OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 445 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
456 if (m_overrideInlineStyleAllowed) | 456 if (m_overrideInlineStyleAllowed) |
457 return true; | 457 return true; |
458 return isAllowedByAllWithContextAndContent<&CSPDirectiveList::allowInlineSty
le>(m_policies, contextURL, contextLine, reportingStatus, styleContent); | 458 return isAllowedByAllWithContextAndContent<&CSPDirectiveList::allowInlineSty
le>(m_policies, contextURL, contextLine, reportingStatus, styleContent); |
459 } | 459 } |
460 | 460 |
461 bool ContentSecurityPolicy::allowEval(ScriptState* scriptState, ContentSecurityP
olicy::ReportingStatus reportingStatus, ContentSecurityPolicy::ExceptionStatus e
xceptionStatus) const | 461 bool ContentSecurityPolicy::allowEval(ScriptState* scriptState, ContentSecurityP
olicy::ReportingStatus reportingStatus, ContentSecurityPolicy::ExceptionStatus e
xceptionStatus) const |
462 { | 462 { |
463 return isAllowedByAllWithStateAndExceptionStatus<&CSPDirectiveList::allowEva
l>(m_policies, scriptState, reportingStatus, exceptionStatus); | 463 return isAllowedByAllWithStateAndExceptionStatus<&CSPDirectiveList::allowEva
l>(m_policies, scriptState, reportingStatus, exceptionStatus); |
464 } | 464 } |
465 | 465 |
| 466 bool ContentSecurityPolicy::allowDynamic() const |
| 467 { |
| 468 if (!experimentalFeaturesEnabled()) |
| 469 return false; |
| 470 for (const auto& policy : m_policies) { |
| 471 if (!policy->allowDynamic()) |
| 472 return false; |
| 473 } |
| 474 return true; |
| 475 } |
| 476 |
466 String ContentSecurityPolicy::evalDisabledErrorMessage() const | 477 String ContentSecurityPolicy::evalDisabledErrorMessage() const |
467 { | 478 { |
468 for (const auto& policy : m_policies) { | 479 for (const auto& policy : m_policies) { |
469 if (!policy->allowEval(0, SuppressReport)) | 480 if (!policy->allowEval(0, SuppressReport)) |
470 return policy->evalDisabledErrorMessage(); | 481 return policy->evalDisabledErrorMessage(); |
471 } | 482 } |
472 return String(); | 483 return String(); |
473 } | 484 } |
474 | 485 |
475 bool ContentSecurityPolicy::allowPluginType(const String& type, const String& ty
peAttribute, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingSt
atus) const | 486 bool ContentSecurityPolicy::allowPluginType(const String& type, const String& ty
peAttribute, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingSt
atus) const |
(...skipping 551 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1027 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. | 1038 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. |
1028 return !m_violationReportsSent.contains(report.impl()->hash()); | 1039 return !m_violationReportsSent.contains(report.impl()->hash()); |
1029 } | 1040 } |
1030 | 1041 |
1031 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 1042 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
1032 { | 1043 { |
1033 m_violationReportsSent.add(report.impl()->hash()); | 1044 m_violationReportsSent.add(report.impl()->hash()); |
1034 } | 1045 } |
1035 | 1046 |
1036 } // namespace blink | 1047 } // namespace blink |
OLD | NEW |