OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
93 // https://w3c.github.io/webappsec/specs/mixedcontent/#strict-mode | 93 // https://w3c.github.io/webappsec/specs/mixedcontent/#strict-mode |
94 const char ContentSecurityPolicy::BlockAllMixedContent[] = "block-all-mixed-cont
ent"; | 94 const char ContentSecurityPolicy::BlockAllMixedContent[] = "block-all-mixed-cont
ent"; |
95 | 95 |
96 // https://w3c.github.io/webappsec/specs/upgrade/ | 96 // https://w3c.github.io/webappsec/specs/upgrade/ |
97 const char ContentSecurityPolicy::UpgradeInsecureRequests[] = "upgrade-insecure-
requests"; | 97 const char ContentSecurityPolicy::UpgradeInsecureRequests[] = "upgrade-insecure-
requests"; |
98 | 98 |
99 // Suborigin Directive | 99 // Suborigin Directive |
100 // https://metromoxie.github.io/webappsec/specs/suborigins/index.html | 100 // https://metromoxie.github.io/webappsec/specs/suborigins/index.html |
101 const char ContentSecurityPolicy::Suborigin[] = "suborigin"; | 101 const char ContentSecurityPolicy::Suborigin[] = "suborigin"; |
102 | 102 |
| 103 // https://mikewest.github.io/cors-rfc1918/#csp |
| 104 const char ContentSecurityPolicy::TreatAsPublicAddress[] = "treat-as-public-addr
ess"; |
| 105 |
103 bool ContentSecurityPolicy::isDirectiveName(const String& name) | 106 bool ContentSecurityPolicy::isDirectiveName(const String& name) |
104 { | 107 { |
105 return (equalIgnoringCase(name, ConnectSrc) | 108 return (equalIgnoringCase(name, ConnectSrc) |
106 || equalIgnoringCase(name, DefaultSrc) | 109 || equalIgnoringCase(name, DefaultSrc) |
107 || equalIgnoringCase(name, FontSrc) | 110 || equalIgnoringCase(name, FontSrc) |
108 || equalIgnoringCase(name, FrameSrc) | 111 || equalIgnoringCase(name, FrameSrc) |
109 || equalIgnoringCase(name, ImgSrc) | 112 || equalIgnoringCase(name, ImgSrc) |
110 || equalIgnoringCase(name, MediaSrc) | 113 || equalIgnoringCase(name, MediaSrc) |
111 || equalIgnoringCase(name, ObjectSrc) | 114 || equalIgnoringCase(name, ObjectSrc) |
112 || equalIgnoringCase(name, ReportURI) | 115 || equalIgnoringCase(name, ReportURI) |
113 || equalIgnoringCase(name, Sandbox) | 116 || equalIgnoringCase(name, Sandbox) |
114 || equalIgnoringCase(name, Suborigin) | 117 || equalIgnoringCase(name, Suborigin) |
115 || equalIgnoringCase(name, ScriptSrc) | 118 || equalIgnoringCase(name, ScriptSrc) |
116 || equalIgnoringCase(name, StyleSrc) | 119 || equalIgnoringCase(name, StyleSrc) |
117 || equalIgnoringCase(name, BaseURI) | 120 || equalIgnoringCase(name, BaseURI) |
118 || equalIgnoringCase(name, ChildSrc) | 121 || equalIgnoringCase(name, ChildSrc) |
119 || equalIgnoringCase(name, FormAction) | 122 || equalIgnoringCase(name, FormAction) |
120 || equalIgnoringCase(name, FrameAncestors) | 123 || equalIgnoringCase(name, FrameAncestors) |
121 || equalIgnoringCase(name, PluginTypes) | 124 || equalIgnoringCase(name, PluginTypes) |
122 || equalIgnoringCase(name, ReflectedXSS) | 125 || equalIgnoringCase(name, ReflectedXSS) |
123 || equalIgnoringCase(name, Referrer) | 126 || equalIgnoringCase(name, Referrer) |
124 || equalIgnoringCase(name, ManifestSrc) | 127 || equalIgnoringCase(name, ManifestSrc) |
125 || equalIgnoringCase(name, BlockAllMixedContent) | 128 || equalIgnoringCase(name, BlockAllMixedContent) |
126 || equalIgnoringCase(name, UpgradeInsecureRequests)); | 129 || equalIgnoringCase(name, UpgradeInsecureRequests) |
