OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 307 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
318 for (const auto& policy : m_policies) { | 318 for (const auto& policy : m_policies) { |
319 CSPHeaderAndType headerAndType(policy->header(), policy->headerType()); | 319 CSPHeaderAndType headerAndType(policy->header(), policy->headerType()); |
320 headers->append(headerAndType); | 320 headers->append(headerAndType); |
321 } | 321 } |
322 return headers.release(); | 322 return headers.release(); |
323 } | 323 } |
324 | 324 |
325 template<bool (CSPDirectiveList::*allowed)(ContentSecurityPolicy::ReportingStatu
s) const> | 325 template<bool (CSPDirectiveList::*allowed)(ContentSecurityPolicy::ReportingStatu
s) const> |
326 bool isAllowedByAll(const CSPDirectiveListVector& policies, ContentSecurityPolic
y::ReportingStatus reportingStatus) | 326 bool isAllowedByAll(const CSPDirectiveListVector& policies, ContentSecurityPolic
y::ReportingStatus reportingStatus) |
327 { | 327 { |
328 for (const auto& policy : policies) { | 328 bool isAllowed = true; |
329 if (!(policy.get()->*allowed)(reportingStatus)) | 329 for (const auto& policy : policies) |
330 return false; | 330 isAllowed &= (policy.get()->*allowed)(reportingStatus); |
331 } | 331 return isAllowed; |
332 return true; | |
333 } | 332 } |
334 | 333 |
335 template <bool (CSPDirectiveList::*allowed)(ScriptState* scriptState, ContentSec
urityPolicy::ReportingStatus, ContentSecurityPolicy::ExceptionStatus) const> | 334 template <bool (CSPDirectiveList::*allowed)(ScriptState* scriptState, ContentSec
urityPolicy::ReportingStatus, ContentSecurityPolicy::ExceptionStatus) const> |
336 bool isAllowedByAllWithStateAndExceptionStatus(const CSPDirectiveListVector& pol
icies, ScriptState* scriptState, ContentSecurityPolicy::ReportingStatus reportin
gStatus, ContentSecurityPolicy::ExceptionStatus exceptionStatus) | 335 bool isAllowedByAllWithStateAndExceptionStatus(const CSPDirectiveListVector& pol
icies, ScriptState* scriptState, ContentSecurityPolicy::ReportingStatus reportin
gStatus, ContentSecurityPolicy::ExceptionStatus exceptionStatus) |
337 { | 336 { |
338 for (const auto& policy : policies) { | 337 bool isAllowed = true; |
339 if (!(policy.get()->*allowed)(scriptState, reportingStatus, exceptionSta
tus)) | 338 for (const auto& policy : policies) |
340 return false; | 339 isAllowed &= (policy.get()->*allowed)(scriptState, reportingStatus, exce
ptionStatus); |
341 } | 340 return isAllowed; |
342 return true; | |
343 } | 341 } |
344 | 342 |
345 template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumb
er&, ContentSecurityPolicy::ReportingStatus) const> | 343 template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumb
er&, ContentSecurityPolicy::ReportingStatus) const> |
346 bool isAllowedByAllWithContext(const CSPDirectiveListVector& policies, const Str
ing& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::R
eportingStatus reportingStatus) | 344 bool isAllowedByAllWithContext(const CSPDirectiveListVector& policies, const Str
ing& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::R
eportingStatus reportingStatus) |
347 { | 345 { |
348 for (const auto& policy : policies) { | 346 bool isAllowed = true; |
349 if (!(policy.get()->*allowed)(contextURL, contextLine, reportingStatus)) | 347 for (const auto& policy : policies) |
350 return false; | 348 isAllowed &= (policy.get()->*allowed)(contextURL, contextLine, reporting
Status); |
351 } | 349 return isAllowed; |
352 return true; | |
353 } | 350 } |
354 | 351 |
355 template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumb
er&, ContentSecurityPolicy::ReportingStatus, const String& content) const> | 352 template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumb
er&, ContentSecurityPolicy::ReportingStatus, const String& content) const> |
356 bool isAllowedByAllWithContextAndContent(const CSPDirectiveListVector& policies,
const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurit
yPolicy::ReportingStatus reportingStatus, const String& content) | 353 bool isAllowedByAllWithContextAndContent(const CSPDirectiveListVector& policies,
const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurit
yPolicy::ReportingStatus reportingStatus, const String& content) |
357 { | 354 { |
358 for (const auto& policy : policies) { | 355 bool isAllowed = true; |
359 if (!(policy.get()->*allowed)(contextURL, contextLine, reportingStatus,
content)) | 356 for (const auto& policy : policies) |
360 return false; | 357 isAllowed &= (policy.get()->*allowed)(contextURL, contextLine, reporting
Status, content); |
361 } | 358 return isAllowed; |
362 return true; | |
363 } | 359 } |
364 | 360 |
365 template<bool (CSPDirectiveList::*allowed)(const String&) const> | 361 template<bool (CSPDirectiveList::*allowed)(const String&) const> |
366 bool isAllowedByAllWithNonce(const CSPDirectiveListVector& policies, const Strin
g& nonce) | 362 bool isAllowedByAllWithNonce(const CSPDirectiveListVector& policies, const Strin
g& nonce) |
367 { | 363 { |
368 for (const auto& policy : policies) { | 364 bool isAllowed = true; |
