OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 2 * Copyright (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
3 * Copyright (C) 2006, 2007, 2008, 2009 Apple Inc. All rights reserved. | 3 * Copyright (C) 2006, 2007, 2008, 2009 Apple Inc. All rights reserved. |
4 * Copyright (C) 2009 Torch Mobile Inc. http://www.torchmobile.com/ | 4 * Copyright (C) 2009 Torch Mobile Inc. http://www.torchmobile.com/ |
5 * Copyright (C) 2009 Google Inc. All rights reserved. | 5 * Copyright (C) 2009 Google Inc. All rights reserved. |
6 * Copyright (C) 2011 Apple Inc. All Rights Reserved. | 6 * Copyright (C) 2011 Apple Inc. All Rights Reserved. |
7 * | 7 * |
8 * Redistribution and use in source and binary forms, with or without | 8 * Redistribution and use in source and binary forms, with or without |
9 * modification, are permitted provided that the following conditions | 9 * modification, are permitted provided that the following conditions |
10 * are met: | 10 * are met: |
(...skipping 546 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
557 } | 557 } |
558 } | 558 } |
559 | 559 |
560 ContentTypeOptionsDisposition parseContentTypeOptionsHeader( | 560 ContentTypeOptionsDisposition parseContentTypeOptionsHeader( |
561 const String& header) { | 561 const String& header) { |
562 if (header.stripWhiteSpace().lower() == "nosniff") | 562 if (header.stripWhiteSpace().lower() == "nosniff") |
563 return ContentTypeOptionsNosniff; | 563 return ContentTypeOptionsNosniff; |
564 return ContentTypeOptionsNone; | 564 return ContentTypeOptionsNone; |
565 } | 565 } |
566 | 566 |
567 XFrameOptionsDisposition parseXFrameOptionsHeader(const String& header) { | |
568 XFrameOptionsDisposition result = XFrameOptionsInvalid; | |
569 | |
570 if (header.isEmpty()) | |
571 return result; | |
572 | |
573 Vector<String> headers; | |
574 header.split(',', headers); | |
575 | |
576 bool hasValue = false; | |
577 for (size_t i = 0; i < headers.size(); i++) { | |
578 String currentHeader = headers[i].stripWhiteSpace(); | |
579 XFrameOptionsDisposition currentValue = XFrameOptionsInvalid; | |
580 if (equalIgnoringCase(currentHeader, "deny")) | |
581 currentValue = XFrameOptionsDeny; | |
582 else if (equalIgnoringCase(currentHeader, "sameorigin")) | |
583 currentValue = XFrameOptionsSameOrigin; | |
584 else if (equalIgnoringCase(currentHeader, "allowall")) | |
585 currentValue = XFrameOptionsAllowAll; | |
586 | |
587 if (!hasValue) | |
588 result = currentValue; | |
589 else if (result != currentValue) | |
590 return XFrameOptionsConflict; | |
591 hasValue = true; | |
592 } | |
593 return result; | |
594 } | |
595 | |
596 static bool isCacheHeaderSeparator(UChar c) { | 567 static bool isCacheHeaderSeparator(UChar c) { |
597 // See RFC 2616, Section 2.2 | 568 // See RFC 2616, Section 2.2 |
598 switch (c) { | 569 switch (c) { |
599 case '(': | 570 case '(': |
600 case ')': | 571 case ')': |
601 case '<': | 572 case '<': |
602 case '>': | 573 case '>': |
603 case '@': | 574 case '@': |
604 case ',': | 575 case ',': |
605 case ';': | 576 case ';': |
(...skipping 268 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
874 response->clearHTTPHeaderField(header); | 845 response->clearHTTPHeaderField(header); |
875 while (responseHeaders->EnumerateHeader(&iterator, headerStringPiece, | 846 while (responseHeaders->EnumerateHeader(&iterator, headerStringPiece, |
876 &value)) { | 847 &value)) { |
877 response->addHTTPHeaderField(header, WebString::fromLatin1(value)); | 848 response->addHTTPHeaderField(header, WebString::fromLatin1(value)); |
878 } | 849 } |
879 } | 850 } |
880 return true; | 851 return true; |
881 } | 852 } |
882 | 853 |
883 } // namespace blink | 854 } // namespace blink |
OLD | NEW |