OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CSPSource_h | 5 #ifndef CSPSource_h |
6 #define CSPSource_h | 6 #define CSPSource_h |
7 | 7 |
8 #include "core/CoreExport.h" | 8 #include "core/CoreExport.h" |
9 #include "core/frame/csp/ContentSecurityPolicy.h" | 9 #include "core/frame/csp/ContentSecurityPolicy.h" |
10 #include "platform/heap/Handle.h" | 10 #include "platform/heap/Handle.h" |
(...skipping 13 matching lines...) Expand all Loading... | |
24 CSPSource(ContentSecurityPolicy*, | 24 CSPSource(ContentSecurityPolicy*, |
25 const String& scheme, | 25 const String& scheme, |
26 const String& host, | 26 const String& host, |
27 int port, | 27 int port, |
28 const String& path, | 28 const String& path, |
29 WildcardDisposition hostWildcard, | 29 WildcardDisposition hostWildcard, |
30 WildcardDisposition portWildcard); | 30 WildcardDisposition portWildcard); |
31 bool matches(const KURL&, | 31 bool matches(const KURL&, |
32 ResourceRequest::RedirectStatus = | 32 ResourceRequest::RedirectStatus = |
33 ResourceRequest::RedirectStatus::NoRedirect) const; | 33 ResourceRequest::RedirectStatus::NoRedirect) const; |
34 // Check whether this CSPSource is subsumed under a given CSPSource for a | |
jochen (gone - plz use gerrit)
2016/11/02 11:11:33
nit. add empty line before this one
| |
35 // subsumption algorithm described here: | |
36 // https://w3c.github.io/webappsec-csp/embedded/#subsume-policy | |
37 bool isSubsumedBy(CSPSource*); | |
34 | 38 |
35 DECLARE_TRACE(); | 39 DECLARE_TRACE(); |
36 | 40 |
37 private: | 41 private: |
42 FRIEND_TEST_ALL_PREFIXES(CSPSourceTest, IsSimilar); | |
43 | |
38 bool schemeMatches(const String&) const; | 44 bool schemeMatches(const String&) const; |
39 bool hostMatches(const String&) const; | 45 bool hostMatches(const String&) const; |
40 bool pathMatches(const String&) const; | 46 bool pathMatches(const String&) const; |
41 // Protocol is necessary to determine default port if it is zero. | 47 // Protocol is necessary to determine default port if it is zero. |
42 bool portMatches(int port, const String& protocol) const; | 48 bool portMatches(int port, const String& protocol) const; |
43 bool isSchemeOnly() const; | 49 bool isSchemeOnly() const; |
50 bool isPathEmptyOrSlashOnly() const; | |
51 // Check if either one of the two matches the scheme, host, port, path of the | |
52 // other. More detailed explanation here: | |
53 // https://docs.google.com/document/d/1xwTxpB_sWYaTrOBJEPSXtfWKO4M2k9Xya7o0zcd 6Dec/edit#heading=h.9efhej5pg0hj | |
jochen (gone - plz use gerrit)
2016/11/02 11:11:33
if you put links in the source, please make this a
| |
54 bool isSimilar(CSPSource* other); | |
55 | |
56 bool isWildcardsSubsumedBy(CSPSource* other); | |
jochen (gone - plz use gerrit)
2016/11/02 11:11:33
isWildcard or areWildcards
| |
57 bool isSchemeSubsumedBy(CSPSource* other); | |
58 bool isPortSubsumedBy(CSPSource* other); | |
59 bool isPathSubsumedBy(CSPSource* other); | |
44 | 60 |
45 Member<ContentSecurityPolicy> m_policy; | 61 Member<ContentSecurityPolicy> m_policy; |
46 String m_scheme; | 62 String m_scheme; |
47 String m_host; | 63 String m_host; |
48 int m_port; | 64 int m_port; |
49 String m_path; | 65 String m_path; |
50 | 66 |
51 WildcardDisposition m_hostWildcard; | 67 WildcardDisposition m_hostWildcard; |
52 WildcardDisposition m_portWildcard; | 68 WildcardDisposition m_portWildcard; |
53 }; | 69 }; |
54 | 70 |
55 } // namespace blink | 71 } // namespace blink |
56 | 72 |
57 #endif | 73 #endif |
OLD | NEW |