportViolation(MediaListDirective* dire ctive, const String& type, const String& typeAttribute, const String& consoleMes sage) const | 1002 bool CSPDirectiveList::checkMediaTypeAndReportViolation(MediaListDirective* dire ctive, const String& type, const String& typeAttribute, const String& consoleMes sage) const |
1014 { | 1003 { |
1015 if (checkMediaType(directive, type, typeAttribute)) | 1004 if (checkMediaType(directive, type, typeAttribute)) |
1016 return true; | 1005 return true; |
1017 | 1006 |
1018 String message = makeString(consoleMessage, "\'", directive->text(), "\'."); | 1007 String message = makeString(consoleMessage, "\'", directive->text(), "\'."); |
1019 if (typeAttribute.isEmpty()) | 1008 if (typeAttribute.isEmpty()) |
1020 message = message + " When enforcing the 'plugin-types' directive, the p lugin's media type must be explicitly declared with a 'type' attribute on the co ntaining element (e.g. '<object type=\"[TYPE GOES HERE]\" ...>')."; | 1009 message = message + " When enforcing the 'plugin-types' directive, the p lugin's media type must be explicitly declared with a 'type' attribute on the co ntaining element (e.g. '<object type=\"[TYPE GOES HERE]\" ...>')."; |
1021 | 1010 |
1022 reportViolation(directive->text(), pluginTypes, message + "\n", KURL()); | 1011 reportViolation(directive->text(), pluginTypes, message + "\n", KURL()); |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1074 suffix = " Note that '" + effectiveDirective + "' was not explicitly set , so 'default-src' is used as a fallback."; | 1063 suffix = " Note that '" + effectiveDirective + "' was not explicitly set , so 'default-src' is used as a fallback."; |
1075 | 1064 |
1076 reportViolation(directive->text(), effectiveDirective, prefix + url.elidedSt ring() + "' because it violates the following Content Security Policy directive: \"" + directive->text() + "\"." + suffix + "\n", url); | 1065 reportViolation(directive->text(), effectiveDirective, prefix + url.elidedSt ring() + "' because it violates the following Content Security Policy directive: \"" + directive->text() + "\"." + suffix + "\n", url); |
1077 return denyIfEnforcingPolicy(); | 1066 return denyIfEnforcingPolicy(); |
1078 } | 1067 } |
1079 | 1068 |
1080 bool CSPDirectiveList::allowJavaScriptURLs(const String& contextURL, const WTF:: OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStat us) const | 1069 bool CSPDirectiveList::allowJavaScriptURLs(const String& contextURL, const WTF:: OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStat us) const |
1081 { | 1070 { |
1082 DEFINE_STATIC_LOCAL(String, consoleMessage, (ASCIILiteral("Refused to execut e JavaScript URL because it violates the following Content Security Policy direc tive: "))); | 1071 DEFINE_STATIC_LOCAL(String, consoleMessage, (ASCIILiteral("Refused to execut e JavaScript URL because it violates the following Content Security Policy direc tive: "))); |
1083 if (reportingStatus == ContentSecurityPolicy::SendReport) { | 1072 if (reportingStatus == ContentSecurityPolicy::SendReport) { |
1084 return (checkInlineAndReportViolation(operativeDirective(m_scriptSrc.get ()), consoleMessage, contextURL, contextLine, true) | 1073 return checkInlineAndReportViolation(operativeDirective(m_scriptSrc.get( )), consoleMessage, contextURL, contextLine, true); |
1085 && checkNonceAndReportViolation(m_scriptNonce.get(), String(), c onsoleMessage, contextURL, contextLine)); | |
1086 } else { | 1074 } else { |
1087 return (checkInline(operativeDirective(m_scriptSrc.get())) | 1075 return checkInline(operativeDirective(m_scriptSrc.get())); |
