Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(8)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/frame/ContentSecurityPolicy.h

Issue 180523003: Move ContentSecurityPolicy to core/frame/csp (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Source/core/fetch/ResourceFetcher.cpp ('k') | Source/core/frame/ContentSecurityPolicy.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /*
2 * Copyright (C) 2011 Google, Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY GOOGLE INC. ``AS IS'' AND ANY
14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26 #ifndef ContentSecurityPolicy_h
27 #define ContentSecurityPolicy_h
28
29 #include "bindings/v8/ScriptState.h"
30 #include "core/dom/Document.h"
31 #include "platform/network/ContentSecurityPolicyParsers.h"
32 #include "platform/network/HTTPParsers.h"
33 #include "platform/weborigin/ReferrerPolicy.h"
34 #include "wtf/HashSet.h"
35 #include "wtf/PassOwnPtr.h"
36 #include "wtf/PassRefPtr.h"
37 #include "wtf/RefCounted.h"
38 #include "wtf/Vector.h"
39 #include "wtf/text/StringHash.h"
40 #include "wtf/text/TextPosition.h"
41 #include "wtf/text/WTFString.h"
42
43 namespace WTF {
44 class OrdinalNumber;
45 }
46
47 namespace WebCore {
48
49 class ContentSecurityPolicyResponseHeaders;
50 class CSPDirectiveList;
51 class DOMStringList;
52 class JSONObject;
53 class KURL;
54 class ExecutionContextClient;
55 class SecurityOrigin;
56
57 typedef int SandboxFlags;
58 typedef Vector<OwnPtr<CSPDirectiveList> > CSPDirectiveListVector;
59
60 class ContentSecurityPolicy : public RefCounted<ContentSecurityPolicy> {
61 WTF_MAKE_FAST_ALLOCATED;
62 public:
63 // CSP 1.0 Directives
64 static const char ConnectSrc[];
65 static const char DefaultSrc[];
66 static const char FontSrc[];
67 static const char FrameSrc[];
68 static const char ImgSrc[];
69 static const char MediaSrc[];
70 static const char ObjectSrc[];
71 static const char ReportURI[];
72 static const char Sandbox[];
73 static const char ScriptSrc[];
74 static const char StyleSrc[];
75
76 // CSP 1.1 Directives
77 static const char BaseURI[];
78 static const char ChildSrc[];
79 static const char FormAction[];
80 static const char FrameAncestors[];
81 static const char PluginTypes[];
82 static const char ReflectedXSS[];
83 static const char Referrer[];
84
85 static PassRefPtr<ContentSecurityPolicy> create(ExecutionContextClient* clie nt)
86 {
87 return adoptRef(new ContentSecurityPolicy(client));
88 }
89 ~ContentSecurityPolicy();
90
91 void copyStateFrom(const ContentSecurityPolicy*);
92
93 enum ReportingStatus {
94 SendReport,
95 SuppressReport
96 };
97
98 void didReceiveHeaders(const ContentSecurityPolicyResponseHeaders&);
99 void didReceiveHeader(const String&, ContentSecurityPolicyHeaderType, Conten tSecurityPolicyHeaderSource);
100
101 // These functions are wrong because they assume that there is only one head er.
102 // FIXME: Replace them with functions that return vectors.
103 const String& deprecatedHeader() const;
104 ContentSecurityPolicyHeaderType deprecatedHeaderType() const;
105
106 bool allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ReportingStatus = SendReport) const;
107 bool allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNu mber& contextLine, ReportingStatus = SendReport) const;
108 bool allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& c ontextLine, ReportingStatus = SendReport) const;
109 bool allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& co ntextLine, ReportingStatus = SendReport) const;
110 bool allowEval(ScriptState* = 0, ReportingStatus = SendReport) const;
111 bool allowPluginType(const String& type, const String& typeAttribute, const KURL&, ReportingStatus = SendReport) const;
112
113 bool allowScriptFromSource(const KURL&, ReportingStatus = SendReport) const;
114 bool allowObjectFromSource(const KURL&, ReportingStatus = SendReport) const;
115 bool allowChildFrameFromSource(const KURL&, ReportingStatus = SendReport) co nst;
116 bool allowImageFromSource(const KURL&, ReportingStatus = SendReport) const;
117 bool allowStyleFromSource(const KURL&, ReportingStatus = SendReport) const;
118 bool allowFontFromSource(const KURL&, ReportingStatus = SendReport) const;
119 bool allowMediaFromSource(const KURL&, ReportingStatus = SendReport) const;
120 bool allowConnectToSource(const KURL&, ReportingStatus = SendReport) const;
121 bool allowFormAction(const KURL&, ReportingStatus = SendReport) const;
122 bool allowBaseURI(const KURL&, ReportingStatus = SendReport) const;
123 bool allowAncestors(LocalFrame*, ReportingStatus = SendReport) const;
124 bool allowChildContextFromSource(const KURL&, ReportingStatus = SendReport) const;
125 bool allowWorkerContextFromSource(const KURL&, ReportingStatus = SendReport) const;
126
127 // The nonce and hash allow functions are guaranteed to not have any side
128 // effects, including reporting.
