| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "core/frame/csp/CSPSource.h" | 5 #include "core/frame/csp/CSPSource.h" |
| 6 | 6 |
| 7 #include "core/frame/UseCounter.h" | 7 #include "core/frame/UseCounter.h" |
| 8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
| 9 #include "platform/weborigin/KURL.h" | 9 #include "platform/weborigin/KURL.h" |
| 10 #include "platform/weborigin/KnownPorts.h" | 10 #include "platform/weborigin/KnownPorts.h" |
| 11 #include "platform/weborigin/SecurityOrigin.h" | 11 #include "platform/weborigin/SecurityOrigin.h" |
| 12 #include "wtf/text/WTFString.h" | 12 #include "wtf/text/WTFString.h" |
| 13 | 13 |
| 14 namespace blink { | 14 namespace blink { |
| 15 | 15 |
| 16 CSPSource::CSPSource(ContentSecurityPolicy* policy, const String& scheme, const
String& host, int port, const String& path, WildcardDisposition hostWildcard, Wi
ldcardDisposition portWildcard) | 16 CSPSource::CSPSource(ContentSecurityPolicy* policy, const String& scheme, const
String& host, int port, const String& path, WildcardDisposition hostWildcard, Wi
ldcardDisposition portWildcard) |
| 17 : m_policy(policy) | 17 : m_policy(policy) |
| 18 , m_scheme(scheme) | 18 , m_scheme(scheme) |
| 19 , m_host(host) | 19 , m_host(host) |
| 20 , m_port(port) | 20 , m_port(port) |
| 21 , m_path(path) | 21 , m_path(path) |
| 22 , m_hostWildcard(hostWildcard) | 22 , m_hostWildcard(hostWildcard) |
| 23 , m_portWildcard(portWildcard) | 23 , m_portWildcard(portWildcard) |
| 24 { | 24 { |
| 25 } | 25 } |
| 26 | 26 |
| 27 bool CSPSource::matches(const KURL& url, ContentSecurityPolicy::RedirectStatus r
edirectStatus) const | 27 bool CSPSource::matches(const KURL& url, ResourceRequest::RedirectStatus redirec
tStatus) const |
| 28 { | 28 { |
| 29 if (!schemeMatches(url)) | 29 if (!schemeMatches(url)) |
| 30 return false; | 30 return false; |
| 31 if (isSchemeOnly()) | 31 if (isSchemeOnly()) |
| 32 return true; | 32 return true; |
| 33 bool pathsMatch = (redirectStatus == ContentSecurityPolicy::DidRedirect) ||
pathMatches(url); | 33 bool pathsMatch = (redirectStatus == RedirectStatus::FollowedRedirect) || pa
thMatches(url); |
| 34 return hostMatches(url) && portMatches(url) && pathsMatch; | 34 return hostMatches(url) && portMatches(url) && pathsMatch; |
| 35 } | 35 } |
| 36 | 36 |
| 37 bool CSPSource::schemeMatches(const KURL& url) const | 37 bool CSPSource::schemeMatches(const KURL& url) const |
| 38 { | 38 { |
| 39 if (m_scheme.isEmpty()) | 39 if (m_scheme.isEmpty()) |
| 40 return m_policy->protocolMatchesSelf(url); | 40 return m_policy->protocolMatchesSelf(url); |
| 41 if (equalIgnoringCase(m_scheme, "http")) | 41 if (equalIgnoringCase(m_scheme, "http")) |
| 42 return equalIgnoringCase(url.protocol(), "http") || equalIgnoringCase(ur
l.protocol(), "https"); | 42 return equalIgnoringCase(url.protocol(), "http") || equalIgnoringCase(ur
l.protocol(), "https"); |
| 43 if (equalIgnoringCase(m_scheme, "ws")) | 43 if (equalIgnoringCase(m_scheme, "ws")) |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 104 { | 104 { |
| 105 return m_host.isEmpty(); | 105 return m_host.isEmpty(); |
| 106 } | 106 } |
| 107 | 107 |
| 108 DEFINE_TRACE(CSPSource) | 108 DEFINE_TRACE(CSPSource) |
| 109 { | 109 { |
| 110 visitor->trace(m_policy); | 110 visitor->trace(m_policy); |
| 111 } | 111 } |
| 112 | 112 |
| 113 } // namespace blink | 113 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2025633002:
Move 'ContentSecurityPolicy::RedirectStatus' into 'ResourceRequest' (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master