369 if (!(policy.get()->*allowed)(nonce)) | 365 for (const auto& policy : policies) |
370 return false; | 366 isAllowed &= (policy.get()->*allowed)(nonce); |
371 } | 367 return isAllowed; |
372 return true; | |
373 } | 368 } |
374 | 369 |
375 template<bool (CSPDirectiveList::*allowed)(const CSPHashValue&, ContentSecurityP
olicy::InlineType) const> | 370 template<bool (CSPDirectiveList::*allowed)(const CSPHashValue&, ContentSecurityP
olicy::InlineType) const> |
376 bool isAllowedByAllWithHash(const CSPDirectiveListVector& policies, const CSPHas
hValue& hashValue, ContentSecurityPolicy::InlineType type) | 371 bool isAllowedByAllWithHash(const CSPDirectiveListVector& policies, const CSPHas
hValue& hashValue, ContentSecurityPolicy::InlineType type) |
377 { | 372 { |
378 for (const auto& policy : policies) { | 373 bool isAllowed = true; |
379 if (!(policy.get()->*allowed)(hashValue, type)) | 374 for (const auto& policy : policies) |
380 return false; | 375 isAllowed &= (policy.get()->*allowed)(hashValue, type); |
381 } | 376 return isAllowed; |
382 return true; | |
383 } | 377 } |
384 | 378 |
385 template <bool (CSPDirectiveList::*allowFromURL)(const KURL&, ContentSecurityPol
icy::RedirectStatus, ContentSecurityPolicy::ReportingStatus) const> | 379 template <bool (CSPDirectiveList::*allowFromURL)(const KURL&, ContentSecurityPol
icy::RedirectStatus, ContentSecurityPolicy::ReportingStatus) const> |
386 bool isAllowedByAllWithURL(const CSPDirectiveListVector& policies, const KURL& u
rl, ContentSecurityPolicy::RedirectStatus redirectStatus, ContentSecurityPolicy:
:ReportingStatus reportingStatus) | 380 bool isAllowedByAllWithURL(const CSPDirectiveListVector& policies, const KURL& u
rl, ContentSecurityPolicy::RedirectStatus redirectStatus, ContentSecurityPolicy:
:ReportingStatus reportingStatus) |
387 { | 381 { |
388 if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol())) | 382 if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol())) |
389 return true; | 383 return true; |
390 | 384 |
391 for (const auto& policy : policies) { | 385 bool isAllowed = true; |
392 if (!(policy.get()->*allowFromURL)(url, redirectStatus, reportingStatus)
) | 386 for (const auto& policy : policies) |
393 return false; | 387 isAllowed &= (policy.get()->*allowFromURL)(url, redirectStatus, reportin
gStatus); |
394 } | 388 return isAllowed; |
395 return true; | |
396 } | 389 } |
397 | 390 |
398 template<bool (CSPDirectiveList::*allowed)(LocalFrame*, const KURL&, ContentSecu
rityPolicy::ReportingStatus) const> | 391 template<bool (CSPDirectiveList::*allowed)(LocalFrame*, const KURL&, ContentSecu
rityPolicy::ReportingStatus) const> |
399 bool isAllowedByAllWithFrame(const CSPDirectiveListVector& policies, LocalFrame*
frame, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) | 392 bool isAllowedByAllWithFrame(const CSPDirectiveListVector& policies, LocalFrame*
frame, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) |
400 { | 393 { |
401 for (const auto& policy : policies) { | 394 bool isAllowed = true; |
402 if (!(policy.get()->*allowed)(frame, url, reportingStatus)) | 395 for (const auto& policy : policies) |
403 return false; | 396 isAllowed &= (policy.get()->*allowed)(frame, url, reportingStatus); |
404 } | 397 return isAllowed; |
405 return true; | |
406 } | 398 } |
407 | 399 |
408 template<bool (CSPDirectiveList::*allowed)(const CSPHashValue&, ContentSecurityP
olicy::InlineType) const> | 400 template<bool (CSPDirectiveList::*allowed)(const CSPHashValue&, ContentSecurityP
olicy::InlineType) const> |
409 bool checkDigest(const String& source, ContentSecurityPolicy::InlineType type, u
int8_t hashAlgorithmsUsed, const CSPDirectiveListVector& policies) | 401 bool checkDigest(const String& source, ContentSecurityPolicy::InlineType type, u
int8_t hashAlgorithmsUsed, const CSPDirectiveListVector& policies) |
410 { | 402 { |
411 // Any additions or subtractions from this struct should also modify the | 403 // Any additions or subtractions from this struct should also modify the |
412 // respective entries in the kSupportedPrefixes array in | 404 // respective entries in the kSupportedPrefixes array in |
413 // CSPSourceList::parseHash(). | 405 // CSPSourceList::parseHash(). |
414 static const struct { | 406 static const struct { |
415 ContentSecurityPolicyHashAlgorithm cspHashAlgorithm; | 407 ContentSecurityPolicyHashAlgorithm cspHashAlgorithm; |
(...skipping 651 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1067 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. | 1059 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. |
1068 return !m_violationReportsSent.contains(report.impl()->hash()); | 1060 return !m_violationReportsSent.contains(report.impl()->hash()); |
1069 } | 1061 } |
1070 | 1062 |
1071 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 1063 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
1072 { | 1064 { |
1073 m_violationReportsSent.add(report.impl()->hash()); | 1065 m_violationReportsSent.add(report.impl()->hash()); |
1074 } | 1066 } |
1075 | 1067 |
1076 } // namespace blink | 1068 } // namespace blink |
OLD | NEW |