third_party/WebKit/Source/platform/network/HTTPParsers.cpp - Issue 1988933003: Revert "Introduce AncestorThrottle, which will process 'X-Frame-Options' headers."

Side by Side Diff: third_party/WebKit/Source/platform/network/HTTPParsers.cpp

Issue 1988933003: Revert "Introduce AncestorThrottle, which will process 'X-Frame-Options' headers." (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Rebase. Created 4 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 2006 Alexey Proskuryakov (ap@webkit.org)	2 * Copyright (C) 2006 Alexey Proskuryakov (ap@webkit.org)

3 * Copyright (C) 2006, 2007, 2008, 2009 Apple Inc. All rights reserved.	3 * Copyright (C) 2006, 2007, 2008, 2009 Apple Inc. All rights reserved.

4 * Copyright (C) 2009 Torch Mobile Inc. http://www.torchmobile.com/	4 * Copyright (C) 2009 Torch Mobile Inc. http://www.torchmobile.com/

5 * Copyright (C) 2009 Google Inc. All rights reserved.	5 * Copyright (C) 2009 Google Inc. All rights reserved.

6 * Copyright (C) 2011 Apple Inc. All Rights Reserved.	6 * Copyright (C) 2011 Apple Inc. All Rights Reserved.

7 *	7 *

8 * Redistribution and use in source and binary forms, with or without	8 * Redistribution and use in source and binary forms, with or without

9 * modification, are permitted provided that the following conditions	9 * modification, are permitted provided that the following conditions

10 * are met:	10 * are met:

(...skipping 490 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
501 }	501 }

502 }	502 }

503	503

504 ContentTypeOptionsDisposition parseContentTypeOptionsHeader(const String& header )	504 ContentTypeOptionsDisposition parseContentTypeOptionsHeader(const String& header )

505 {	505 {

506 if (header.stripWhiteSpace().lower() == "nosniff")	506 if (header.stripWhiteSpace().lower() == "nosniff")

507 return ContentTypeOptionsNosniff;	507 return ContentTypeOptionsNosniff;

508 return ContentTypeOptionsNone;	508 return ContentTypeOptionsNone;

509 }	509 }

510	510

	511 XFrameOptionsDisposition parseXFrameOptionsHeader(const String& header)

	512 {

	513 XFrameOptionsDisposition result = XFrameOptionsInvalid;

	514

	515 if (header.isEmpty())

	516 return result;

	517

	518 Vector<String> headers;

	519 header.split(',', headers);

	520

	521 bool hasValue = false;

	522 for (size_t i = 0; i < headers.size(); i++) {

	523 String currentHeader = headers[i].stripWhiteSpace();

	524 XFrameOptionsDisposition currentValue = XFrameOptionsInvalid;

	525 if (equalIgnoringCase(currentHeader, "deny"))

	526 currentValue = XFrameOptionsDeny;

	527 else if (equalIgnoringCase(currentHeader, "sameorigin"))

	528 currentValue = XFrameOptionsSameOrigin;

	529 else if (equalIgnoringCase(currentHeader, "allowall"))

	530 currentValue = XFrameOptionsAllowAll;

	531

	532 if (!hasValue)

	533 result = currentValue;

	534 else if (result != currentValue)

	535 return XFrameOptionsConflict;

	536 hasValue = true;

	537 }

	538 return result;

	539 }

	540

511 static bool isCacheHeaderSeparator(UChar c)	541 static bool isCacheHeaderSeparator(UChar c)

512 {	542 {

513 // See RFC 2616, Section 2.2	543 // See RFC 2616, Section 2.2

514 switch (c) {	544 switch (c) {

515 case '(':	545 case '(':

516 case ')':	546 case ')':

517 case '<':	547 case '<':

518 case '>':	548 case '>':

519 case '@':	549 case '@':

520 case ',':	550 case ',':

(...skipping 198 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
719 return false;	749 return false;

720 }	750 }

721	751

722 position++;	752 position++;

723 }	753 }

724	754

725 return true;	755 return true;

726 }	756 }

727	757

728 } // namespace blink	758 } // namespace blink

OLD	NEW

« no previous file with comments | « third_party/WebKit/Source/platform/network/HTTPParsers.h ('k') | no next file » | no next file with comments »