| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Google Inc. All Rights Reserved. | 2 * Copyright (C) 2011 Google Inc. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 14 matching lines...) Expand all Loading... |
| 25 */ | 25 */ |
| 26 | 26 |
| 27 #ifndef SecurityContext_h | 27 #ifndef SecurityContext_h |
| 28 #define SecurityContext_h | 28 #define SecurityContext_h |
| 29 | 29 |
| 30 #include "core/CoreExport.h" | 30 #include "core/CoreExport.h" |
| 31 #include "core/dom/SandboxFlags.h" | 31 #include "core/dom/SandboxFlags.h" |
| 32 #include "platform/heap/Handle.h" | 32 #include "platform/heap/Handle.h" |
| 33 #include "platform/weborigin/Suborigin.h" | 33 #include "platform/weborigin/Suborigin.h" |
| 34 #include "public/platform/WebAddressSpace.h" | 34 #include "public/platform/WebAddressSpace.h" |
| 35 #include "public/platform/WebInsecureRequestPolicy.h" |
| 35 #include "public/platform/WebURLRequest.h" | 36 #include "public/platform/WebURLRequest.h" |
| 36 #include "wtf/HashSet.h" | 37 #include "wtf/HashSet.h" |
| 37 #include "wtf/Noncopyable.h" | 38 #include "wtf/Noncopyable.h" |
| 38 #include "wtf/PassRefPtr.h" | 39 #include "wtf/PassRefPtr.h" |
| 39 #include "wtf/RefPtr.h" | 40 #include "wtf/RefPtr.h" |
| 40 #include "wtf/text/StringHash.h" | 41 #include "wtf/text/StringHash.h" |
| 41 #include "wtf/text/WTFString.h" | 42 #include "wtf/text/WTFString.h" |
| 42 | 43 |
| 43 namespace blink { | 44 namespace blink { |
| 44 | 45 |
| 45 class SecurityOrigin; | 46 class SecurityOrigin; |
| 46 class ContentSecurityPolicy; | 47 class ContentSecurityPolicy; |
| 47 class KURL; | 48 class KURL; |
| 48 | 49 |
| 49 class CORE_EXPORT SecurityContext : public GarbageCollectedMixin { | 50 class CORE_EXPORT SecurityContext : public GarbageCollectedMixin { |
| 50 WTF_MAKE_NONCOPYABLE(SecurityContext); | 51 WTF_MAKE_NONCOPYABLE(SecurityContext); |
| 51 public: | 52 public: |
| 52 DECLARE_VIRTUAL_TRACE(); | 53 DECLARE_VIRTUAL_TRACE(); |
| 53 | 54 |
| 54 using InsecureNavigationsSet = HashSet<unsigned, WTF::AlreadyHashed>; | 55 using InsecureNavigationsSet = HashSet<unsigned, WTF::AlreadyHashed>; |
| 55 | 56 |
| 56 // The ordering here is important: 'Upgrade' overrides 'DoNotUpgrade'. | |
| 57 enum InsecureRequestsPolicy { | |
| 58 InsecureRequestsDoNotUpgrade = 0, | |
| 59 InsecureRequestsUpgrade | |
| 60 }; | |
| 61 | |
| 62 SecurityOrigin* getSecurityOrigin() const { return m_securityOrigin.get(); } | 57 SecurityOrigin* getSecurityOrigin() const { return m_securityOrigin.get(); } |
| 63 ContentSecurityPolicy* contentSecurityPolicy() const { return m_contentSecur
ityPolicy.get(); } | 58 ContentSecurityPolicy* contentSecurityPolicy() const { return m_contentSecur
ityPolicy.get(); } |
| 64 | 59 |
| 65 // Explicitly override the security origin for this security context. | 60 // Explicitly override the security origin for this security context. |
| 66 // Note: It is dangerous to change the security origin of a script context | 61 // Note: It is dangerous to change the security origin of a script context |
| 67 // that already contains content. | 62 // that already contains content. |
| 68 void setSecurityOrigin(PassRefPtr<SecurityOrigin>); | 63 void setSecurityOrigin(PassRefPtr<SecurityOrigin>); |
| 69 virtual void didUpdateSecurityOrigin() = 0; | 64 virtual void didUpdateSecurityOrigin() = 0; |
| 70 | 65 |
| 71 SandboxFlags getSandboxFlags() const { return m_sandboxFlags; } | 66 SandboxFlags getSandboxFlags() const { return m_sandboxFlags; } |