129 bool allowScriptNonce(const String& nonce) const;
130 bool allowStyleNonce(const String& nonce) const;
131 bool allowScriptHash(const String& source) const;
132 bool allowStyleHash(const String& source) const;
133
134 void usesScriptHashAlgorithms(uint8_t ContentSecurityPolicyHashAlgorithm);
135 void usesStyleHashAlgorithms(uint8_t ContentSecurityPolicyHashAlgorithm);
136
137 ReflectedXSSDisposition reflectedXSSDisposition() const;
138
139 ReferrerPolicy referrerPolicy() const;
140 bool didSetReferrerPolicy() const;
141
142 void setOverrideAllowInlineStyle(bool);
143
144 bool isActive() const;
145
146 void reportDirectiveAsSourceExpression(const String& directiveName, const St ring& sourceExpression) const;
147 void reportDuplicateDirective(const String&) const;
148 void reportInvalidDirectiveValueCharacter(const String& directiveName, const String& value) const;
149 void reportInvalidPathCharacter(const String& directiveName, const String& v alue, const char) const;
150 void reportInvalidPluginTypes(const String&) const;
151 void reportInvalidSandboxFlags(const String&) const;
152 void reportInvalidSourceExpression(const String& directiveName, const String & source) const;
153 void reportInvalidReflectedXSS(const String&) const;
154 void reportMissingReportURI(const String&) const;
155 void reportUnsupportedDirective(const String&) const;
156 void reportInvalidInReportOnly(const String&) const;
157 void reportInvalidReferrer(const String&) const;
158 void reportReportOnlyInMeta(const String&) const;
159 void reportMetaOutsideHead(const String&) const;
160 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL> & reportURIs, const String& header);
161
162 void reportBlockedScriptExecutionToInspector(const String& directiveText) co nst;
163
164 const KURL url() const;
165 KURL completeURL(const String&) const;
166 SecurityOrigin* securityOrigin() const;
167 void enforceSandboxFlags(SandboxFlags) const;
168 String evalDisabledErrorMessage() const;
169
170 bool experimentalFeaturesEnabled() const;
171
172 static bool shouldBypassMainWorld(ExecutionContext*);
173
174 static bool isDirectiveName(const String&);
175
176 ExecutionContextClient* client() const { return m_client; }
177 Document* document() const { return client()->isDocument() ? toDocument(clie nt()) : 0; }
178
179 private:
180 explicit ContentSecurityPolicy(ExecutionContextClient*);
181
182 void logToConsole(const String& message) const;
183 void addPolicyFromHeaderValue(const String&, ContentSecurityPolicyHeaderType , ContentSecurityPolicyHeaderSource);
184
185 bool shouldSendViolationReport(const String&) const;
186 void didSendViolationReport(const String&);
187
188 ExecutionContextClient* m_client;
189 bool m_overrideInlineStyleAllowed;
190 CSPDirectiveListVector m_policies;
191
192 HashSet<unsigned, AlreadyHashed> m_violationReportsSent;
193
194 // We put the hash functions used on the policy object so that we only need
195 // to calculate a hash once and then distribute it to all of the directives
196 // for validation.
197 uint8_t m_scriptHashAlgorithmsUsed;
198 uint8_t m_styleHashAlgorithmsUsed;
199 };
200
201 }
202
203 #endif
OLDNEW
« no previous file with comments | « Source/core/fetch/ResourceFetcher.cpp ('k') | Source/core/frame/ContentSecurityPolicy.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698