| 130 || equalIgnoringCase(name, TreatAsPublicAddress)); |
127 } | 131 } |
128 | 132 |
129 static UseCounter::Feature getUseCounterType(ContentSecurityPolicyHeaderType typ
e) | 133 static UseCounter::Feature getUseCounterType(ContentSecurityPolicyHeaderType typ
e) |
130 { | 134 { |
131 switch (type) { | 135 switch (type) { |
132 case ContentSecurityPolicyHeaderTypeEnforce: | 136 case ContentSecurityPolicyHeaderTypeEnforce: |
133 return UseCounter::ContentSecurityPolicy; | 137 return UseCounter::ContentSecurityPolicy; |
134 case ContentSecurityPolicyHeaderTypeReport: | 138 case ContentSecurityPolicyHeaderTypeReport: |
135 return UseCounter::ContentSecurityPolicyReportOnly; | 139 return UseCounter::ContentSecurityPolicyReportOnly; |
136 } | 140 } |
137 ASSERT_NOT_REACHED(); | 141 ASSERT_NOT_REACHED(); |
138 return UseCounter::NumberOfFeatures; | 142 return UseCounter::NumberOfFeatures; |
139 } | 143 } |
140 | 144 |
141 ContentSecurityPolicy::ContentSecurityPolicy() | 145 ContentSecurityPolicy::ContentSecurityPolicy() |
142 : m_executionContext(nullptr) | 146 : m_executionContext(nullptr) |
143 , m_overrideInlineStyleAllowed(false) | 147 , m_overrideInlineStyleAllowed(false) |
144 , m_scriptHashAlgorithmsUsed(ContentSecurityPolicyHashAlgorithmNone) | 148 , m_scriptHashAlgorithmsUsed(ContentSecurityPolicyHashAlgorithmNone) |
145 , m_styleHashAlgorithmsUsed(ContentSecurityPolicyHashAlgorithmNone) | 149 , m_styleHashAlgorithmsUsed(ContentSecurityPolicyHashAlgorithmNone) |
146 , m_sandboxMask(0) | 150 , m_sandboxMask(0) |
147 , m_suboriginName(String()) | 151 , m_suboriginName(String()) |
148 , m_enforceStrictMixedContentChecking(false) | 152 , m_enforceStrictMixedContentChecking(false) |
149 , m_referrerPolicy(ReferrerPolicyDefault) | 153 , m_referrerPolicy(ReferrerPolicyDefault) |
| 154 , m_treatAsPublicAddress(false) |
150 , m_insecureRequestsPolicy(SecurityContext::InsecureRequestsDoNotUpgrade) | 155 , m_insecureRequestsPolicy(SecurityContext::InsecureRequestsDoNotUpgrade) |
151 { | 156 { |
152 } | 157 } |
153 | 158 |
154 void ContentSecurityPolicy::bindToExecutionContext(ExecutionContext* executionCo
ntext) | 159 void ContentSecurityPolicy::bindToExecutionContext(ExecutionContext* executionCo
ntext) |
155 { | 160 { |
156 m_executionContext = executionContext; | 161 m_executionContext = executionContext; |
157 applyPolicySideEffectsToExecutionContext(); | 162 applyPolicySideEffectsToExecutionContext(); |
158 } | 163 } |
159 | 164 |
(...skipping 10 matching lines...) Expand all Loading... |
170 | 175 |
171 // If we're in a Document, set mixed content checking and sandbox | 176 // If we're in a Document, set mixed content checking and sandbox |
172 // flags, then dump all the parsing error messages, then poke at histograms. | 177 // flags, then dump all the parsing error messages, then poke at histograms. |
173 if (Document* document = this->document()) { | 178 if (Document* document = this->document()) { |
174 if (m_sandboxMask != SandboxNone) { | 179 if (m_sandboxMask != SandboxNone) { |
175 UseCounter::count(document, UseCounter::SandboxViaCSP); | 180 UseCounter::count(document, UseCounter::SandboxViaCSP); |
176 document->enforceSandboxFlags(m_sandboxMask); | 181 document->enforceSandboxFlags(m_sandboxMask); |
177 } | 182 } |
178 if (m_enforceStrictMixedContentChecking) | 183 if (m_enforceStrictMixedContentChecking) |
