Chromium Code Reviews Chromium Code Reviews
Issue 2442513004:
Part 1.1: Is policy list subsumed under subsuming policy? (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CSPSource_h | 5 #ifndef CSPSource_h |
| 6 #define CSPSource_h | 6 #define CSPSource_h |
| 7 | 7 |
| 8 #include "core/CoreExport.h" | 8 #include "core/CoreExport.h" |
| 9 #include "core/frame/csp/ContentSecurityPolicy.h" | 9 #include "core/frame/csp/ContentSecurityPolicy.h" |
| 10 #include "platform/heap/Handle.h" | 10 #include "platform/heap/Handle.h" |
| (...skipping 13 matching lines...) Expand all Loading... | |
| 24 CSPSource(ContentSecurityPolicy*, | 24 CSPSource(ContentSecurityPolicy*, |
| 25 const String& scheme, | 25 const String& scheme, |
| 26 const String& host, | 26 const String& host, |
| 27 int port, | 27 int port, |
| 28 const String& path, | 28 const String& path, |
| 29 WildcardDisposition hostWildcard, | 29 WildcardDisposition hostWildcard, |
| 30 WildcardDisposition portWildcard); | 30 WildcardDisposition portWildcard); |
| 31 bool matches(const KURL&, | 31 bool matches(const KURL&, |
| 32 ResourceRequest::RedirectStatus = | 32 ResourceRequest::RedirectStatus = |
| 33 ResourceRequest::RedirectStatus::NoRedirect) const; | 33 ResourceRequest::RedirectStatus::NoRedirect) const; |
| 34 // Check whether this CSPSource is subsumed under a given CSPSource for a | |
| 35 // subsumption algorithm described here: | |
| 36 // https://w3c.github.io/webappsec-csp/embedded/#subsume-policy | |
| 37 bool isSubsumedBy(CSPSource*); | |
| 38 // Retrieve the most common information from the two CSPSources if isSimilar | |
| 39 // is true for the two. Otherwise, return nullptr. | |
| 40 CSPSource* getCommon(CSPSource*); | |
| 34 | 41 |
| 35 DECLARE_TRACE(); | 42 DECLARE_TRACE(); |
| 36 | 43 |
| 37 private: | 44 private: |
| 45 FRIEND_TEST_ALL_PREFIXES(CSPSourceTest, IsSimilar); | |
| 46 | |
| 38 bool schemeMatches(const String&) const; | 47 bool schemeMatches(const String&) const; |
| 39 bool hostMatches(const String&) const; | 48 bool hostMatches(const String&) const; |
| 40 bool pathMatches(const String&) const; | 49 bool pathMatches(const String&) const; |
| 41 bool portMatches(int, const String&) const; | 50 bool portMatches(int, const String&) const; |
| 42 bool isSchemeOnly() const; | 51 bool isSchemeOnly() const; |
| 52 bool isPathEmptyOrSlashOnly() const; | |
| 53 // Check if either one of the two matches the scheme, host, port, path of the | |
| 54 // other. More detailed explanation here: | |
| 55 // https://docs.google.com/document/d/1xwTxpB_sWYaTrOBJEPSXtfWKO4M2k9Xya7o0zcd 6Dec/edit#heading=h.9efhej5pg0hj | |
|
Mike West
2016/11/04 09:48:10
1. This needs to be a publicly accessible link. `g
| |
| 56 bool isSimilar(CSPSource* other); | |
| 57 | |
| 58 bool isWildcardsSubsumedBy(CSPSource* other); | |
| 59 bool isSchemeSubsumedBy(CSPSource* other); | |
| 60 bool isPortSubsumedBy(CSPSource* other); | |
| 61 bool isPathSubsumedBy(CSPSource* other); | |
| 43 | 62 |
| 44 Member<ContentSecurityPolicy> m_policy; | 63 Member<ContentSecurityPolicy> m_policy; |
| 45 String m_scheme; | 64 String m_scheme; |
| 46 String m_host; | 65 String m_host; |
| 47 int m_port; | 66 int m_port; |
| 48 String m_path; | 67 String m_path; |
| 49 | 68 |
| 50 WildcardDisposition m_hostWildcard; | 69 WildcardDisposition m_hostWildcard; |
| 51 WildcardDisposition m_portWildcard; | 70 WildcardDisposition m_portWildcard; |
| 52 }; | 71 }; |
| 53 | 72 |
| 54 } // namespace blink | 73 } // namespace blink |
| 55 | 74 |
| 56 #endif | 75 #endif |
| OLD | NEW |
