OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef FeaturePolicy_h | |
6 #define FeaturePolicy_h | |
7 | |
8 #include "platform/PlatformExport.h" | |
9 #include "platform/heap/Handle.h" | |
10 #include "platform/weborigin/SecurityOrigin.h" | |
11 #include "wtf/RefPtr.h" | |
12 #include "wtf/Vector.h" | |
13 #include "wtf/text/WTFString.h" | |
14 | |
15 namespace blink { | |
16 | |
17 // The FeaturePolicyFeatureDefault enum defines the default enable state for a | |
18 // feature when neither it nor any parent frame have declared an explicit | |
19 // policy. The three possibilities map directly to Feature Policy Whitelist | |
20 // semantics. | |
21 enum FeaturePolicyFeatureDefault { | |
dcheng
2016/10/20 17:41:44
Nit: prefer enum classes in new code
iclelland
2016/10/21 13:38:25
Done. Renamed values to avoid unnecessary 'k' as w
| |
22 // Equivalent to []. The feature is never available by default, and can only | |
23 // be enabled by an explicit policy. | |
24 kDisableFeatureForAllOrigins, | |
25 | |
26 // Equivalent to ["self"]. The feature is enabled for top-level frames, but | |
27 // must be delegated to child frames in order for them to have access. | |
28 kEnableFeatureForSelf, | |
29 | |
30 // Equivalent to ["*"]. The feature is enabled by default for all frames, but | |
31 // can be disabled through policy by any frame, at which point it cannot be | |
32 // reenabled by any of that frame's children. | |
33 kEnableFeatureForAllOrigins | |
34 }; | |
35 | |
36 // The FeaturePolicyFeature struct is used to define all features under control | |
37 // of Feature Policy. There should only be one instance of this struct for any | |
38 // given feature (declared below). | |
39 struct FeaturePolicyFeature { | |
40 // The name of the feature, as it should appear in a policy string | |
41 const char* featureName; | |
42 | |
43 // Controls whether the feature should be available in the platform by | |
44 // default, in the absence of any declared policy. | |
45 FeaturePolicyFeatureDefault defaultPolicy; | |
46 }; | |
47 | |
48 // Declarations for all features currently under control of the Feature Policy | |
49 // mechanism should be placed here. | |
50 extern const PLATFORM_EXPORT FeaturePolicyFeature kDocumentCookie; | |
51 extern const PLATFORM_EXPORT FeaturePolicyFeature kDocumentDomain; | |
52 extern const PLATFORM_EXPORT FeaturePolicyFeature kDocumentWrite; | |
53 extern const PLATFORM_EXPORT FeaturePolicyFeature kGeolocationFeature; | |
54 extern const PLATFORM_EXPORT FeaturePolicyFeature kMidiFeature; | |
55 extern const PLATFORM_EXPORT FeaturePolicyFeature kNotificationsFeature; | |
56 extern const PLATFORM_EXPORT FeaturePolicyFeature kPaymentFeature; | |
57 extern const PLATFORM_EXPORT FeaturePolicyFeature kPushFeature; | |
58 extern const PLATFORM_EXPORT FeaturePolicyFeature kSyncScript; | |
59 extern const PLATFORM_EXPORT FeaturePolicyFeature kSyncXHR; | |
60 extern const PLATFORM_EXPORT FeaturePolicyFeature kUsermedia; | |
61 extern const PLATFORM_EXPORT FeaturePolicyFeature kVibrateFeature; | |
62 extern const PLATFORM_EXPORT FeaturePolicyFeature kWebRTC; | |
63 | |
64 class PLATFORM_EXPORT FeaturePolicy final | |
65 : public GarbageCollectedFinalized<FeaturePolicy> { | |
66 public: | |
67 // Represents a collection of origins which make up a whitelist in a feature | |
68 // policy. This collection may be set to match every origin (corresponding to | |
69 // the "*" syntax in the policy string, in which case the contains() method | |
70 // will always return true. | |
71 class Whitelist final : public GarbageCollectedFinalized<Whitelist> { | |
dcheng
2016/10/20 17:41:44
I think this doesn't need to be GCed (nor FeatureP
iclelland
2016/10/21 13:38:25
Done; Removed oilpan. I think the pointer manageme
| |
72 public: | |
73 Whitelist(); | |
74 | |
75 // Adds a single origin to the whitelist. | |
76 void add(RefPtr<SecurityOrigin>); | |
77 | |
78 // Adds all origins to the whitelist. | |
79 void addAll(); | |
80 | |
81 // Returns true if the given origin has been added to the whitelist. | |
82 bool contains(const SecurityOrigin&) const; | |
83 String toString(); | |
84 | |
85 DEFINE_INLINE_VIRTUAL_TRACE() {} | |
86 | |
87 private: | |
88 bool m_matchesAllOrigins; | |
89 Vector<RefPtr<SecurityOrigin>> m_origins; | |
90 }; | |
91 | |
92 static FeaturePolicy* createFromParentPolicy(const FeaturePolicy* parent, | |
93 RefPtr<SecurityOrigin>); | |
94 | |
95 // Sets the declared policy from the Feature-Policy HTTP header. | |
96 void setHeaderPolicy(const String&); | |
97 | |
98 // Returns whether or not the given feature is enabled by this policy. | |
99 bool isFeatureEnabledForOrigin(const FeaturePolicyFeature*, | |
100 const SecurityOrigin&) const; | |
101 | |
102 // Returns whether or not the given feature is enabled for the frame that owns | |
103 // the policy. | |
104 bool isFeatureEnabled(const FeaturePolicyFeature*) const; | |
105 | |
106 // Returns the global feature registry; the set of all features which can be | |
107 // controlled by Feature Policy. | |
108 static Vector<const FeaturePolicyFeature*>& getFeatureRegistry(); | |
109 | |
110 String toString(); | |
111 | |
112 DECLARE_VIRTUAL_TRACE(); | |
113 | |
114 private: | |
115 explicit FeaturePolicy(RefPtr<SecurityOrigin>); | |
116 | |
117 // Parses a policy string into a set of whitelists for features. | |
118 HeapHashMap<const FeaturePolicyFeature*, Member<Whitelist>> parse( | |
119 const String&); | |
120 | |
121 RefPtr<SecurityOrigin> m_origin; | |
122 | |
123 // Records whether or not each feature was enabled for this frame by its | |
124 // parent frame. | |
125 // TODO(iclelland): Generate, instead of this map, a set of bool flags, one | |
126 // for each feature, as all features are supposed to be represented here. | |
127 HashMap<const FeaturePolicyFeature*, bool> m_inheritedFeatures; | |
128 | |
129 // Map of feature names to declared whitelists. Any feature which is missing | |
130 // from this map should use the inherited policy. | |
131 HeapHashMap<const FeaturePolicyFeature*, Member<Whitelist>> | |
132 m_headerWhitelists; | |
133 | |
134 DISALLOW_COPY_AND_ASSIGN(FeaturePolicy); | |
135 }; | |
136 | |
137 } // namespace blink | |
138 | |
139 #endif // FeaturePolicy_h | |
OLD | NEW |