1088 && checkNonce(m_scriptNonce.get(), String())); | |
1089 } | 1076 } |
1090 } | 1077 } |
1091 | 1078 |
1092 bool CSPDirectiveList::allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportin gStatus) const | 1079 bool CSPDirectiveList::allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportin gStatus) const |
1093 { | 1080 { |
1094 DEFINE_STATIC_LOCAL(String, consoleMessage, (ASCIILiteral("Refused to execut e inline event handler because it violates the following Content Security Policy directive: "))); | 1081 DEFINE_STATIC_LOCAL(String, consoleMessage, (ASCIILiteral("Refused to execut e inline event handler because it violates the following Content Security Policy directive: "))); |
1095 if (reportingStatus == ContentSecurityPolicy::SendReport) { | 1082 if (reportingStatus == ContentSecurityPolicy::SendReport) { |
1096 return (checkInlineAndReportViolation(operativeDirective(m_scriptSrc.get ()), consoleMessage, contextURL, contextLine, true) | 1083 return checkInlineAndReportViolation(operativeDirective(m_scriptSrc.get( )), consoleMessage, contextURL, contextLine, true); |
1097 && checkNonceAndReportViolation(m_scriptNonce.get(), String(), c onsoleMessage, contextURL, contextLine)); | |
1098 } else { | 1084 } else { |
1099 return (checkInline(operativeDirective(m_scriptSrc.get())) | 1085 return checkInline(operativeDirective(m_scriptSrc.get())); |
1100 && checkNonce(m_scriptNonce.get(), String())); | |
1101 } | 1086 } |
1102 } | 1087 } |
1103 | 1088 |
1104 bool CSPDirectiveList::allowInlineScript(const String& contextURL, const WTF::Or dinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus ) const | 1089 bool CSPDirectiveList::allowInlineScript(const String& contextURL, const WTF::Or dinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus ) const |
1105 { | 1090 { |
1106 DEFINE_STATIC_LOCAL(String, consoleMessage, (ASCIILiteral("Refused to execut e inline script because it violates the following Content Security Policy direct ive: "))); | 1091 DEFINE_STATIC_LOCAL(String, consoleMessage, (ASCIILiteral("Refused to execut e inline script because it violates the following Content Security Policy direct ive: "))); |
1107 return reportingStatus == ContentSecurityPolicy::SendReport ? | 1092 return reportingStatus == ContentSecurityPolicy::SendReport ? |
1108 checkInlineAndReportViolation(operativeDirective(m_scriptSrc.get()), con soleMessage, contextURL, contextLine, true) : | 1093 checkInlineAndReportViolation(operativeDirective(m_scriptSrc.get()), con soleMessage, contextURL, contextLine, true) : |
1109 checkInline(operativeDirective(m_scriptSrc.get())); | 1094 checkInline(operativeDirective(m_scriptSrc.get())); |
1110 } | 1095 } |
1111 | 1096 |
1112 bool CSPDirectiveList::allowInlineStyle(const String& contextURL, const WTF::Ord inalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const | 1097 bool CSPDirectiveList::allowInlineStyle(const String& contextURL, const WTF::Ord inalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const |
1113 { | 1098 { |
1114 DEFINE_STATIC_LOCAL(String, consoleMessage, (ASCIILiteral("Refused to apply inline style because it violates the following Content Security Policy directive : "))); | 1099 DEFINE_STATIC_LOCAL(String, consoleMessage, (ASCIILiteral("Refused to apply inline style because it violates the following Content Security Policy directive : "))); |
1115 return reportingStatus == ContentSecurityPolicy::SendReport ? | 1100 return reportingStatus == ContentSecurityPolicy::SendReport ? |