| 72 bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; } | 67 bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; } |
| 73 virtual void enforceSandboxFlags(SandboxFlags mask); | 68 virtual void enforceSandboxFlags(SandboxFlags mask); |
| 74 | 69 |
| 75 void setAddressSpace(WebAddressSpace space) { m_addressSpace = space; } | 70 void setAddressSpace(WebAddressSpace space) { m_addressSpace = space; } |
| 76 WebAddressSpace addressSpace() const { return m_addressSpace; } | 71 WebAddressSpace addressSpace() const { return m_addressSpace; } |
| 77 String addressSpaceForBindings() const; | 72 String addressSpaceForBindings() const; |
| 78 | 73 |
| 79 void setInsecureRequestsPolicy(InsecureRequestsPolicy policy) { m_insecureRe
questsPolicy = policy; } | |
| 80 InsecureRequestsPolicy getInsecureRequestsPolicy() const { return m_insecure
RequestsPolicy; } | |
| 81 | |
| 82 void addInsecureNavigationUpgrade(unsigned hashedHost) { m_insecureNavigatio
nsToUpgrade.add(hashedHost); } | 74 void addInsecureNavigationUpgrade(unsigned hashedHost) { m_insecureNavigatio
nsToUpgrade.add(hashedHost); } |
| 83 InsecureNavigationsSet* insecureNavigationsToUpgrade() { return &m_insecureN
avigationsToUpgrade; } | 75 InsecureNavigationsSet* insecureNavigationsToUpgrade() { return &m_insecureN
avigationsToUpgrade; } |
| 84 | 76 |
| 85 void setShouldEnforceStrictMixedContentChecking(bool shouldEnforce) { m_enfo
rceStrictMixedContentChecking = shouldEnforce; } | 77 virtual void setInsecureRequestPolicy(WebInsecureRequestPolicy policy) { m_i
nsecureRequestPolicy = policy; } |
| 86 bool shouldEnforceStrictMixedContentChecking() { return m_enforceStrictMixed
ContentChecking; } | 78 WebInsecureRequestPolicy getInsecureRequestPolicy() const { return m_insecur
eRequestPolicy; } |
| 87 | 79 |
| 88 void enforceSuborigin(const Suborigin&); | 80 void enforceSuborigin(const Suborigin&); |
| 89 | 81 |
| 90 protected: | 82 protected: |
| 91 SecurityContext(); | 83 SecurityContext(); |
| 92 virtual ~SecurityContext(); | 84 virtual ~SecurityContext(); |
| 93 | 85 |
| 94 void setContentSecurityPolicy(ContentSecurityPolicy*); | 86 void setContentSecurityPolicy(ContentSecurityPolicy*); |
| 95 | 87 |
| 96 void applySandboxFlags(SandboxFlags mask); | 88 void applySandboxFlags(SandboxFlags mask); |
| 97 | 89 |
| 98 private: | 90 private: |
| 99 RefPtr<SecurityOrigin> m_securityOrigin; | 91 RefPtr<SecurityOrigin> m_securityOrigin; |
| 100 Member<ContentSecurityPolicy> m_contentSecurityPolicy; | 92 Member<ContentSecurityPolicy> m_contentSecurityPolicy; |
| 101 | 93 |
| 102 SandboxFlags m_sandboxFlags; | 94 SandboxFlags m_sandboxFlags; |
| 103 | 95 |
| 104 WebAddressSpace m_addressSpace; | 96 WebAddressSpace m_addressSpace; |
| 105 InsecureRequestsPolicy m_insecureRequestsPolicy; | 97 WebInsecureRequestPolicy m_insecureRequestPolicy; |
| 106 InsecureNavigationsSet m_insecureNavigationsToUpgrade; | 98 InsecureNavigationsSet m_insecureNavigationsToUpgrade; |
| 107 bool m_enforceStrictMixedContentChecking; | |
| 108 }; | 99 }; |
| 109 | 100 |
| 110 } // namespace blink | 101 } // namespace blink |
| 111 | 102 |
| 112 #endif // SecurityContext_h | 103 #endif // SecurityContext_h |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2040133003:
Replace SecurityContext::InsecureRequestsPolicy with WebInsecureRequestPolicy. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@combine-uir-block