Index: content/browser/frame_host/ancestor_throttle.h |
diff --git a/content/browser/frame_host/ancestor_throttle.h b/content/browser/frame_host/ancestor_throttle.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..9228307709ca1c5bf757b295b4a1a755abda52fd |
--- /dev/null |
+++ b/content/browser/frame_host/ancestor_throttle.h |
@@ -0,0 +1,61 @@ |
+// Copyright 2016 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef CHROME_BROWSER_SECURITY_ANCESTOR_THROTTLE_H_ |
+#define CHROME_BROWSER_SECURITY_ANCESTOR_THROTTLE_H_ |
+ |
+#include "base/gtest_prod_util.h" |
+#include "base/memory/scoped_ptr.h" |
+#include "content/public/browser/navigation_throttle.h" |
+ |
+namespace content { |
+class NavigationHandle; |
+} |
+ |
+namespace net { |
+class HttpResponseHeaders; |
+} |
+ |
+namespace content { |
+ |
+// An AncestorThrottle is responsible for enforcing a resource's embedding |
+// rules, and blocking requests which violate them. |
+class CONTENT_EXPORT AncestorThrottle : public NavigationThrottle { |
+ public: |
+ enum HeaderDisposition { |
+ NONE, |
+ DENY, |
+ SAMEORIGIN, |
+ ALLOWALL, |
+ INVALID, |
+ CONFLICT |
+ }; |
+ |
+ static scoped_ptr<NavigationThrottle> MaybeCreateThrottleFor( |
+ NavigationHandle* handle); |
+ |
+ explicit AncestorThrottle(NavigationHandle* handle); |
+ ~AncestorThrottle() override; |
+ |
+ NavigationThrottle::ThrottleCheckResult WillProcessResponse() override; |
+ |
+ private: |
+ FRIEND_TEST_ALL_PREFIXES(AncestorThrottleTest, Parsing); |
+ FRIEND_TEST_ALL_PREFIXES(AncestorThrottleTest, ParseErrors); |
+ |
+ void ParseError(const std::string& value, HeaderDisposition disposition); |
+ void ConsoleError(HeaderDisposition disposition); |
+ |
+ // Parses an 'X-Frame-Options' header. If the result is either CONFLICT |
+ // or INVALID, |failed_parse| will be populated with the value which caused |
+ // the parse error. |
+ HeaderDisposition ParseHeader(const net::HttpResponseHeaders* headers, |
+ std::string* failed_parse); |
nasko
2016/02/12 23:21:40
nit: failed_parsing?
Mike West
2016/04/12 20:13:30
Renamed to match implementation.
|
+ |
+ DISALLOW_COPY_AND_ASSIGN(AncestorThrottle); |
+}; |
+ |
+} // namespace content |
+ |
+#endif // CHROME_BROWSER_SECURITY_Ancestor_THROTTLE_H_ |