1116 checkInlineAndReportViolation(operativeDirective(m_styleSrc.get()), cons oleMessage, contextURL, contextLine, false) : | 1101 checkInlineAndReportViolation(operativeDirective(m_styleSrc.get()), cons oleMessage, contextURL, contextLine, false) : |
1117 checkInline(operativeDirective(m_styleSrc.get())); | 1102 checkInline(operativeDirective(m_styleSrc.get())); |
1118 } | 1103 } |
1119 | 1104 |
1120 bool CSPDirectiveList::allowEval(ScriptState* state, ContentSecurityPolicy::Repo rtingStatus reportingStatus) const | 1105 bool CSPDirectiveList::allowEval(ScriptState* state, ContentSecurityPolicy::Repo rtingStatus reportingStatus) const |
1121 { | 1106 { |
1122 DEFINE_STATIC_LOCAL(String, consoleMessage, (ASCIILiteral("Refused to evalua te script because it violates the following Content Security Policy directive: " ))); | 1107 DEFINE_STATIC_LOCAL(String, consoleMessage, (ASCIILiteral("Refused to evalua te script because it violates the following Content Security Policy directive: " ))); |
1123 return reportingStatus == ContentSecurityPolicy::SendReport ? | 1108 return reportingStatus == ContentSecurityPolicy::SendReport ? |
1124 checkEvalAndReportViolation(operativeDirective(m_scriptSrc.get()), conso leMessage, String(), WTF::OrdinalNumber::beforeFirst(), state) : | 1109 checkEvalAndReportViolation(operativeDirective(m_scriptSrc.get()), conso leMessage, String(), WTF::OrdinalNumber::beforeFirst(), state) : |
1125 checkEval(operativeDirective(m_scriptSrc.get())); | 1110 checkEval(operativeDirective(m_scriptSrc.get())); |
1126 } | 1111 } |
1127 | 1112 |
1128 bool CSPDirectiveList::allowScriptNonce(const String& nonce, const String& conte xtURL, const WTF::OrdinalNumber& contextLine, const KURL& url) const | |
1129 { | |
1130 DEFINE_STATIC_LOCAL(String, consoleMessage, (ASCIILiteral("Refused to execut e script because it violates the following Content Security Policy directive: ") )); | |
1131 if (url.isEmpty()) | |
1132 return checkNonceAndReportViolation(m_scriptNonce.get(), nonce, consoleM essage, contextURL, contextLine); | |
1133 return checkNonceAndReportViolation(m_scriptNonce.get(), nonce, "Refused to load '" + url.elidedString() + "' because it violates the following Content Secu rity Policy directive: ", contextURL, contextLine); | |
1134 } | |
1135 | |
1136 bool CSPDirectiveList::allowPluginType(const String& type, const String& typeAtt ribute, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const | 1113 bool CSPDirectiveList::allowPluginType(const String& type, const String& typeAtt ribute, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const |
1137 { | 1114 { |
1138 return reportingStatus == ContentSecurityPolicy::SendReport ? | 1115 return reportingStatus == ContentSecurityPolicy::SendReport ? |
1139 checkMediaTypeAndReportViolation(m_pluginTypes.get(), type, typeAttribut e, "Refused to load '" + url.elidedString() + "' (MIME type '" + typeAttribute + "') because it violates the following Content Security Policy Directive: ") : | 1116 checkMediaTypeAndReportViolation(m_pluginTypes.get(), type, typeAttribut e, "Refused to load '" + url.elidedString() + "' (MIME type '" + typeAttribute + "') because it violates the following Content Security Policy Directive: ") : |
1140 checkMediaType(m_pluginTypes.get(), type, typeAttribute); | 1117 checkMediaType(m_pluginTypes.get(), type, typeAttribute); |
1141 } | 1118 } |
1142 | 1119 |
1143 bool CSPDirectiveList::allowScriptFromSource(const KURL& url, ContentSecurityPol icy::ReportingStatus reportingStatus) const | 1120 bool CSPDirectiveList::allowScriptFromSource(const KURL& url, ContentSecurityPol icy::ReportingStatus reportingStatus) const |
