Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(283)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/core/frame/csp/SourceListDirective.h

Issue 2449873004: Removing CSPSourceList level up to SourceListDirective. (Closed)
Patch Set: Exporting CSPDirective Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp ('k') | third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp » ('j') | third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SourceListDirective_h 5 #ifndef SourceListDirective_h
6 #define SourceListDirective_h 6 #define SourceListDirective_h
7 7
8 #include "core/CoreExport.h"
8 #include "core/frame/csp/CSPDirective.h" 9 #include "core/frame/csp/CSPDirective.h"
9 #include "core/frame/csp/CSPSourceList.h" 10 #include "core/frame/csp/CSPSource.h"
11 #include "platform/Crypto.h"
10 #include "platform/network/ContentSecurityPolicyParsers.h" 12 #include "platform/network/ContentSecurityPolicyParsers.h"
11 #include "platform/network/ResourceRequest.h" 13 #include "platform/network/ResourceRequest.h"
12 #include "wtf/HashSet.h" 14 #include "wtf/HashSet.h"
13 #include "wtf/text/WTFString.h" 15 #include "wtf/text/WTFString.h"
14 16
15 namespace blink { 17 namespace blink {
16 18
17 class ContentSecurityPolicy; 19 class ContentSecurityPolicy;
18 class KURL; 20 class KURL;
19 21
20 class SourceListDirective final : public CSPDirective { 22 class CORE_EXPORT SourceListDirective final : public CSPDirective {
21 WTF_MAKE_NONCOPYABLE(SourceListDirective); 23 WTF_MAKE_NONCOPYABLE(SourceListDirective);
22 24
23 public: 25 public:
24 SourceListDirective(const String& name, 26 SourceListDirective(const String& name,
25 const String& value, 27 const String& value,
26 ContentSecurityPolicy*); 28 ContentSecurityPolicy*);
27 DECLARE_TRACE(); 29 DECLARE_TRACE();
28 30
29 bool allows(const KURL&, ResourceRequest::RedirectStatus) const; 31 void parse(const UChar* begin, const UChar* end);
32
33 bool matches(const KURL&,
34 ResourceRequest::RedirectStatus =
35 ResourceRequest::RedirectStatus::NoRedirect) const;
36
37 bool allows(const KURL&,
38 ResourceRequest::RedirectStatus =
39 ResourceRequest::RedirectStatus::NoRedirect) const;
30 bool allowInline() const; 40 bool allowInline() const;
31 bool allowEval() const; 41 bool allowEval() const;
32 bool allowDynamic() const; 42 bool allowDynamic() const;
33 bool allowNonce(const String& nonce) const; 43 bool allowNonce(const String& nonce) const;
34 bool allowHash(const CSPHashValue&) const; 44 bool allowHash(const CSPHashValue&) const;
35 bool allowHashedAttributes() const; 45 bool allowHashedAttributes() const;
36 bool isHashOrNoncePresent() const; 46 bool isHashOrNoncePresent() const;
37 uint8_t hashAlgorithmsUsed() const; 47 uint8_t hashAlgorithmsUsed() const;
38 48
39 private: 49 private:
40 CSPSourceList m_sourceList; 50 bool parseSource(const UChar* begin,
51 const UChar* end,
52 String& scheme,
53 String& host,
54 int& port,
55 String& path,
56 CSPSource::WildcardDisposition&,
57 CSPSource::WildcardDisposition&);
58 bool parseScheme(const UChar* begin, const UChar* end, String& scheme);
59 bool parseHost(const UChar* begin,
60 const UChar* end,
61 String& host,
62 CSPSource::WildcardDisposition&);
63 bool parsePort(const UChar* begin,
64 const UChar* end,
65 int& port,
66 CSPSource::WildcardDisposition&);
67 bool parsePath(const UChar* begin, const UChar* end, String& path);
68 bool parseNonce(const UChar* begin, const UChar* end, String& nonce);
69 bool parseHash(const UChar* begin,
70 const UChar* end,
71 DigestValue& hash,
72 ContentSecurityPolicyHashAlgorithm&);
73
74 void addSourceSelf();
75 void addSourceStar();
76 void addSourceUnsafeInline();
77 void addSourceUnsafeEval();
78 void addSourceStrictDynamic();
79 void addSourceUnsafeHashedAttributes();
80 void addSourceNonce(const String& nonce);
81 void addSourceHash(const ContentSecurityPolicyHashAlgorithm&,
82 const DigestValue& hash);
83
84 bool hasSourceMatchInList(const KURL&, ResourceRequest::RedirectStatus) const;
85
86 Member<ContentSecurityPolicy> m_policy;
87 HeapVector<Member<CSPSource>> m_list;
88 String m_directiveName;
89 bool m_allowSelf;
90 bool m_allowStar;
91 bool m_allowInline;
92 bool m_allowEval;
93 bool m_allowDynamic;
94 bool m_allowHashedAttributes;
95 HashSet<String> m_nonces;
96 HashSet<CSPHashValue> m_hashes;
97 uint8_t m_hashAlgorithmsUsed;
41 }; 98 };
42 99
43 } // namespace blink 100 } // namespace blink
44 101
45 #endif 102 #endif
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp ('k') | third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp » ('j') | third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698