OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2009 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
51 // that pages loaded with this URL scheme cannot access pages loaded with | 51 // that pages loaded with this URL scheme cannot access pages loaded with |
52 // any other URL scheme. | 52 // any other URL scheme. |
53 BLINK_EXPORT static void registerURLSchemeAsNoAccess(const WebString&); | 53 BLINK_EXPORT static void registerURLSchemeAsNoAccess(const WebString&); |
54 | 54 |
55 // Registers a URL scheme to be treated as display-isolated. This means | 55 // Registers a URL scheme to be treated as display-isolated. This means |
56 // that pages cannot display these URLs unless they are from the same | 56 // that pages cannot display these URLs unless they are from the same |
57 // scheme. For example, pages in other origin cannot create iframes or | 57 // scheme. For example, pages in other origin cannot create iframes or |
58 // hyperlinks to URLs with the scheme. | 58 // hyperlinks to URLs with the scheme. |
59 BLINK_EXPORT static void registerURLSchemeAsDisplayIsolated(const WebString&); | 59 BLINK_EXPORT static void registerURLSchemeAsDisplayIsolated(const WebString&); |
60 | 60 |
61 // Registers a URL scheme to generate mixed content warnings when resources wh
ose | 61 // Registers a URL scheme to generate mixed content warnings when resources |
62 // schemes are not registered as "secure" are embedded. | 62 // whose schemes are not registered as "secure" are embedded. |
63 BLINK_EXPORT static void registerURLSchemeAsRestrictingMixedContent( | 63 BLINK_EXPORT static void registerURLSchemeAsRestrictingMixedContent( |
64 const WebString&); | 64 const WebString&); |
65 | 65 |
66 // Subresources transported by secure schemes do not trigger mixed content | 66 // Subresources transported by secure schemes do not trigger mixed content |
67 // warnings. For example, https and data are secure schemes because they | 67 // warnings. For example, https and data are secure schemes because they |
68 // cannot be corrupted by active network attackers. | 68 // cannot be corrupted by active network attackers. |
69 BLINK_EXPORT static void registerURLSchemeAsSecure(const WebString&); | 69 BLINK_EXPORT static void registerURLSchemeAsSecure(const WebString&); |
70 | 70 |
71 // Returns true if the scheme has been registered as a secure scheme. | 71 // Returns true if the scheme has been registered as a secure scheme. |
72 BLINK_EXPORT static bool shouldTreatURLSchemeAsSecure(const WebString&); | 72 BLINK_EXPORT static bool shouldTreatURLSchemeAsSecure(const WebString&); |
73 | 73 |
74 // Registers a non-HTTP URL scheme which can be sent CORS requests. | 74 // Registers a non-HTTP URL scheme which can be sent CORS requests. |
75 BLINK_EXPORT static void registerURLSchemeAsCORSEnabled(const WebString&); | 75 BLINK_EXPORT static void registerURLSchemeAsCORSEnabled(const WebString&); |
76 | 76 |
77 // Registers a URL scheme that can register a ServiceWorker. | 77 // Registers a URL scheme that can register a ServiceWorker. |
78 BLINK_EXPORT static void registerURLSchemeAsAllowingServiceWorkers( | 78 BLINK_EXPORT static void registerURLSchemeAsAllowingServiceWorkers( |
79 const WebString&); | 79 const WebString&); |
80 | 80 |
81 // Registers an HTTP-like URL scheme that supports the Fetch API. | 81 // Registers an HTTP-like URL scheme that supports the Fetch API. |
82 BLINK_EXPORT static void registerURLSchemeAsSupportingFetchAPI( | 82 BLINK_EXPORT static void registerURLSchemeAsSupportingFetchAPI( |
83 const WebString&); | 83 const WebString&); |
84 | 84 |
85 // Registers a URL scheme whose resources can be loaded regardless of a page's
Content Security Policy. | 85 // Registers a URL scheme whose resources can be loaded regardless of a page's |
| 86 // Content Security Policy. |
86 BLINK_EXPORT static void registerURLSchemeAsBypassingContentSecurityPolicy( | 87 BLINK_EXPORT static void registerURLSchemeAsBypassingContentSecurityPolicy( |
87 const WebString&); | 88 const WebString&); |
88 | 89 |
89 // Registers a URL scheme which will always be considered the first-party when
loaded in a top-level context. | 90 // Registers a URL scheme which will always be considered the first-party when |
| 91 // loaded in a top-level context. |
90 BLINK_EXPORT static void registerURLSchemeAsFirstPartyWhenTopLevel( | 92 BLINK_EXPORT static void registerURLSchemeAsFirstPartyWhenTopLevel( |
91 const WebString&); | 93 const WebString&); |
92 | 94 |
93 // Registers a URL scheme for which some kinds of resources bypass Content Sec
urity Policy. | 95 // Registers a URL scheme for which some kinds of resources bypass Content |
94 // This enum should be kept in sync with Source/platform/weborigin/SchemeRegis
try.h. | 96 // Security Policy. |
| 97 // This enum should be kept in sync with |
| 98 // Source/platform/weborigin/SchemeRegistry.h. |
95 // Enforced in AssertMatchingEnums.cpp. | 99 // Enforced in AssertMatchingEnums.cpp. |
96 enum PolicyAreas : uint32_t { | 100 enum PolicyAreas : uint32_t { |
97 PolicyAreaNone = 0, | 101 PolicyAreaNone = 0, |
98 PolicyAreaImage = 1 << 0, | 102 PolicyAreaImage = 1 << 0, |
99 PolicyAreaStyle = 1 << 1, | 103 PolicyAreaStyle = 1 << 1, |
100 // Add more policy areas as needed by clients. | 104 // Add more policy areas as needed by clients. |
101 PolicyAreaAll = ~static_cast<uint32_t>(0), | 105 PolicyAreaAll = ~static_cast<uint32_t>(0), |
102 }; | 106 }; |
103 BLINK_EXPORT static void registerURLSchemeAsBypassingContentSecurityPolicy( | 107 BLINK_EXPORT static void registerURLSchemeAsBypassingContentSecurityPolicy( |
104 const WebString& scheme, | 108 const WebString& scheme, |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
146 BLINK_EXPORT static void registerURLSchemeAsAllowedForReferrer( | 150 BLINK_EXPORT static void registerURLSchemeAsAllowedForReferrer( |
147 const WebString&); | 151 const WebString&); |
148 | 152 |
149 private: | 153 private: |
150 WebSecurityPolicy(); | 154 WebSecurityPolicy(); |
151 }; | 155 }; |
152 | 156 |
153 } // namespace blink | 157 } // namespace blink |
154 | 158 |
155 #endif | 159 #endif |
OLD | NEW |