OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CSPSourceList_h | 5 #ifndef CSPSourceList_h |
6 #define CSPSourceList_h | 6 #define CSPSourceList_h |
7 | 7 |
8 #include "core/CoreExport.h" | 8 #include "core/CoreExport.h" |
9 #include "core/frame/csp/CSPSource.h" | 9 #include "core/frame/csp/CSPSource.h" |
10 #include "platform/Crypto.h" | 10 #include "platform/Crypto.h" |
(...skipping 15 matching lines...) Expand all Loading... |
26 DECLARE_TRACE(); | 26 DECLARE_TRACE(); |
27 | 27 |
28 void parse(const UChar* begin, const UChar* end); | 28 void parse(const UChar* begin, const UChar* end); |
29 | 29 |
30 bool matches(const KURL&, ContentSecurityPolicy::RedirectStatus = ContentSec
urityPolicy::DidNotRedirect) const; | 30 bool matches(const KURL&, ContentSecurityPolicy::RedirectStatus = ContentSec
urityPolicy::DidNotRedirect) const; |
31 bool allowInline() const; | 31 bool allowInline() const; |
32 bool allowEval() const; | 32 bool allowEval() const; |
33 bool allowDynamic() const; | 33 bool allowDynamic() const; |
34 bool allowNonce(const String&) const; | 34 bool allowNonce(const String&) const; |
35 bool allowHash(const CSPHashValue&) const; | 35 bool allowHash(const CSPHashValue&) const; |
| 36 bool allowHashedAttributes() const; |
36 uint8_t hashAlgorithmsUsed() const; | 37 uint8_t hashAlgorithmsUsed() const; |
37 | 38 |
38 bool isHashOrNoncePresent() const; | 39 bool isHashOrNoncePresent() const; |
39 | 40 |
40 private: | 41 private: |
41 bool parseSource(const UChar* begin, const UChar* end, String& scheme, Strin
g& host, int& port, String& path, CSPSource::WildcardDisposition&, CSPSource::Wi
ldcardDisposition&); | 42 bool parseSource(const UChar* begin, const UChar* end, String& scheme, Strin
g& host, int& port, String& path, CSPSource::WildcardDisposition&, CSPSource::Wi
ldcardDisposition&); |
42 bool parseScheme(const UChar* begin, const UChar* end, String& scheme); | 43 bool parseScheme(const UChar* begin, const UChar* end, String& scheme); |
43 bool parseHost(const UChar* begin, const UChar* end, String& host, CSPSource
::WildcardDisposition&); | 44 bool parseHost(const UChar* begin, const UChar* end, String& host, CSPSource
::WildcardDisposition&); |
44 bool parsePort(const UChar* begin, const UChar* end, int& port, CSPSource::W
ildcardDisposition&); | 45 bool parsePort(const UChar* begin, const UChar* end, int& port, CSPSource::W
ildcardDisposition&); |
45 bool parsePath(const UChar* begin, const UChar* end, String& path); | 46 bool parsePath(const UChar* begin, const UChar* end, String& path); |
46 bool parseNonce(const UChar* begin, const UChar* end, String& nonce); | 47 bool parseNonce(const UChar* begin, const UChar* end, String& nonce); |
47 bool parseHash(const UChar* begin, const UChar* end, DigestValue& hash, Cont
entSecurityPolicyHashAlgorithm&); | 48 bool parseHash(const UChar* begin, const UChar* end, DigestValue& hash, Cont
entSecurityPolicyHashAlgorithm&); |
48 | 49 |
49 void addSourceSelf(); | 50 void addSourceSelf(); |
50 void addSourceStar(); | 51 void addSourceStar(); |
51 void addSourceUnsafeInline(); | 52 void addSourceUnsafeInline(); |
52 void addSourceUnsafeEval(); | 53 void addSourceUnsafeEval(); |
53 void addSourceUnsafeDynamic(); | 54 void addSourceUnsafeDynamic(); |
| 55 void addSourceUnsafeHashedAttributes(); |
54 void addSourceNonce(const String& nonce); | 56 void addSourceNonce(const String& nonce); |
55 void addSourceHash(const ContentSecurityPolicyHashAlgorithm&, const DigestVa
lue& hash); | 57 void addSourceHash(const ContentSecurityPolicyHashAlgorithm&, const DigestVa
lue& hash); |
56 | 58 |
57 bool hasSourceMatchInList(const KURL&, ContentSecurityPolicy::RedirectStatus
) const; | 59 bool hasSourceMatchInList(const KURL&, ContentSecurityPolicy::RedirectStatus
) const; |
58 | 60 |
59 Member<ContentSecurityPolicy> m_policy; | 61 Member<ContentSecurityPolicy> m_policy; |
60 HeapVector<Member<CSPSource>> m_list; | 62 HeapVector<Member<CSPSource>> m_list; |
61 String m_directiveName; | 63 String m_directiveName; |
62 bool m_allowSelf; | 64 bool m_allowSelf; |
63 bool m_allowStar; | 65 bool m_allowStar; |
64 bool m_allowInline; | 66 bool m_allowInline; |
65 bool m_allowEval; | 67 bool m_allowEval; |
66 bool m_allowDynamic; | 68 bool m_allowDynamic; |
| 69 bool m_allowHashedAttributes; |
67 HashSet<String> m_nonces; | 70 HashSet<String> m_nonces; |
68 HashSet<CSPHashValue> m_hashes; | 71 HashSet<CSPHashValue> m_hashes; |
69 uint8_t m_hashAlgorithmsUsed; | 72 uint8_t m_hashAlgorithmsUsed; |
70 }; | 73 }; |
71 | 74 |
72 | 75 |
73 } // namespace blink | 76 } // namespace blink |
74 | 77 |
75 #endif | 78 #endif |
OLD | NEW |