1144 { | 1121 { |
1145 return reportingStatus == ContentSecurityPolicy::SendReport ? | 1122 return reportingStatus == ContentSecurityPolicy::SendReport ? |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1213 checkSource(m_formAction.get(), url); | 1190 checkSource(m_formAction.get(), url); |
1214 } | 1191 } |
1215 | 1192 |
1216 bool CSPDirectiveList::allowBaseURI(const KURL& url, ContentSecurityPolicy::Repo rtingStatus reportingStatus) const | 1193 bool CSPDirectiveList::allowBaseURI(const KURL& url, ContentSecurityPolicy::Repo rtingStatus reportingStatus) const |
1217 { | 1194 { |
1218 return reportingStatus == ContentSecurityPolicy::SendReport ? | 1195 return reportingStatus == ContentSecurityPolicy::SendReport ? |
1219 checkSourceAndReportViolation(m_baseURI.get(), url, baseURI) : | 1196 checkSourceAndReportViolation(m_baseURI.get(), url, baseURI) : |
1220 checkSource(m_baseURI.get(), url); | 1197 checkSource(m_baseURI.get(), url); |
1221 } | 1198 } |
1222 | 1199 |
1200 bool CSPDirectiveList::allowNonce(const String& nonce) const | |
1201 { | |
1202 return checkNonce(operativeDirective(m_scriptSrc.get()), nonce); | |
1203 } | |
1204 | |
1223 // policy = directive-list | 1205 // policy = directive-list |
1224 // directive-list = [ directive *( ";" [ directive ] ) ] | 1206 // directive-list = [ directive *( ";" [ directive ] ) ] |
1225 // | 1207 // |
1226 void CSPDirectiveList::parse(const String& policy) | 1208 void CSPDirectiveList::parse(const String& policy) |
1227 { | 1209 { |
1228 m_header = policy; | 1210 m_header = policy; |
1229 if (policy.isEmpty()) | 1211 if (policy.isEmpty()) |
1230 return; | 1212 return; |
1231 | 1213 |
1232 const UChar* position = policy.characters(); | 1214 const UChar* position = policy.characters(); |
(...skipping 186 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1419 applySandboxPolicy(name, value); | 1401 applySandboxPolicy(name, value); |
1420 else if (equalIgnoringCase(name, reportURI)) | 1402 else if (equalIgnoringCase(name, reportURI)) |
1421 parseReportURI(name, value); | 1403 parseReportURI(name, value); |
1422 else if (m_policy->experimentalFeaturesEnabled()) { | 1404 else if (m_policy->experimentalFeaturesEnabled()) { |
1423 if (equalIgnoringCase(name, baseURI)) | 1405 if (equalIgnoringCase(name, baseURI)) |
1424 setCSPDirective<SourceListDirective>(name, value, m_baseURI); | 1406 setCSPDirective<SourceListDirective>(name, value, m_baseURI); |
1425 else if (equalIgnoringCase(name, formAction)) | 1407 else if (equalIgnoringCase(name, formAction)) |
1426 setCSPDirective<SourceListDirective>(name, value, m_formAction); | 1408 setCSPDirective<SourceListDirective>(name, value, m_formAction); |
1427 else if (equalIgnoringCase(name, pluginTypes)) | 1409 else if (equalIgnoringCase(name, pluginTypes)) |
1428 setCSPDirective<MediaListDirective>(name, value, m_pluginTypes); | 1410 setCSPDirective<MediaListDirective>(name, value, m_pluginTypes); |
1429 else if (equalIgnoringCase(name, scriptNonce)) | |
1430 setCSPDirective<NonceDirective>(name, value, m_scriptNonce); | |
1431 else if (equalIgnoringCase(name, reflectedXSS)) | 1411 else if (equalIgnoringCase(name, reflectedXSS)) |
1432 parseReflectedXSS(name, value); | 1412 parseReflectedXSS(name, value); |
1433 else | 1413 else |
1434 m_policy->reportUnsupportedDirective(name); | 1414 m_policy->reportUnsupportedDirective(name); |
1435 } | 1415 } |
1436 else | 1416 else |
1437 m_policy->reportUnsupportedDirective(name); | 1417 m_policy->reportUnsupportedDirective(name); |
1438 } | 1418 } |
1439 | 1419 |
