OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CSPDirectiveList_h | 5 #ifndef CSPDirectiveList_h |
6 #define CSPDirectiveList_h | 6 #define CSPDirectiveList_h |
7 | 7 |
8 #include "core/fetch/Resource.h" | 8 #include "core/fetch/Resource.h" |
9 #include "core/frame/csp/ContentSecurityPolicy.h" | 9 #include "core/frame/csp/ContentSecurityPolicy.h" |
10 #include "core/frame/csp/MediaListDirective.h" | 10 #include "core/frame/csp/MediaListDirective.h" |
(...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
135 | 135 |
136 bool strictMixedContentChecking() const { | 136 bool strictMixedContentChecking() const { |
137 return m_strictMixedContentCheckingEnforced; | 137 return m_strictMixedContentCheckingEnforced; |
138 } | 138 } |
139 void reportMixedContent(const KURL& mixedURL, | 139 void reportMixedContent(const KURL& mixedURL, |
140 ResourceRequest::RedirectStatus) const; | 140 ResourceRequest::RedirectStatus) const; |
141 | 141 |
142 const String& evalDisabledErrorMessage() const { | 142 const String& evalDisabledErrorMessage() const { |
143 return m_evalDisabledErrorMessage; | 143 return m_evalDisabledErrorMessage; |
144 } | 144 } |
145 ReflectedXSSDisposition getReflectedXSSDisposition() const { | |
146 return m_reflectedXSSDisposition; | |
147 } | |
148 ReferrerPolicy getReferrerPolicy() const { return m_referrerPolicy; } | 145 ReferrerPolicy getReferrerPolicy() const { return m_referrerPolicy; } |
149 bool didSetReferrerPolicy() const { return m_didSetReferrerPolicy; } | 146 bool didSetReferrerPolicy() const { return m_didSetReferrerPolicy; } |
150 bool isReportOnly() const { | 147 bool isReportOnly() const { |
151 return m_headerType == ContentSecurityPolicyHeaderTypeReport; | 148 return m_headerType == ContentSecurityPolicyHeaderTypeReport; |
152 } | 149 } |
153 const Vector<String>& reportEndpoints() const { return m_reportEndpoints; } | 150 const Vector<String>& reportEndpoints() const { return m_reportEndpoints; } |
154 uint8_t requireSRIForTokens() const { return m_requireSRIFor; } | 151 uint8_t requireSRIForTokens() const { return m_requireSRIFor; } |
155 bool isFrameAncestorsEnforced() const { | 152 bool isFrameAncestorsEnforced() const { |
156 return m_frameAncestors.get() && !isReportOnly(); | 153 return m_frameAncestors.get() && !isReportOnly(); |
157 } | 154 } |
(...skipping 16 matching lines...) Expand all Loading... |
174 ContentSecurityPolicyHeaderType, | 171 ContentSecurityPolicyHeaderType, |
175 ContentSecurityPolicyHeaderSource); | 172 ContentSecurityPolicyHeaderSource); |
176 | 173 |
177 bool parseDirective(const UChar* begin, | 174 bool parseDirective(const UChar* begin, |
178 const UChar* end, | 175 const UChar* end, |
179 String& name, | 176 String& name, |
180 String& value); | 177 String& value); |
181 void parseRequireSRIFor(const String& name, const String& value); | 178 void parseRequireSRIFor(const String& name, const String& value); |
182 void parseReportURI(const String& name, const String& value); | 179 void parseReportURI(const String& name, const String& value); |
183 void parsePluginTypes(const String& name, const String& value); | 180 void parsePluginTypes(const String& name, const String& value); |
184 void parseReflectedXSS(const String& name, const String& value); | |
185 void parseReferrer(const String& name, const String& value); | 181 void parseReferrer(const String& name, const String& value); |
186 void addDirective(const String& name, const String& value); | 182 void addDirective(const String& name, const String& value); |
187 void applySandboxPolicy(const String& name, const String& sandboxPolicy); | 183 void applySandboxPolicy(const String& name, const String& sandboxPolicy); |
188 void enforceStrictMixedContentChecking(const String& name, | 184 void enforceStrictMixedContentChecking(const String& name, |
189 const String& value); | 185 const String& value); |
190 void enableInsecureRequestsUpgrade(const String& name, const String& value); | 186 void enableInsecureRequestsUpgrade(const String& name, const String& value); |
191 void treatAsPublicAddress(const String& name, const String& value); | 187 void treatAsPublicAddress(const String& name, const String& value); |
192 | 188 |
193 template <class CSPDirectiveType> | 189 template <class CSPDirectiveType> |
194 void setCSPDirective(const String& name, | 190 void setCSPDirective(const String& name, |
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
274 | 270 |
275 bool denyIfEnforcingPolicy() const { return isReportOnly(); } | 271 bool denyIfEnforcingPolicy() const { return isReportOnly(); } |
276 | 272 |
277 Member<ContentSecurityPolicy> m_policy; | 273 Member<ContentSecurityPolicy> m_policy; |
278 | 274 |
279 String m_header; | 275 String m_header; |
280 ContentSecurityPolicyHeaderType m_headerType; | 276 ContentSecurityPolicyHeaderType m_headerType; |
281 ContentSecurityPolicyHeaderSource m_headerSource; | 277 ContentSecurityPolicyHeaderSource m_headerSource; |
282 | 278 |
283 bool m_hasSandboxPolicy; | 279 bool m_hasSandboxPolicy; |
284 ReflectedXSSDisposition m_reflectedXSSDisposition; | |
285 | 280 |
286 bool m_didSetReferrerPolicy; | 281 bool m_didSetReferrerPolicy; |
287 ReferrerPolicy m_referrerPolicy; | 282 ReferrerPolicy m_referrerPolicy; |
288 | 283 |
289 bool m_strictMixedContentCheckingEnforced; | 284 bool m_strictMixedContentCheckingEnforced; |
290 | 285 |
291 bool m_upgradeInsecureRequests; | 286 bool m_upgradeInsecureRequests; |
292 bool m_treatAsPublicAddress; | 287 bool m_treatAsPublicAddress; |
293 | 288 |
294 Member<MediaListDirective> m_pluginTypes; | 289 Member<MediaListDirective> m_pluginTypes; |
(...skipping 15 matching lines...) Expand all Loading... |
310 uint8_t m_requireSRIFor; | 305 uint8_t m_requireSRIFor; |
311 | 306 |
312 Vector<String> m_reportEndpoints; | 307 Vector<String> m_reportEndpoints; |
313 | 308 |
314 String m_evalDisabledErrorMessage; | 309 String m_evalDisabledErrorMessage; |
315 }; | 310 }; |
316 | 311 |
317 } // namespace blink | 312 } // namespace blink |
318 | 313 |
319 #endif | 314 #endif |
OLD | NEW |