| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2016 Google Inc. All rights reserved. | 2 * Copyright (C) 2016 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 15 matching lines...) Expand all Loading... |
| 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 29 */ | 29 */ |
| 30 | 30 |
| 31 #include "public/platform/WebMixedContent.h" | 31 #include "public/platform/WebMixedContent.h" |
| 32 | 32 |
| 33 namespace blink { | 33 namespace blink { |
| 34 | 34 |
| 35 // static | 35 // static |
| 36 WebMixedContent::ContextType WebMixedContent::contextTypeFromRequestContext( | 36 WebMixedContentContextType WebMixedContent::contextTypeFromRequestContext( |
| 37 WebURLRequest::RequestContext context, | 37 WebURLRequest::RequestContext context, |
| 38 bool strictMixedContentCheckingForPlugin) { | 38 bool strictMixedContentCheckingForPlugin) { |
| 39 switch (context) { | 39 switch (context) { |
| 40 // "Optionally-blockable" mixed content | 40 // "Optionally-blockable" mixed content |
| 41 case WebURLRequest::RequestContextAudio: | 41 case WebURLRequest::RequestContextAudio: |
| 42 case WebURLRequest::RequestContextFavicon: | 42 case WebURLRequest::RequestContextFavicon: |
| 43 case WebURLRequest::RequestContextImage: | 43 case WebURLRequest::RequestContextImage: |
| 44 case WebURLRequest::RequestContextVideo: | 44 case WebURLRequest::RequestContextVideo: |
| 45 return ContextType::OptionallyBlockable; | 45 return WebMixedContentContextType::OptionallyBlockable; |
| 46 | 46 |
| 47 // Plugins! Oh how dearly we love plugin-loaded content! | 47 // Plugins! Oh how dearly we love plugin-loaded content! |
| 48 case WebURLRequest::RequestContextPlugin: { | 48 case WebURLRequest::RequestContextPlugin: { |
| 49 return strictMixedContentCheckingForPlugin | 49 return strictMixedContentCheckingForPlugin |
| 50 ? ContextType::Blockable | 50 ? WebMixedContentContextType::Blockable |
| 51 : ContextType::OptionallyBlockable; | 51 : WebMixedContentContextType::OptionallyBlockable; |
| 52 } | 52 } |
| 53 | 53 |
| 54 // "Blockable" mixed content | 54 // "Blockable" mixed content |
| 55 case WebURLRequest::RequestContextBeacon: | 55 case WebURLRequest::RequestContextBeacon: |
| 56 case WebURLRequest::RequestContextCSPReport: | 56 case WebURLRequest::RequestContextCSPReport: |
| 57 case WebURLRequest::RequestContextEmbed: | 57 case WebURLRequest::RequestContextEmbed: |
| 58 case WebURLRequest::RequestContextEventSource: | 58 case WebURLRequest::RequestContextEventSource: |
| 59 case WebURLRequest::RequestContextFetch: | 59 case WebURLRequest::RequestContextFetch: |
| 60 case WebURLRequest::RequestContextFont: | 60 case WebURLRequest::RequestContextFont: |
| 61 case WebURLRequest::RequestContextForm: | 61 case WebURLRequest::RequestContextForm: |
| 62 case WebURLRequest::RequestContextFrame: | 62 case WebURLRequest::RequestContextFrame: |
| 63 case WebURLRequest::RequestContextHyperlink: | 63 case WebURLRequest::RequestContextHyperlink: |
| 64 case WebURLRequest::RequestContextIframe: | 64 case WebURLRequest::RequestContextIframe: |
| 65 case WebURLRequest::RequestContextImageSet: | 65 case WebURLRequest::RequestContextImageSet: |
| 66 case WebURLRequest::RequestContextImport: | 66 case WebURLRequest::RequestContextImport: |
| 67 case WebURLRequest::RequestContextInternal: | 67 case WebURLRequest::RequestContextInternal: |
| 68 case WebURLRequest::RequestContextLocation: | 68 case WebURLRequest::RequestContextLocation: |
| 69 case WebURLRequest::RequestContextManifest: | 69 case WebURLRequest::RequestContextManifest: |
| 70 case WebURLRequest::RequestContextObject: | 70 case WebURLRequest::RequestContextObject: |
| 71 case WebURLRequest::RequestContextPing: | 71 case WebURLRequest::RequestContextPing: |
| 72 case WebURLRequest::RequestContextScript: | 72 case WebURLRequest::RequestContextScript: |
| 73 case WebURLRequest::RequestContextServiceWorker: | 73 case WebURLRequest::RequestContextServiceWorker: |
| 74 case WebURLRequest::RequestContextSharedWorker: | 74 case WebURLRequest::RequestContextSharedWorker: |
| 75 case WebURLRequest::RequestContextStyle: | 75 case WebURLRequest::RequestContextStyle: |
| 76 case WebURLRequest::RequestContextSubresource: | 76 case WebURLRequest::RequestContextSubresource: |
| 77 case WebURLRequest::RequestContextTrack: | 77 case WebURLRequest::RequestContextTrack: |
| 78 case WebURLRequest::RequestContextWorker: | 78 case WebURLRequest::RequestContextWorker: |
| 79 case WebURLRequest::RequestContextXMLHttpRequest: | 79 case WebURLRequest::RequestContextXMLHttpRequest: |
| 80 case WebURLRequest::RequestContextXSLT: | 80 case WebURLRequest::RequestContextXSLT: |
| 81 return ContextType::Blockable; | 81 return WebMixedContentContextType::Blockable; |
| 82 | 82 |
| 83 // FIXME: Contexts that we should block, but don't currently. | 83 // FIXME: Contexts that we should block, but don't currently. |
| 84 // https://crbug.com/388650 | 84 // https://crbug.com/388650 |
| 85 case WebURLRequest::RequestContextDownload: | 85 case WebURLRequest::RequestContextDownload: |
| 86 case WebURLRequest::RequestContextPrefetch: | 86 case WebURLRequest::RequestContextPrefetch: |
| 87 return ContextType::ShouldBeBlockable; | 87 return WebMixedContentContextType::ShouldBeBlockable; |
| 88 | 88 |
| 89 case WebURLRequest::RequestContextUnspecified: | 89 case WebURLRequest::RequestContextUnspecified: |
| 90 NOTREACHED(); | 90 NOTREACHED(); |
| 91 } | 91 } |
| 92 NOTREACHED(); | 92 NOTREACHED(); |
| 93 return ContextType::Blockable; | 93 return WebMixedContentContextType::Blockable; |
| 94 } | |
| 95 | |
| 96 // static | |
| 97 const char* WebMixedContent::requestContextName( | |
| 98 WebURLRequest::RequestContext context) { | |
| 99 switch (context) { | |
| 100 case WebURLRequest::RequestContextAudio: | |
| 101 return "audio file"; | |
| 102 case WebURLRequest::RequestContextBeacon: | |
| 103 return "Beacon endpoint"; | |
| 104 case WebURLRequest::RequestContextCSPReport: | |
| 105 return "Content Security Policy reporting endpoint"; | |
| 106 case WebURLRequest::RequestContextDownload: | |
| 107 return "download"; | |
| 108 case WebURLRequest::RequestContextEmbed: | |
| 109 return "plugin resource"; | |
| 110 case WebURLRequest::RequestContextEventSource: | |
| 111 return "EventSource endpoint"; | |
| 112 case WebURLRequest::RequestContextFavicon: | |
| 113 return "favicon"; | |
| 114 case WebURLRequest::RequestContextFetch: | |
| 115 return "resource"; | |
| 116 case WebURLRequest::RequestContextFont: | |
| 117 return "font"; | |
| 118 case WebURLRequest::RequestContextForm: | |
| 119 return "form action"; | |
| 120 case WebURLRequest::RequestContextFrame: | |
| 121 return "frame"; | |
| 122 case WebURLRequest::RequestContextHyperlink: | |
| 123 return "resource"; | |
| 124 case WebURLRequest::RequestContextIframe: | |
| 125 return "frame"; | |
| 126 case WebURLRequest::RequestContextImage: | |
| 127 return "image"; | |
| 128 case WebURLRequest::RequestContextImageSet: | |
| 129 return "image"; | |
| 130 case WebURLRequest::RequestContextImport: | |
| 131 return "HTML Import"; | |
| 132 case WebURLRequest::RequestContextInternal: | |
| 133 return "resource"; | |
| 134 case WebURLRequest::RequestContextLocation: | |
| 135 return "resource"; | |
| 136 case WebURLRequest::RequestContextManifest: | |
| 137 return "manifest"; | |
| 138 case WebURLRequest::RequestContextObject: | |
| 139 return "plugin resource"; | |
| 140 case WebURLRequest::RequestContextPing: | |
| 141 return "hyperlink auditing endpoint"; | |
| 142 case WebURLRequest::RequestContextPlugin: | |
| 143 return "plugin data"; | |
| 144 case WebURLRequest::RequestContextPrefetch: | |
| 145 return "prefetch resource"; | |
| 146 case WebURLRequest::RequestContextScript: | |
| 147 return "script"; | |
| 148 case WebURLRequest::RequestContextServiceWorker: | |
| 149 return "Service Worker script"; | |
| 150 case WebURLRequest::RequestContextSharedWorker: | |
| 151 return "Shared Worker script"; | |
| 152 case WebURLRequest::RequestContextStyle: | |
| 153 return "stylesheet"; | |
| 154 case WebURLRequest::RequestContextSubresource: | |
| 155 return "resource"; | |
| 156 case WebURLRequest::RequestContextTrack: | |
| 157 return "Text Track"; | |
| 158 case WebURLRequest::RequestContextUnspecified: | |
| 159 return "resource"; | |
| 160 case WebURLRequest::RequestContextVideo: | |
| 161 return "video"; | |
| 162 case WebURLRequest::RequestContextWorker: | |
| 163 return "Worker script"; | |
| 164 case WebURLRequest::RequestContextXMLHttpRequest: | |
| 165 return "XMLHttpRequest endpoint"; | |
| 166 case WebURLRequest::RequestContextXSLT: | |
| 167 return "XSLT"; | |
| 168 } | |
| 169 NOTREACHED(); | |
| 170 return "resource"; | |
| 171 } | 94 } |
| 172 | 95 |
| 173 } // namespace blink | 96 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1905033002:
PlzNavigate: Move navigation-level mixed content checks to the browser. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@console-security-message