179 document->enforceStrictMixedContentChecking(); | 184 document->enforceStrictMixedContentChecking(); |
| 185 if (m_treatAsPublicAddress) |
| 186 document->setHostedInReservedIPRange(false); |
180 if (RuntimeEnabledFeatures::suboriginsEnabled()) { | 187 if (RuntimeEnabledFeatures::suboriginsEnabled()) { |
181 document->enforceSuborigin(m_suboriginName); | 188 document->enforceSuborigin(m_suboriginName); |
182 } | 189 } |
183 if (m_insecureRequestsPolicy == SecurityContext::InsecureRequestsUpgrade
) { | 190 if (m_insecureRequestsPolicy == SecurityContext::InsecureRequestsUpgrade
) { |
184 UseCounter::count(document, UseCounter::UpgradeInsecureRequestsEnabl
ed); | 191 UseCounter::count(document, UseCounter::UpgradeInsecureRequestsEnabl
ed); |
185 document->setInsecureRequestsPolicy(m_insecureRequestsPolicy); | 192 document->setInsecureRequestsPolicy(m_insecureRequestsPolicy); |
186 if (!securityOrigin()->host().isNull()) | 193 if (!securityOrigin()->host().isNull()) |
187 document->addInsecureNavigationUpgrade(securityOrigin()->host().
impl()->hash()); | 194 document->addInsecureNavigationUpgrade(securityOrigin()->host().
impl()->hash()); |
188 } | 195 } |
189 | 196 |
(...skipping 532 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
722 void ContentSecurityPolicy::enforceSandboxFlags(SandboxFlags mask) | 729 void ContentSecurityPolicy::enforceSandboxFlags(SandboxFlags mask) |
723 { | 730 { |
724 m_sandboxMask |= mask; | 731 m_sandboxMask |= mask; |
725 } | 732 } |
726 | 733 |
727 void ContentSecurityPolicy::enforceStrictMixedContentChecking() | 734 void ContentSecurityPolicy::enforceStrictMixedContentChecking() |
728 { | 735 { |
729 m_enforceStrictMixedContentChecking = true; | 736 m_enforceStrictMixedContentChecking = true; |
730 } | 737 } |
731 | 738 |
| 739 void ContentSecurityPolicy::treatAsPublicAddress() |
| 740 { |
| 741 if (!RuntimeEnabledFeatures::corsRFC1918Enabled()) |
| 742 return; |
| 743 m_treatAsPublicAddress = true; |
| 744 } |
| 745 |
732 void ContentSecurityPolicy::setInsecureRequestsPolicy(SecurityContext::InsecureR
equestsPolicy policy) | 746 void ContentSecurityPolicy::setInsecureRequestsPolicy(SecurityContext::InsecureR
equestsPolicy policy) |
733 { | 747 { |
734 if (policy > m_insecureRequestsPolicy) | 748 if (policy > m_insecureRequestsPolicy) |
735 m_insecureRequestsPolicy = policy; | 749 m_insecureRequestsPolicy = policy; |
736 } | 750 } |
737 | 751 |
738 void ContentSecurityPolicy::enforceSuborigin(const String& name) | 752 void ContentSecurityPolicy::enforceSuborigin(const String& name) |
739 { | 753 { |
740 m_suboriginName = name; | 754 m_suboriginName = name; |
741 } | 755 } |
(...skipping 347 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1089 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. | 1103 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. |
1090 return !m_violationReportsSent.contains(report.impl()->hash()); | 1104 return !m_violationReportsSent.contains(report.impl()->hash()); |
1091 } | 1105 } |
1092 | 1106 |
1093 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 1107 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
1094 { | 1108 { |
1095 m_violationReportsSent.add(report.impl()->hash()); | 1109 m_violationReportsSent.add(report.impl()->hash()); |
1096 } | 1110 } |
1097 | 1111 |
1098 } // namespace blink | 1112 } // namespace blink |
OLD | NEW |