OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 336 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
347 bool experimentalFeaturesEnabled() const; | 347 bool experimentalFeaturesEnabled() const; |
348 | 348 |
349 bool shouldSendCSPHeader(Resource::Type) const; | 349 bool shouldSendCSPHeader(Resource::Type) const; |
350 | 350 |
351 static bool shouldBypassMainWorld(const ExecutionContext*); | 351 static bool shouldBypassMainWorld(const ExecutionContext*); |
352 | 352 |
353 static bool isDirectiveName(const String&); | 353 static bool isDirectiveName(const String&); |
354 | 354 |
355 static bool isNonceableElement(const Element*); | 355 static bool isNonceableElement(const Element*); |
356 | 356 |
| 357 // This method checks whether the request should be allowed for an |
| 358 // experimental EmbeddingCSP feature |
| 359 // Please, see https://w3c.github.io/webappsec-csp/embedded/#origin-allowed. |
| 360 static bool shouldEnforceEmbeddersPolicy(const ResourceResponse&, |
| 361 SecurityOrigin*); |
| 362 |
357 Document* document() const; | 363 Document* document() const; |
358 | 364 |
359 private: | 365 private: |
360 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceInline); | 366 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceInline); |
361 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceSinglePolicy); | 367 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceSinglePolicy); |
362 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceMultiplePolicy); | 368 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceMultiplePolicy); |
363 | 369 |
364 ContentSecurityPolicy(); | 370 ContentSecurityPolicy(); |
365 | 371 |
366 void applyPolicySideEffectsToExecutionContext(); | 372 void applyPolicySideEffectsToExecutionContext(); |
(...skipping 29 matching lines...) Expand all Loading... |
396 String m_disableEvalErrorMessage; | 402 String m_disableEvalErrorMessage; |
397 WebInsecureRequestPolicy m_insecureRequestPolicy; | 403 WebInsecureRequestPolicy m_insecureRequestPolicy; |
398 | 404 |
399 Member<CSPSource> m_selfSource; | 405 Member<CSPSource> m_selfSource; |
400 String m_selfProtocol; | 406 String m_selfProtocol; |
401 }; | 407 }; |
402 | 408 |
403 } // namespace blink | 409 } // namespace blink |
404 | 410 |
405 #endif | 411 #endif |
OLD | NEW |