1440 ContentSecurityPolicy::ContentSecurityPolicy(ScriptExecutionContext* scriptExecu tionContext) | 1420 ContentSecurityPolicy::ContentSecurityPolicy(ScriptExecutionContext* scriptExecu tionContext) |
(...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1526 template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumb er&, ContentSecurityPolicy::ReportingStatus) const> | 1506 template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumb er&, ContentSecurityPolicy::ReportingStatus) const> |
1527 bool isAllowedByAllWithContext(const CSPDirectiveListVector& policies, const Str ing& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::R eportingStatus reportingStatus) | 1507 bool isAllowedByAllWithContext(const CSPDirectiveListVector& policies, const Str ing& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::R eportingStatus reportingStatus) |
1528 { | 1508 { |
1529 for (size_t i = 0; i < policies.size(); ++i) { | 1509 for (size_t i = 0; i < policies.size(); ++i) { |
1530 if (!(policies[i].get()->*allowed)(contextURL, contextLine, reportingSta tus)) | 1510 if (!(policies[i].get()->*allowed)(contextURL, contextLine, reportingSta tus)) |
1531 return false; | 1511 return false; |
1532 } | 1512 } |
1533 return true; | 1513 return true; |
1534 } | 1514 } |
1535 | 1515 |
1536 template<bool (CSPDirectiveList::*allowed)(const String&, const String&, const W TF::OrdinalNumber&, const KURL&) const> | 1516 template<bool (CSPDirectiveList::*allowed)(const String&) const> |
1537 bool isAllowedByAllWithNonce(const CSPDirectiveListVector& policies, const Strin g& nonce, const String& contextURL, const WTF::OrdinalNumber& contextLine, const KURL& url) | 1517 bool isAllowedByAllWithNonce(const CSPDirectiveListVector& policies, const Strin g& nonce) |
1538 { | 1518 { |
1539 for (size_t i = 0; i < policies.size(); ++i) { | 1519 for (size_t i = 0; i < policies.size(); ++i) { |
1540 if (!(policies[i].get()->*allowed)(nonce, contextURL, contextLine, url)) | 1520 if (!(policies[i].get()->*allowed)(nonce)) |
1541 return false; | 1521 return false; |
1542 } | 1522 } |
1543 return true; | 1523 return true; |
1544 } | 1524 } |
1545 | |
1546 template<bool (CSPDirectiveList::*allowFromURL)(const KURL&, ContentSecurityPoli cy::ReportingStatus) const> | 1525 template<bool (CSPDirectiveList::*allowFromURL)(const KURL&, ContentSecurityPoli cy::ReportingStatus) const> |
1547 bool isAllowedByAllWithURL(const CSPDirectiveListVector& policies, const KURL& u rl, ContentSecurityPolicy::ReportingStatus reportingStatus) | 1526 bool isAllowedByAllWithURL(const CSPDirectiveListVector& policies, const KURL& u rl, ContentSecurityPolicy::ReportingStatus reportingStatus) |
1548 { | 1527 { |
1549 if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol())) | 1528 if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol())) |
1550 return true; | 1529 return true; |
1551 | 1530 |
1552 for (size_t i = 0; i < policies.size(); ++i) { | 1531 for (size_t i = 0; i < policies.size(); ++i) { |
1553 if (!(policies[i].get()->*allowFromURL)(url, reportingStatus)) | 1532 if (!(policies[i].get()->*allowFromURL)(url, reportingStatus)) |
1554 return false; | 1533 return false; |
1555 } | 1534 } |
1556 return true; | 1535 return true; |
1557 } | 1536 } |
1558 | 1537 |
1559 bool ContentSecurityPolicy::allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportin gStatus) const | 1538 bool ContentSecurityPolicy::allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportin gStatus) const |
1560 { | 1539 { |
