Index: content/browser/frame_host/ancestor_throttle.h |
diff --git a/content/browser/frame_host/ancestor_throttle.h b/content/browser/frame_host/ancestor_throttle.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..efd8e86d15e22a7e9e5b39355d56b198b231d317 |
--- /dev/null |
+++ b/content/browser/frame_host/ancestor_throttle.h |
@@ -0,0 +1,63 @@ |
+// Copyright 2016 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef CHROME_BROWSER_SECURITY_ANCESTOR_THROTTLE_H_ |
nasko
2016/04/12 22:21:19
Mismatched include guard and file path/name.
Mike West
2016/04/13 13:28:08
Done, thanks!
nasko
2016/04/29 18:56:02
Hmm, I must be getting really old. I don't see thi
Mike West
2016/05/02 09:37:51
Yeah. Sorry. I'm old too and forgot. :/
|
+#define CHROME_BROWSER_SECURITY_ANCESTOR_THROTTLE_H_ |
+ |
+#include <memory> |
+ |
+#include "base/gtest_prod_util.h" |
+#include "base/macros.h" |
+#include "content/public/browser/navigation_throttle.h" |
+ |
+namespace content { |
+class NavigationHandle; |
+} |
+ |
+namespace net { |
+class HttpResponseHeaders; |
+} |
+ |
+namespace content { |
+ |
+// An AncestorThrottle is responsible for enforcing a resource's embedding |
+// rules, and blocking requests which violate them. |
+class CONTENT_EXPORT AncestorThrottle : public NavigationThrottle { |
+ public: |
+ enum HeaderDisposition { |
+ NONE, |
+ DENY, |
+ SAMEORIGIN, |
+ ALLOWALL, |
+ INVALID, |
+ CONFLICT |
+ }; |
+ |
+ static std::unique_ptr<NavigationThrottle> MaybeCreateThrottleFor( |
+ NavigationHandle* handle); |
+ |
+ explicit AncestorThrottle(NavigationHandle* handle); |
+ ~AncestorThrottle() override; |
+ |
+ NavigationThrottle::ThrottleCheckResult WillProcessResponse() override; |
+ |
+ private: |
+ FRIEND_TEST_ALL_PREFIXES(AncestorThrottleTest, Parsing); |
+ FRIEND_TEST_ALL_PREFIXES(AncestorThrottleTest, ParseErrors); |
+ |
+ void ParseError(const std::string& value, HeaderDisposition disposition); |
+ void ConsoleError(HeaderDisposition disposition); |
+ |
+ // Parses an 'X-Frame-Options' header. If the result is either CONFLICT |
+ // or INVALID, |header_value| will be populated with the value which caused |
+ // the parse error. |
+ HeaderDisposition ParseHeader(const net::HttpResponseHeaders* headers, |
+ std::string* header_value); |
+ |
+ DISALLOW_COPY_AND_ASSIGN(AncestorThrottle); |
+}; |
+ |
+} // namespace content |
+ |
+#endif // CHROME_BROWSER_SECURITY_Ancestor_THROTTLE_H_ |