| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 53 class KURL; | 53 class KURL; |
| 54 class ExecutionContextClient; | 54 class ExecutionContextClient; |
| 55 class SecurityOrigin; | 55 class SecurityOrigin; |
| 56 | 56 |
| 57 typedef int SandboxFlags; | 57 typedef int SandboxFlags; |
| 58 typedef Vector<OwnPtr<CSPDirectiveList> > CSPDirectiveListVector; | 58 typedef Vector<OwnPtr<CSPDirectiveList> > CSPDirectiveListVector; |
| 59 | 59 |
| 60 class ContentSecurityPolicy : public RefCounted<ContentSecurityPolicy> { | 60 class ContentSecurityPolicy : public RefCounted<ContentSecurityPolicy> { |
| 61 WTF_MAKE_FAST_ALLOCATED; | 61 WTF_MAKE_FAST_ALLOCATED; |
| 62 public: | 62 public: |
| 63 // CSP 1.0 Directives |
| 64 static const char ConnectSrc[]; |
| 65 static const char DefaultSrc[]; |
| 66 static const char FontSrc[]; |
| 67 static const char FrameSrc[]; |
| 68 static const char ImgSrc[]; |
| 69 static const char MediaSrc[]; |
| 70 static const char ObjectSrc[]; |
| 71 static const char ReportURI[]; |
| 72 static const char Sandbox[]; |
| 73 static const char ScriptSrc[]; |
| 74 static const char StyleSrc[]; |
| 75 |
| 76 // CSP 1.1 Directives |
| 77 static const char BaseURI[]; |
| 78 static const char ChildSrc[]; |
| 79 static const char FormAction[]; |
| 80 static const char FrameAncestors[]; |
| 81 static const char PluginTypes[]; |
| 82 static const char ReflectedXSS[]; |
| 83 static const char Referrer[]; |
| 84 |
| 63 static PassRefPtr<ContentSecurityPolicy> create(ExecutionContextClient* clie
nt) | 85 static PassRefPtr<ContentSecurityPolicy> create(ExecutionContextClient* clie
nt) |
| 64 { | 86 { |
| 65 return adoptRef(new ContentSecurityPolicy(client)); | 87 return adoptRef(new ContentSecurityPolicy(client)); |
| 66 } | 88 } |
| 67 ~ContentSecurityPolicy(); | 89 ~ContentSecurityPolicy(); |
| 68 | 90 |
| 69 void copyStateFrom(const ContentSecurityPolicy*); | 91 void copyStateFrom(const ContentSecurityPolicy*); |
| 70 | 92 |
| 71 enum ReportingStatus { | 93 enum ReportingStatus { |
| 72 SendReport, | 94 SendReport, |
| (...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 172 // We put the hash functions used on the policy object so that we only need | 194 // We put the hash functions used on the policy object so that we only need |
| 173 // to calculate a hash once and then distribute it to all of the directives | 195 // to calculate a hash once and then distribute it to all of the directives |
| 174 // for validation. | 196 // for validation. |
| 175 uint8_t m_scriptHashAlgorithmsUsed; | 197 uint8_t m_scriptHashAlgorithmsUsed; |
| 176 uint8_t m_styleHashAlgorithmsUsed; | 198 uint8_t m_styleHashAlgorithmsUsed; |
| 177 }; | 199 }; |
| 178 | 200 |
| 179 } | 201 } |
| 180 | 202 |
| 181 #endif | 203 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 180273012:
Extract CSPDirectiveList from ContentSecurityPolicy. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk