OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CSPSource_h | 5 #ifndef CSPSource_h |
6 #define CSPSource_h | 6 #define CSPSource_h |
7 | 7 |
8 #include "core/CoreExport.h" | 8 #include "core/CoreExport.h" |
9 #include "core/frame/csp/ContentSecurityPolicy.h" | 9 #include "core/frame/csp/ContentSecurityPolicy.h" |
10 #include "platform/heap/Handle.h" | 10 #include "platform/heap/Handle.h" |
(...skipping 13 matching lines...) Expand all Loading... | |
24 CSPSource(ContentSecurityPolicy*, | 24 CSPSource(ContentSecurityPolicy*, |
25 const String& scheme, | 25 const String& scheme, |
26 const String& host, | 26 const String& host, |
27 int port, | 27 int port, |
28 const String& path, | 28 const String& path, |
29 WildcardDisposition hostWildcard, | 29 WildcardDisposition hostWildcard, |
30 WildcardDisposition portWildcard); | 30 WildcardDisposition portWildcard); |
31 bool matches(const KURL&, | 31 bool matches(const KURL&, |
32 ResourceRequest::RedirectStatus = | 32 ResourceRequest::RedirectStatus = |
33 ResourceRequest::RedirectStatus::NoRedirect) const; | 33 ResourceRequest::RedirectStatus::NoRedirect) const; |
34 // Check whether this CSPSource is subsumed under a given CSPSource for a | |
35 // subsumption algorithm described here: | |
36 // https://w3c.github.io/webappsec-csp/embedded/#subsume-policy | |
37 bool isSubsumedBy(CSPSource*); | |
38 // Retrieve the most common information from the two CSPSources if isSimilar | |
39 // is true for the two. Otherwise, return nullptr. | |
40 CSPSource* getCommon(CSPSource*); | |
34 | 41 |
35 DECLARE_TRACE(); | 42 DECLARE_TRACE(); |
36 | 43 |
37 private: | 44 private: |
45 FRIEND_TEST_ALL_PREFIXES(CSPSourceTest, IsSimilar); | |
46 | |
38 bool schemeMatches(const String&) const; | 47 bool schemeMatches(const String&) const; |
39 bool hostMatches(const String&) const; | 48 bool hostMatches(const String&) const; |
40 bool pathMatches(const String&) const; | 49 bool pathMatches(const String&) const; |
41 bool portMatches(int, const String&) const; | 50 bool portMatches(int, const String&) const; |
42 bool isSchemeOnly() const; | 51 bool isSchemeOnly() const; |
52 bool isPathEmptyOrSlashOnly() const; | |
53 // Check if either one of the two matches the scheme, host, port, path of the | |
54 // other. More detailed explanation here: | |
55 // https://docs.google.com/document/d/1xwTxpB_sWYaTrOBJEPSXtfWKO4M2k9Xya7o0zcd 6Dec/edit#heading=h.9efhej5pg0hj | |
Mike West
2016/11/04 09:48:10
1. This needs to be a publicly accessible link. `g
| |
56 bool isSimilar(CSPSource* other); | |
57 | |
58 bool isWildcardsSubsumedBy(CSPSource* other); | |
59 bool isSchemeSubsumedBy(CSPSource* other); | |
60 bool isPortSubsumedBy(CSPSource* other); | |
61 bool isPathSubsumedBy(CSPSource* other); | |
43 | 62 |
44 Member<ContentSecurityPolicy> m_policy; | 63 Member<ContentSecurityPolicy> m_policy; |
45 String m_scheme; | 64 String m_scheme; |
46 String m_host; | 65 String m_host; |
47 int m_port; | 66 int m_port; |
48 String m_path; | 67 String m_path; |
49 | 68 |
50 WildcardDisposition m_hostWildcard; | 69 WildcardDisposition m_hostWildcard; |
51 WildcardDisposition m_portWildcard; | 70 WildcardDisposition m_portWildcard; |
52 }; | 71 }; |
53 | 72 |
54 } // namespace blink | 73 } // namespace blink |
55 | 74 |
56 #endif | 75 #endif |
OLD | NEW |