OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CSPDirectiveList_h | 5 #ifndef CSPDirectiveList_h |
6 #define CSPDirectiveList_h | 6 #define CSPDirectiveList_h |
7 | 7 |
8 #include "core/fetch/Resource.h" | 8 #include "core/fetch/Resource.h" |
9 #include "core/frame/csp/ContentSecurityPolicy.h" | 9 #include "core/frame/csp/ContentSecurityPolicy.h" |
10 #include "core/frame/csp/MediaListDirective.h" | 10 #include "core/frame/csp/MediaListDirective.h" |
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
88 void parseReportURI(const String& name, const String& value); | 88 void parseReportURI(const String& name, const String& value); |
89 void parsePluginTypes(const String& name, const String& value); | 89 void parsePluginTypes(const String& name, const String& value); |
90 void parseReflectedXSS(const String& name, const String& value); | 90 void parseReflectedXSS(const String& name, const String& value); |
91 void parseReferrer(const String& name, const String& value); | 91 void parseReferrer(const String& name, const String& value); |
92 String parseSuboriginName(const String& policy); | 92 String parseSuboriginName(const String& policy); |
93 void addDirective(const String& name, const String& value); | 93 void addDirective(const String& name, const String& value); |
94 void applySandboxPolicy(const String& name, const String& sandboxPolicy); | 94 void applySandboxPolicy(const String& name, const String& sandboxPolicy); |
95 void applySuboriginPolicy(const String& name, const String& suboriginPolicy)
; | 95 void applySuboriginPolicy(const String& name, const String& suboriginPolicy)
; |
96 void enforceStrictMixedContentChecking(const String& name, const String& val
ue); | 96 void enforceStrictMixedContentChecking(const String& name, const String& val
ue); |
97 void enableInsecureRequestsUpgrade(const String& name, const String& value); | 97 void enableInsecureRequestsUpgrade(const String& name, const String& value); |
| 98 void treatAsPublicAddress(const String& name, const String& value); |
98 | 99 |
99 template <class CSPDirectiveType> | 100 template <class CSPDirectiveType> |
100 void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDire
ctiveType>&); | 101 void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDire
ctiveType>&); |
101 | 102 |
102 SourceListDirective* operativeDirective(SourceListDirective*) const; | 103 SourceListDirective* operativeDirective(SourceListDirective*) const; |
103 SourceListDirective* operativeDirective(SourceListDirective*, SourceListDire
ctive* override) const; | 104 SourceListDirective* operativeDirective(SourceListDirective*, SourceListDire
ctive* override) const; |
104 void reportViolation(const String& directiveText, const String& effectiveDir
ective, const String& consoleMessage, const KURL& blockedURL) const; | 105 void reportViolation(const String& directiveText, const String& effectiveDir
ective, const String& consoleMessage, const KURL& blockedURL) const; |
105 void reportViolationWithFrame(const String& directiveText, const String& eff
ectiveDirective, const String& consoleMessage, const KURL& blockedURL, LocalFram
e*) const; | 106 void reportViolationWithFrame(const String& directiveText, const String& eff
ectiveDirective, const String& consoleMessage, const KURL& blockedURL, LocalFram
e*) const; |
106 void reportViolationWithLocation(const String& directiveText, const String&
effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const
String& contextURL, const WTF::OrdinalNumber& contextLine) const; | 107 void reportViolationWithLocation(const String& directiveText, const String&
effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const
String& contextURL, const WTF::OrdinalNumber& contextLine) const; |
107 void reportViolationWithState(const String& directiveText, const String& eff
ectiveDirective, const String& message, const KURL& blockedURL, ScriptState*, co
nst ContentSecurityPolicy::ExceptionStatus) const; | 108 void reportViolationWithState(const String& directiveText, const String& eff
ectiveDirective, const String& message, const KURL& blockedURL, ScriptState*, co
nst ContentSecurityPolicy::ExceptionStatus) const; |
(...skipping 29 matching lines...) Expand all Loading... |
137 bool m_hasSandboxPolicy; | 138 bool m_hasSandboxPolicy; |
138 bool m_hasSuboriginPolicy; | 139 bool m_hasSuboriginPolicy; |
139 ReflectedXSSDisposition m_reflectedXSSDisposition; | 140 ReflectedXSSDisposition m_reflectedXSSDisposition; |
140 | 141 |
141 bool m_didSetReferrerPolicy; | 142 bool m_didSetReferrerPolicy; |
142 ReferrerPolicy m_referrerPolicy; | 143 ReferrerPolicy m_referrerPolicy; |
143 | 144 |
144 bool m_strictMixedContentCheckingEnforced; | 145 bool m_strictMixedContentCheckingEnforced; |
145 | 146 |
146 bool m_upgradeInsecureRequests; | 147 bool m_upgradeInsecureRequests; |
| 148 bool m_treatAsPublicAddress; |
147 | 149 |
148 OwnPtr<MediaListDirective> m_pluginTypes; | 150 OwnPtr<MediaListDirective> m_pluginTypes; |
149 OwnPtr<SourceListDirective> m_baseURI; | 151 OwnPtr<SourceListDirective> m_baseURI; |
150 OwnPtr<SourceListDirective> m_childSrc; | 152 OwnPtr<SourceListDirective> m_childSrc; |
151 OwnPtr<SourceListDirective> m_connectSrc; | 153 OwnPtr<SourceListDirective> m_connectSrc; |
152 OwnPtr<SourceListDirective> m_defaultSrc; | 154 OwnPtr<SourceListDirective> m_defaultSrc; |
153 OwnPtr<SourceListDirective> m_fontSrc; | 155 OwnPtr<SourceListDirective> m_fontSrc; |
154 OwnPtr<SourceListDirective> m_formAction; | 156 OwnPtr<SourceListDirective> m_formAction; |
155 OwnPtr<SourceListDirective> m_frameAncestors; | 157 OwnPtr<SourceListDirective> m_frameAncestors; |
156 OwnPtr<SourceListDirective> m_frameSrc; | 158 OwnPtr<SourceListDirective> m_frameSrc; |
157 OwnPtr<SourceListDirective> m_imgSrc; | 159 OwnPtr<SourceListDirective> m_imgSrc; |
158 OwnPtr<SourceListDirective> m_mediaSrc; | 160 OwnPtr<SourceListDirective> m_mediaSrc; |
159 OwnPtr<SourceListDirective> m_manifestSrc; | 161 OwnPtr<SourceListDirective> m_manifestSrc; |
160 OwnPtr<SourceListDirective> m_objectSrc; | 162 OwnPtr<SourceListDirective> m_objectSrc; |
161 OwnPtr<SourceListDirective> m_scriptSrc; | 163 OwnPtr<SourceListDirective> m_scriptSrc; |
162 OwnPtr<SourceListDirective> m_styleSrc; | 164 OwnPtr<SourceListDirective> m_styleSrc; |
163 | 165 |
164 Vector<String> m_reportEndpoints; | 166 Vector<String> m_reportEndpoints; |
165 | 167 |
166 String m_evalDisabledErrorMessage; | 168 String m_evalDisabledErrorMessage; |
167 }; | 169 }; |
168 | 170 |
169 } // namespace blink | 171 } // namespace blink |
170 | 172 |
171 #endif | 173 #endif |
OLD | NEW |