OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 307 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
318 for (const auto& policy : m_policies) { | 318 for (const auto& policy : m_policies) { |
319 CSPHeaderAndType headerAndType(policy->header(), policy->headerType()); | 319 CSPHeaderAndType headerAndType(policy->header(), policy->headerType()); |
320 headers->append(headerAndType); | 320 headers->append(headerAndType); |
321 } | 321 } |
322 return headers.release(); | 322 return headers.release(); |
323 } | 323 } |
324 | 324 |
325 template<bool (CSPDirectiveList::*allowed)(ContentSecurityPolicy::ReportingStatu s) const> | 325 template<bool (CSPDirectiveList::*allowed)(ContentSecurityPolicy::ReportingStatu s) const> |
326 bool isAllowedByAll(const CSPDirectiveListVector& policies, ContentSecurityPolic y::ReportingStatus reportingStatus) | 326 bool isAllowedByAll(const CSPDirectiveListVector& policies, ContentSecurityPolic y::ReportingStatus reportingStatus) |
327 { | 327 { |
328 bool isAllowed = true; | |
328 for (const auto& policy : policies) { | 329 for (const auto& policy : policies) { |
329 if (!(policy.get()->*allowed)(reportingStatus)) | 330 isAllowed = (policy.get()->*allowed)(reportingStatus) && isAllowed; |
Mike West
2016/04/07 22:32:33
Nit: `&=` seems simpler.
estark
2016/05/09 18:35:58
Done.
| |
330 return false; | |
331 } | 331 } |
Mike West
2016/04/07 22:32:33
Nit: No {} for single-line clauses.
estark
2016/05/09 18:35:58
Done.
| |
332 return true; | 332 return isAllowed; |
333 } | 333 } |
334 | 334 |
335 template <bool (CSPDirectiveList::*allowed)(ScriptState* scriptState, ContentSec urityPolicy::ReportingStatus, ContentSecurityPolicy::ExceptionStatus) const> | 335 template <bool (CSPDirectiveList::*allowed)(ScriptState* scriptState, ContentSec urityPolicy::ReportingStatus, ContentSecurityPolicy::ExceptionStatus) const> |
336 bool isAllowedByAllWithStateAndExceptionStatus(const CSPDirectiveListVector& pol icies, ScriptState* scriptState, ContentSecurityPolicy::ReportingStatus reportin gStatus, ContentSecurityPolicy::ExceptionStatus exceptionStatus) | 336 bool isAllowedByAllWithStateAndExceptionStatus(const CSPDirectiveListVector& pol icies, ScriptState* scriptState, ContentSecurityPolicy::ReportingStatus reportin gStatus, ContentSecurityPolicy::ExceptionStatus exceptionStatus) |
337 { | 337 { |
338 bool isAllowed = true; | |
338 for (const auto& policy : policies) { | 339 for (const auto& policy : policies) { |
339 if (!(policy.get()->*allowed)(scriptState, reportingStatus, exceptionSta tus)) | 340 isAllowed = (policy.get()->*allowed)(scriptState, reportingStatus, excep tionStatus) && isAllowed; |
340 return false; | |
341 } | 341 } |
342 return true; | 342 return isAllowed; |
343 } | 343 } |
344 | 344 |
345 template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumb er&, ContentSecurityPolicy::ReportingStatus) const> | 345 template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumb er&, ContentSecurityPolicy::ReportingStatus) const> |
346 bool isAllowedByAllWithContext(const CSPDirectiveListVector& policies, const Str ing& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::R eportingStatus reportingStatus) | 346 bool isAllowedByAllWithContext(const CSPDirectiveListVector& policies, const Str ing& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::R eportingStatus reportingStatus) |
347 { | 347 { |
348 bool isAllowed = true; | |
348 for (const auto& policy : policies) { | 349 for (const auto& policy : policies) { |
349 if (!(policy.get()->*allowed)(contextURL, contextLine, reportingStatus)) | 350 isAllowed = (policy.get()->*allowed)(contextURL, contextLine, reportingS tatus) && isAllowed; |
350 return false; | |
351 } | 351 } |
352 return true; | 352 return isAllowed; |
353 } | 353 } |
354 | 354 |
355 template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumb er&, ContentSecurityPolicy::ReportingStatus, const String& content) const> | 355 template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumb er&, ContentSecurityPolicy::ReportingStatus, const String& content) const> |
356 bool isAllowedByAllWithContextAndContent(const CSPDirectiveListVector& policies, const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurit yPolicy::ReportingStatus reportingStatus, const String& content) | 356 bool isAllowedByAllWithContextAndContent(const CSPDirectiveListVector& policies, const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurit yPolicy::ReportingStatus reportingStatus, const String& content) |
357 { | 357 { |
358 bool isAllowed = true; | |
358 for (const auto& policy : policies) { | 359 for (const auto& policy : policies) { |
359 if (!(policy.get()->*allowed)(contextURL, contextLine, reportingStatus, content)) | 360 isAllowed = (policy.get()->*allowed)(contextURL, contextLine, reportingS tatus, content) && isAllowed; |
360 return false; | |
361 } | 361 } |
362 return true; | 362 return isAllowed; |
363 } | 363 } |
364 | 364 |
365 template<bool (CSPDirectiveList::*allowed)(const String&) const> | 365 template<bool (CSPDirectiveList::*allowed)(const String&) const> |
366 bool isAllowedByAllWithNonce(const CSPDirectiveListVector& policies, const Strin g& nonce) | 366 bool isAllowedByAllWithNonce(const CSPDirectiveListVector& policies, const Strin g& nonce) |
