Chromium Code Reviews Chromium Code Reviews
Issue 2404373003:
Experimental Feature: Allow-CSP-From header (Closed)
| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 335 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 346 bool experimentalFeaturesEnabled() const; | 346 bool experimentalFeaturesEnabled() const; |
| 347 | 347 |
| 348 bool shouldSendCSPHeader(Resource::Type) const; | 348 bool shouldSendCSPHeader(Resource::Type) const; |
| 349 | 349 |
| 350 static bool shouldBypassMainWorld(const ExecutionContext*); | 350 static bool shouldBypassMainWorld(const ExecutionContext*); |
| 351 | 351 |
| 352 static bool isDirectiveName(const String&); | 352 static bool isDirectiveName(const String&); |
| 353 | 353 |
| 354 static bool isNonceableElement(const Element*); | 354 static bool isNonceableElement(const Element*); |
| 355 | 355 |
| 356 static bool checkAllowBlanketEnforcement(const ResourceResponse&, | |
|
Mike West
2016/10/13 11:01:42
Nit: Perhaps naming this something like `shouldEnf
| |
| 357 const KURL&); | |
|
Mike West
2016/10/13 11:01:42
1. As discussed below, passing an origin here woul
| |
| 358 | |
| 356 Document* document() const; | 359 Document* document() const; |
| 357 | 360 |
| 358 private: | 361 private: |
| 359 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceInline); | 362 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceInline); |
| 360 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceSinglePolicy); | 363 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceSinglePolicy); |
| 361 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceMultiplePolicy); | 364 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceMultiplePolicy); |
| 362 | 365 |
| 363 ContentSecurityPolicy(); | 366 ContentSecurityPolicy(); |
| 364 | 367 |
| 365 void applyPolicySideEffectsToExecutionContext(); | 368 void applyPolicySideEffectsToExecutionContext(); |
| (...skipping 29 matching lines...) Expand all Loading... | |
| 395 String m_disableEvalErrorMessage; | 398 String m_disableEvalErrorMessage; |
| 396 WebInsecureRequestPolicy m_insecureRequestPolicy; | 399 WebInsecureRequestPolicy m_insecureRequestPolicy; |
| 397 | 400 |
| 398 Member<CSPSource> m_selfSource; | 401 Member<CSPSource> m_selfSource; |
| 399 String m_selfProtocol; | 402 String m_selfProtocol; |
| 400 }; | 403 }; |
| 401 | 404 |
| 402 } // namespace blink | 405 } // namespace blink |
| 403 | 406 |
| 404 #endif | 407 #endif |
| OLD | NEW |
