Chromium Code Reviews Chromium Code Reviews
Issue 2442513004:
Part 1.1: Is policy list subsumed under subsuming policy? (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CSPSource_h | 5 #ifndef CSPSource_h |
| 6 #define CSPSource_h | 6 #define CSPSource_h |
| 7 | 7 |
| 8 #include "core/CoreExport.h" | 8 #include "core/CoreExport.h" |
| 9 #include "core/frame/csp/ContentSecurityPolicy.h" | 9 #include "core/frame/csp/ContentSecurityPolicy.h" |
| 10 #include "platform/heap/Handle.h" | 10 #include "platform/heap/Handle.h" |
| (...skipping 13 matching lines...) Expand all Loading... | |
| 24 CSPSource(ContentSecurityPolicy*, | 24 CSPSource(ContentSecurityPolicy*, |
| 25 const String& scheme, | 25 const String& scheme, |
| 26 const String& host, | 26 const String& host, |
| 27 int port, | 27 int port, |
| 28 const String& path, | 28 const String& path, |
| 29 WildcardDisposition hostWildcard, | 29 WildcardDisposition hostWildcard, |
| 30 WildcardDisposition portWildcard); | 30 WildcardDisposition portWildcard); |
| 31 bool matches(const KURL&, | 31 bool matches(const KURL&, |
| 32 ResourceRequest::RedirectStatus = | 32 ResourceRequest::RedirectStatus = |
| 33 ResourceRequest::RedirectStatus::NoRedirect) const; | 33 ResourceRequest::RedirectStatus::NoRedirect) const; |
| 34 // Check whether this CSPSource is subsumed under a given CSPSource for a | |
|
jochen (gone - plz use gerrit)
2016/11/02 11:11:33
nit. add empty line before this one
| |
| 35 // subsumption algorithm described here: | |
| 36 // https://w3c.github.io/webappsec-csp/embedded/#subsume-policy | |
| 37 bool isSubsumedBy(CSPSource*); | |
| 34 | 38 |
| 35 DECLARE_TRACE(); | 39 DECLARE_TRACE(); |
| 36 | 40 |
| 37 private: | 41 private: |
| 42 FRIEND_TEST_ALL_PREFIXES(CSPSourceTest, IsSimilar); | |
| 43 | |
| 38 bool schemeMatches(const String&) const; | 44 bool schemeMatches(const String&) const; |
| 39 bool hostMatches(const String&) const; | 45 bool hostMatches(const String&) const; |
| 40 bool pathMatches(const String&) const; | 46 bool pathMatches(const String&) const; |
| 41 // Protocol is necessary to determine default port if it is zero. | 47 // Protocol is necessary to determine default port if it is zero. |
| 42 bool portMatches(int port, const String& protocol) const; | 48 bool portMatches(int port, const String& protocol) const; |
| 43 bool isSchemeOnly() const; | 49 bool isSchemeOnly() const; |
| 50 bool isPathEmptyOrSlashOnly() const; | |
| 51 // Check if either one of the two matches the scheme, host, port, path of the | |
| 52 // other. More detailed explanation here: | |
| 53 // https://docs.google.com/document/d/1xwTxpB_sWYaTrOBJEPSXtfWKO4M2k9Xya7o0zcd 6Dec/edit#heading=h.9efhej5pg0hj | |
|
jochen (gone - plz use gerrit)
2016/11/02 11:11:33
if you put links in the source, please make this a
| |
| 54 bool isSimilar(CSPSource* other); | |
| 55 | |
| 56 bool isWildcardsSubsumedBy(CSPSource* other); | |
|
jochen (gone - plz use gerrit)
2016/11/02 11:11:33
isWildcard or areWildcards
| |
| 57 bool isSchemeSubsumedBy(CSPSource* other); | |
| 58 bool isPortSubsumedBy(CSPSource* other); | |
| 59 bool isPathSubsumedBy(CSPSource* other); | |
| 44 | 60 |
| 45 Member<ContentSecurityPolicy> m_policy; | 61 Member<ContentSecurityPolicy> m_policy; |
| 46 String m_scheme; | 62 String m_scheme; |
| 47 String m_host; | 63 String m_host; |
| 48 int m_port; | 64 int m_port; |
| 49 String m_path; | 65 String m_path; |
| 50 | 66 |
| 51 WildcardDisposition m_hostWildcard; | 67 WildcardDisposition m_hostWildcard; |
| 52 WildcardDisposition m_portWildcard; | 68 WildcardDisposition m_portWildcard; |
| 53 }; | 69 }; |
| 54 | 70 |
| 55 } // namespace blink | 71 } // namespace blink |
| 56 | 72 |
| 57 #endif | 73 #endif |
| OLD | NEW |