367 { | 367 { |
368 bool isAllowed = true; | |
368 for (const auto& policy : policies) { | 369 for (const auto& policy : policies) { |
369 if (!(policy.get()->*allowed)(nonce)) | 370 isAllowed = (policy.get()->*allowed)(nonce) && isAllowed; |
370 return false; | |
371 } | 371 } |
372 return true; | 372 return isAllowed; |
373 } | 373 } |
374 | 374 |
375 template<bool (CSPDirectiveList::*allowed)(const CSPHashValue&) const> | 375 template<bool (CSPDirectiveList::*allowed)(const CSPHashValue&) const> |
376 bool isAllowedByAllWithHash(const CSPDirectiveListVector& policies, const CSPHas hValue& hashValue) | 376 bool isAllowedByAllWithHash(const CSPDirectiveListVector& policies, const CSPHas hValue& hashValue) |
377 { | 377 { |
378 bool isAllowed = true; | |
378 for (const auto& policy : policies) { | 379 for (const auto& policy : policies) { |
379 if (!(policy.get()->*allowed)(hashValue)) | 380 isAllowed = (policy.get()->*allowed)(hashValue) && isAllowed; |
380 return false; | |
381 } | 381 } |
382 return true; | 382 return isAllowed; |
383 } | 383 } |
384 | 384 |
385 template <bool (CSPDirectiveList::*allowFromURL)(const KURL&, ContentSecurityPol icy::RedirectStatus, ContentSecurityPolicy::ReportingStatus) const> | 385 template <bool (CSPDirectiveList::*allowFromURL)(const KURL&, ContentSecurityPol icy::RedirectStatus, ContentSecurityPolicy::ReportingStatus) const> |
386 bool isAllowedByAllWithURL(const CSPDirectiveListVector& policies, const KURL& u rl, ContentSecurityPolicy::RedirectStatus redirectStatus, ContentSecurityPolicy: :ReportingStatus reportingStatus) | 386 bool isAllowedByAllWithURL(const CSPDirectiveListVector& policies, const KURL& u rl, ContentSecurityPolicy::RedirectStatus redirectStatus, ContentSecurityPolicy: :ReportingStatus reportingStatus) |
387 { | 387 { |
388 if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol())) | 388 if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol())) |
389 return true; | 389 return true; |
390 | 390 |
391 bool isAllowed = true; | |
391 for (const auto& policy : policies) { | 392 for (const auto& policy : policies) { |
392 if (!(policy.get()->*allowFromURL)(url, redirectStatus, reportingStatus) ) | 393 isAllowed = (policy.get()->*allowFromURL)(url, redirectStatus, reporting Status) && isAllowed; |
393 return false; | |
394 } | 394 } |
395 return true; | 395 return isAllowed; |
396 } | 396 } |
397 | 397 |
398 template<bool (CSPDirectiveList::*allowed)(LocalFrame*, const KURL&, ContentSecu rityPolicy::ReportingStatus) const> | 398 template<bool (CSPDirectiveList::*allowed)(LocalFrame*, const KURL&, ContentSecu rityPolicy::ReportingStatus) const> |
399 bool isAllowedByAllWithFrame(const CSPDirectiveListVector& policies, LocalFrame* frame, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) | 399 bool isAllowedByAllWithFrame(const CSPDirectiveListVector& policies, LocalFrame* frame, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) |
400 { | 400 { |
401 bool isAllowed = true; | |
401 for (const auto& policy : policies) { | 402 for (const auto& policy : policies) { |
402 if (!(policy.get()->*allowed)(frame, url, reportingStatus)) | 403 isAllowed = (policy.get()->*allowed)(frame, url, reportingStatus) && isA llowed; |
403 return false; | |
404 } | 404 } |
405 return true; | 405 return isAllowed; |
406 } | 406 } |
407 | 407 |
408 template<bool (CSPDirectiveList::*allowed)(const CSPHashValue&) const> | 408 template<bool (CSPDirectiveList::*allowed)(const CSPHashValue&) const> |
409 bool checkDigest(const String& source, uint8_t hashAlgorithmsUsed, const CSPDire ctiveListVector& policies) | 409 bool checkDigest(const String& source, uint8_t hashAlgorithmsUsed, const CSPDire ctiveListVector& policies) |
410 { | 410 { |
411 // Any additions or subtractions from this struct should also modify the | 411 // Any additions or subtractions from this struct should also modify the |
412 // respective entries in the kSupportedPrefixes array in | 412 // respective entries in the kSupportedPrefixes array in |
413 // CSPSourceList::parseHash(). | 413 // CSPSourceList::parseHash(). |
414 static const struct { | 414 static const struct { |
415 ContentSecurityPolicyHashAlgorithm cspHashAlgorithm; | 415 ContentSecurityPolicyHashAlgorithm cspHashAlgorithm; |
(...skipping 674 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1090 // Collisions have no security impact, so we can save space by storing only the string's hash rather than the whole report. | 1090 // Collisions have no security impact, so we can save space by storing only the string's hash rather than the whole report. |
1091 return !m_violationReportsSent.contains(report.impl()->hash()); | 1091 return !m_violationReportsSent.contains(report.impl()->hash()); |
1092 } | 1092 } |
1093 | 1093 |
1094 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 1094 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
1095 { | 1095 { |
1096 m_violationReportsSent.add(report.impl()->hash()); | 1096 m_violationReportsSent.add(report.impl()->hash()); |
1097 } | 1097 } |
1098 | 1098 |
1099 } // namespace blink | 1099 } // namespace blink |
OLD | NEW |