OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/CSPSourceList.h" | 5 #include "core/frame/csp/CSPSourceList.h" |
6 | 6 |
7 #include "core/frame/csp/CSPSource.h" | 7 #include "core/frame/csp/CSPSource.h" |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "platform/ParsingUtilities.h" | 9 #include "platform/ParsingUtilities.h" |
10 #include "platform/weborigin/KURL.h" | 10 #include "platform/weborigin/KURL.h" |
(...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
169 if (equalIgnoringCase("'unsafe-inline'", begin, end - begin)) { | 169 if (equalIgnoringCase("'unsafe-inline'", begin, end - begin)) { |
170 addSourceUnsafeInline(); | 170 addSourceUnsafeInline(); |
171 return true; | 171 return true; |
172 } | 172 } |
173 | 173 |
174 if (equalIgnoringCase("'unsafe-eval'", begin, end - begin)) { | 174 if (equalIgnoringCase("'unsafe-eval'", begin, end - begin)) { |
175 addSourceUnsafeEval(); | 175 addSourceUnsafeEval(); |
176 return true; | 176 return true; |
177 } | 177 } |
178 | 178 |
179 if (equalIgnoringCase("'unsafe-dynamic'", begin, end - begin)) { | 179 if (equalIgnoringCase("'strict-dynamic'", begin, end - begin)) { |
180 addSourceUnsafeDynamic(); | 180 addSourceStrictDynamic(); |
181 return true; | 181 return true; |
182 } | 182 } |
183 | 183 |
184 if (equalIgnoringCase("'unsafe-hashed-attributes'", begin, end - begin)) { | 184 if (equalIgnoringCase("'unsafe-hashed-attributes'", begin, end - begin)) { |
185 addSourceUnsafeHashedAttributes(); | 185 addSourceUnsafeHashedAttributes(); |
186 return true; | 186 return true; |
187 } | 187 } |
188 | 188 |
189 String nonce; | 189 String nonce; |
190 if (!parseNonce(begin, end, nonce)) | 190 if (!parseNonce(begin, end, nonce)) |
(...skipping 305 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
496 void CSPSourceList::addSourceUnsafeInline() | 496 void CSPSourceList::addSourceUnsafeInline() |
497 { | 497 { |
498 m_allowInline = true; | 498 m_allowInline = true; |
499 } | 499 } |
500 | 500 |
501 void CSPSourceList::addSourceUnsafeEval() | 501 void CSPSourceList::addSourceUnsafeEval() |
502 { | 502 { |
503 m_allowEval = true; | 503 m_allowEval = true; |
504 } | 504 } |
505 | 505 |
506 void CSPSourceList::addSourceUnsafeDynamic() | 506 void CSPSourceList::addSourceStrictDynamic() |
507 { | 507 { |
508 m_allowDynamic = true; | 508 m_allowDynamic = true; |
509 } | 509 } |
510 | 510 |
511 void CSPSourceList::addSourceUnsafeHashedAttributes() | 511 void CSPSourceList::addSourceUnsafeHashedAttributes() |
512 { | 512 { |
513 m_allowHashedAttributes = true; | 513 m_allowHashedAttributes = true; |
514 } | 514 } |
515 | 515 |
516 void CSPSourceList::addSourceNonce(const String& nonce) | 516 void CSPSourceList::addSourceNonce(const String& nonce) |
(...skipping 17 matching lines...) Expand all Loading... |
534 return false; | 534 return false; |
535 } | 535 } |
536 | 536 |
537 DEFINE_TRACE(CSPSourceList) | 537 DEFINE_TRACE(CSPSourceList) |
538 { | 538 { |
539 visitor->trace(m_policy); | 539 visitor->trace(m_policy); |
540 visitor->trace(m_list); | 540 visitor->trace(m_list); |
541 } | 541 } |
542 | 542 |
543 } // namespace blink | 543 } // namespace blink |
OLD | NEW |