OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 2 * Copyright (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
3 * Copyright (C) 2006, 2007, 2008, 2009 Apple Inc. All rights reserved. | 3 * Copyright (C) 2006, 2007, 2008, 2009 Apple Inc. All rights reserved. |
4 * Copyright (C) 2009 Torch Mobile Inc. http://www.torchmobile.com/ | 4 * Copyright (C) 2009 Torch Mobile Inc. http://www.torchmobile.com/ |
5 * Copyright (C) 2009 Google Inc. All rights reserved. | 5 * Copyright (C) 2009 Google Inc. All rights reserved. |
6 * Copyright (C) 2011 Apple Inc. All Rights Reserved. | 6 * Copyright (C) 2011 Apple Inc. All Rights Reserved. |
7 * | 7 * |
8 * Redistribution and use in source and binary forms, with or without | 8 * Redistribution and use in source and binary forms, with or without |
9 * modification, are permitted provided that the following conditions | 9 * modification, are permitted provided that the following conditions |
10 * are met: | 10 * are met: |
(...skipping 490 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
501 } | 501 } |
502 } | 502 } |
503 | 503 |
504 ContentTypeOptionsDisposition parseContentTypeOptionsHeader(const String& header
) | 504 ContentTypeOptionsDisposition parseContentTypeOptionsHeader(const String& header
) |
505 { | 505 { |
506 if (header.stripWhiteSpace().lower() == "nosniff") | 506 if (header.stripWhiteSpace().lower() == "nosniff") |
507 return ContentTypeOptionsNosniff; | 507 return ContentTypeOptionsNosniff; |
508 return ContentTypeOptionsNone; | 508 return ContentTypeOptionsNone; |
509 } | 509 } |
510 | 510 |
511 XFrameOptionsDisposition parseXFrameOptionsHeader(const String& header) | |
512 { | |
513 XFrameOptionsDisposition result = XFrameOptionsInvalid; | |
514 | |
515 if (header.isEmpty()) | |
516 return result; | |
517 | |
518 Vector<String> headers; | |
519 header.split(',', headers); | |
520 | |
521 bool hasValue = false; | |
522 for (size_t i = 0; i < headers.size(); i++) { | |
523 String currentHeader = headers[i].stripWhiteSpace(); | |
524 XFrameOptionsDisposition currentValue = XFrameOptionsInvalid; | |
525 if (equalIgnoringCase(currentHeader, "deny")) | |
526 currentValue = XFrameOptionsDeny; | |
527 else if (equalIgnoringCase(currentHeader, "sameorigin")) | |
528 currentValue = XFrameOptionsSameOrigin; | |
529 else if (equalIgnoringCase(currentHeader, "allowall")) | |
530 currentValue = XFrameOptionsAllowAll; | |
531 | |
532 if (!hasValue) | |
533 result = currentValue; | |
534 else if (result != currentValue) | |
535 return XFrameOptionsConflict; | |
536 hasValue = true; | |
537 } | |
538 return result; | |
539 } | |
540 | |
541 static bool isCacheHeaderSeparator(UChar c) | 511 static bool isCacheHeaderSeparator(UChar c) |
542 { | 512 { |
543 // See RFC 2616, Section 2.2 | 513 // See RFC 2616, Section 2.2 |
544 switch (c) { | 514 switch (c) { |
545 case '(': | 515 case '(': |
546 case ')': | 516 case ')': |
547 case '<': | 517 case '<': |
548 case '>': | 518 case '>': |
549 case '@': | 519 case '@': |
550 case ',': | 520 case ',': |
(...skipping 198 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
749 return false; | 719 return false; |
750 } | 720 } |
751 | 721 |
752 position++; | 722 position++; |
753 } | 723 } |
754 | 724 |
755 return true; | 725 return true; |
756 } | 726 } |
757 | 727 |
758 } // namespace blink | 728 } // namespace blink |
OLD | NEW |