Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(193)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp

Issue 1835463002: Stop supporting invalid CSP directives in meta tags (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: remove service worker extendable event test Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h ('k') | third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp
diff --git a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp
index 1fcf8b49fc0a7ab5445a39ce163cdb25c7a32569..eb4e0606685fa234f2ee714eae5b552e7d60979a 100644
--- a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp
+++ b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp
@@ -8,6 +8,7 @@
#include "core/dom/SecurityContext.h"
#include "core/dom/SpaceSplitString.h"
#include "core/frame/LocalFrame.h"
+#include "core/frame/UseCounter.h"
#include "core/inspector/ConsoleMessage.h"
#include "platform/Crypto.h"
#include "platform/ParsingUtilities.h"
@@ -67,7 +68,7 @@ RawPtr<CSPDirectiveList> CSPDirectiveList::create(ContentSecurityPolicy* policy,
directives->setEvalDisabledErrorMessage(message);
}
- if (directives->isReportOnly() && directives->reportEndpoints().isEmpty())
+ if (directives->isReportOnly() && source != ContentSecurityPolicyHeaderSourceMeta && directives->reportEndpoints().isEmpty())
policy->reportMissingReportURI(String(begin, end - begin));
return directives.release();
@@ -541,6 +542,13 @@ void CSPDirectiveList::parseReportURI(const String& name, const String& value)
return;
}
+ // Remove report-uri in meta policies, per https://www.w3.org/TR/CSP2/#delivery-html-meta-element.
+ if (m_headerSource == ContentSecurityPolicyHeaderSourceMeta) {
+ UseCounter::count(m_policy->document(), UseCounter::InvalidReportUriDirectiveInMetaCSP);
+ m_policy->reportInvalidDirectiveInMeta(name);
+ return;
+ }
+
Vector<UChar> characters;
value.appendTo(characters);
@@ -568,11 +576,25 @@ void CSPDirectiveList::setCSPDirective(const String& name, const String& value,
m_policy->reportDuplicateDirective(name);
return;
}
+
+ // Remove frame-ancestors directives in meta policies, per https://www.w3.org/TR/CSP2/#delivery-html-meta-element.
+ if (m_headerSource == ContentSecurityPolicyHeaderSourceMeta && name == ContentSecurityPolicy::FrameAncestors) {
+ UseCounter::count(m_policy->document(), UseCounter::InvalidFrameAncestorsDirectiveInMetaCSP);
+ m_policy->reportInvalidDirectiveInMeta(name);
+ return;
+ }
+
directive = new CSPDirectiveType(name, value, m_policy);
}
void CSPDirectiveList::applySandboxPolicy(const String& name, const String& sandboxPolicy)
{
+ // Remove sandbox directives in meta policies, per https://www.w3.org/TR/CSP2/#delivery-html-meta-element.
+ if (m_headerSource == ContentSecurityPolicyHeaderSourceMeta) {
+ UseCounter::count(m_policy->document(), UseCounter::InvalidSandboxDirectiveInMetaCSP);
+ m_policy->reportInvalidDirectiveInMeta(name);
+ return;
+ }
if (m_reportOnly) {
m_policy->reportInvalidInReportOnly(name);
return;
« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h ('k') | third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698