1561 return isAllowedByAllWithContext<&CSPDirectiveList::allowJavaScriptURLs>(m_p olicies, contextURL, contextLine, reportingStatus); | 1540 return isAllowedByAllWithContext<&CSPDirectiveList::allowJavaScriptURLs>(m_p olicies, contextURL, contextLine, reportingStatus); |
1562 } | 1541 } |
1563 | 1542 |
1564 bool ContentSecurityPolicy::allowInlineEventHandlers(const String& contextURL, c onst WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus rep ortingStatus) const | 1543 bool ContentSecurityPolicy::allowInlineEventHandlers(const String& contextURL, c onst WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus rep ortingStatus) const |
1565 { | 1544 { |
1566 return isAllowedByAllWithContext<&CSPDirectiveList::allowInlineEventHandlers >(m_policies, contextURL, contextLine, reportingStatus); | 1545 return isAllowedByAllWithContext<&CSPDirectiveList::allowInlineEventHandlers >(m_policies, contextURL, contextLine, reportingStatus); |
1567 } | 1546 } |
1568 | 1547 |
1569 bool ContentSecurityPolicy::allowInlineScript(const String& contextURL, const WT F::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingS tatus) const | 1548 bool ContentSecurityPolicy::allowInlineScript(const String& nonce, const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::Repor tingStatus reportingStatus) const |
1570 { | 1549 { |
1571 return isAllowedByAllWithContext<&CSPDirectiveList::allowInlineScript>(m_pol icies, contextURL, contextLine, reportingStatus); | 1550 bool nonceAllowed = isAllowedByAllWithNonce<&CSPDirectiveList::allowNonce>(m _policies, nonce); |
1551 return nonceAllowed || isAllowedByAllWithContext<&CSPDirectiveList::allowInl ineScript>(m_policies, contextURL, contextLine, reportingStatus); | |
1572 } | 1552 } |
1573 | 1553 |
1574 bool ContentSecurityPolicy::allowInlineStyle(const String& contextURL, const WTF ::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingSt atus) const | 1554 bool ContentSecurityPolicy::allowInlineStyle(const String& contextURL, const WTF ::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingSt atus) const |
1575 { | 1555 { |
1576 if (m_overrideInlineStyleAllowed) | 1556 if (m_overrideInlineStyleAllowed) |
1577 return true; | 1557 return true; |
1578 return isAllowedByAllWithContext<&CSPDirectiveList::allowInlineStyle>(m_poli cies, contextURL, contextLine, reportingStatus); | 1558 return isAllowedByAllWithContext<&CSPDirectiveList::allowInlineStyle>(m_poli cies, contextURL, contextLine, reportingStatus); |
1579 } | 1559 } |
1580 | 1560 |
1581 bool ContentSecurityPolicy::allowEval(ScriptState* state, ContentSecurityPolicy: :ReportingStatus reportingStatus) const | 1561 bool ContentSecurityPolicy::allowEval(ScriptState* state, ContentSecurityPolicy: :ReportingStatus reportingStatus) const |
1582 { | 1562 { |
1583 return isAllowedByAllWithState<&CSPDirectiveList::allowEval>(m_policies, sta te, reportingStatus); | 1563 return isAllowedByAllWithState<&CSPDirectiveList::allowEval>(m_policies, sta te, reportingStatus); |
1584 } | 1564 } |
1585 | 1565 |
1586 String ContentSecurityPolicy::evalDisabledErrorMessage() const | 1566 String ContentSecurityPolicy::evalDisabledErrorMessage() const |
1587 { | 1567 { |
1588 for (size_t i = 0; i < m_policies.size(); ++i) { | 1568 for (size_t i = 0; i < m_policies.size(); ++i) { |
1589 if (!m_policies[i]->allowEval(0, SuppressReport)) | 1569 if (!m_policies[i]->allowEval(0, SuppressReport)) |
1590 return m_policies[i]->evalDisabledErrorMessage(); | 1570 return m_policies[i]->evalDisabledErrorMessage(); |
1591 } | 1571 } |
1592 return String(); | 1572 return String(); |
1593 } | 1573 } |
1594 | 1574 |
