OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/CSPSourceList.h" | 5 #include "core/frame/csp/CSPSourceList.h" |
6 | 6 |
7 #include "core/frame/csp/CSPSource.h" | 7 #include "core/frame/csp/CSPSource.h" |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "platform/ParsingUtilities.h" | 9 #include "platform/ParsingUtilities.h" |
10 #include "platform/weborigin/KURL.h" | 10 #include "platform/weborigin/KURL.h" |
(...skipping 159 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
170 if (equalIgnoringCase("'unsafe-inline'", begin, end - begin)) { | 170 if (equalIgnoringCase("'unsafe-inline'", begin, end - begin)) { |
171 addSourceUnsafeInline(); | 171 addSourceUnsafeInline(); |
172 return true; | 172 return true; |
173 } | 173 } |
174 | 174 |
175 if (equalIgnoringCase("'unsafe-eval'", begin, end - begin)) { | 175 if (equalIgnoringCase("'unsafe-eval'", begin, end - begin)) { |
176 addSourceUnsafeEval(); | 176 addSourceUnsafeEval(); |
177 return true; | 177 return true; |
178 } | 178 } |
179 | 179 |
180 if (equalIgnoringCase("'unsafe-dynamic'", begin, end - begin)) { | 180 if (equalIgnoringCase("'strict-dynamic'", begin, end - begin)) { |
181 addSourceUnsafeDynamic(); | 181 addSourceStrictDynamic(); |
182 return true; | 182 return true; |
183 } | 183 } |
184 | 184 |
185 if (equalIgnoringCase("'unsafe-hashed-attributes'", begin, end - begin)) { | 185 if (equalIgnoringCase("'unsafe-hashed-attributes'", begin, end - begin)) { |
186 addSourceUnsafeHashedAttributes(); | 186 addSourceUnsafeHashedAttributes(); |
187 return true; | 187 return true; |
188 } | 188 } |
189 | 189 |
190 String nonce; | 190 String nonce; |
191 if (!parseNonce(begin, end, nonce)) | 191 if (!parseNonce(begin, end, nonce)) |
(...skipping 305 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
497 void CSPSourceList::addSourceUnsafeInline() | 497 void CSPSourceList::addSourceUnsafeInline() |
498 { | 498 { |
499 m_allowInline = true; | 499 m_allowInline = true; |
500 } | 500 } |
501 | 501 |
502 void CSPSourceList::addSourceUnsafeEval() | 502 void CSPSourceList::addSourceUnsafeEval() |
503 { | 503 { |
504 m_allowEval = true; | 504 m_allowEval = true; |
505 } | 505 } |
506 | 506 |
507 void CSPSourceList::addSourceUnsafeDynamic() | 507 void CSPSourceList::addSourceStrictDynamic() |
508 { | 508 { |
509 m_allowDynamic = true; | 509 m_allowDynamic = true; |
510 } | 510 } |
511 | 511 |
512 void CSPSourceList::addSourceUnsafeHashedAttributes() | 512 void CSPSourceList::addSourceUnsafeHashedAttributes() |
513 { | 513 { |
514 m_allowHashedAttributes = true; | 514 m_allowHashedAttributes = true; |
515 } | 515 } |
516 | 516 |
517 void CSPSourceList::addSourceNonce(const String& nonce) | 517 void CSPSourceList::addSourceNonce(const String& nonce) |
(...skipping 17 matching lines...) Expand all Loading... |
535 return false; | 535 return false; |
536 } | 536 } |
537 | 537 |
538 DEFINE_TRACE(CSPSourceList) | 538 DEFINE_TRACE(CSPSourceList) |
539 { | 539 { |
540 visitor->trace(m_policy); | 540 visitor->trace(m_policy); |
541 visitor->trace(m_list); | 541 visitor->trace(m_list); |
542 } | 542 } |
543 | 543 |
544 } // namespace blink | 544 } // namespace blink |
OLD | NEW |