1595 bool ContentSecurityPolicy::allowScriptNonce(const String& nonce, const String& contextURL, const WTF::OrdinalNumber& contextLine, const KURL& url) const | |
1596 { | |
1597 return isAllowedByAllWithNonce<&CSPDirectiveList::allowScriptNonce>(m_polici es, nonce, contextURL, contextLine, url); | |
1598 } | |
1599 | |
1600 bool ContentSecurityPolicy::allowPluginType(const String& type, const String& ty peAttribute, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingSt atus) const | 1575 bool ContentSecurityPolicy::allowPluginType(const String& type, const String& ty peAttribute, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingSt atus) const |
1601 { | 1576 { |
1602 for (size_t i = 0; i < m_policies.size(); ++i) { | 1577 for (size_t i = 0; i < m_policies.size(); ++i) { |
1603 if (!m_policies[i]->allowPluginType(type, typeAttribute, url, reportingS tatus)) | 1578 if (!m_policies[i]->allowPluginType(type, typeAttribute, url, reportingS tatus)) |
1604 return false; | 1579 return false; |
1605 } | 1580 } |
1606 return true; | 1581 return true; |
1607 } | 1582 } |
1608 | 1583 |
1609 bool ContentSecurityPolicy::allowScriptFromSource(const KURL& url, ContentSecuri tyPolicy::ReportingStatus reportingStatus) const | 1584 bool ContentSecurityPolicy::allowScriptFromSource(const KURL& url, const String& nonce, ContentSecurityPolicy::ReportingStatus reportingStatus) const |
1610 { | 1585 { |
1611 return isAllowedByAllWithURL<&CSPDirectiveList::allowScriptFromSource>(m_pol icies, url, reportingStatus); | 1586 bool nonceAllowed = isAllowedByAllWithNonce<&CSPDirectiveList::allowNonce>(m _policies, nonce); |
1587 return nonceAllowed || isAllowedByAllWithURL<&CSPDirectiveList::allowScriptF romSource>(m_policies, url, reportingStatus); | |
1612 } | 1588 } |
1613 | 1589 |
1614 bool ContentSecurityPolicy::allowObjectFromSource(const KURL& url, ContentSecuri tyPolicy::ReportingStatus reportingStatus) const | 1590 bool ContentSecurityPolicy::allowObjectFromSource(const KURL& url, ContentSecuri tyPolicy::ReportingStatus reportingStatus) const |
1615 { | 1591 { |
1616 return isAllowedByAllWithURL<&CSPDirectiveList::allowObjectFromSource>(m_pol icies, url, reportingStatus); | 1592 return isAllowedByAllWithURL<&CSPDirectiveList::allowObjectFromSource>(m_pol icies, url, reportingStatus); |
1617 } | 1593 } |
1618 | 1594 |
1619 bool ContentSecurityPolicy::allowChildFrameFromSource(const KURL& url, ContentSe curityPolicy::ReportingStatus reportingStatus) const | 1595 bool ContentSecurityPolicy::allowChildFrameFromSource(const KURL& url, ContentSe curityPolicy::ReportingStatus reportingStatus) const |
1620 { | 1596 { |
1621 return isAllowedByAllWithURL<&CSPDirectiveList::allowChildFrameFromSource>(m _policies, url, reportingStatus); | 1597 return isAllowedByAllWithURL<&CSPDirectiveList::allowChildFrameFromSource>(m _policies, url, reportingStatus); |
(...skipping 262 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1884 { | 1860 { |
1885 InspectorInstrumentation::scriptExecutionBlockedByCSP(m_scriptExecutionConte xt, directiveText); | 1861 InspectorInstrumentation::scriptExecutionBlockedByCSP(m_scriptExecutionConte xt, directiveText); |
1886 } | 1862 } |
1887 | 1863 |
1888 bool ContentSecurityPolicy::experimentalFeaturesEnabled() const | 1864 bool ContentSecurityPolicy::experimentalFeaturesEnabled() const |
1889 { | 1865 { |
1890 return RuntimeEnabledFeatures::experimentalContentSecurityPolicyFeaturesEnab led(); | 1866 return RuntimeEnabledFeatures::experimentalContentSecurityPolicyFeaturesEnab led(); |
1891 } | 1867 } |
1892 | 1868 |
1893 } | 1869 } |
OLD | NEW |