Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(10)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

Issue 2449873004: Removing CSPSourceList level up to SourceListDirective. (Closed)
Patch Set: Moving CSPSourceList logic to SourceListDirective Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/CSPSourceListTest.cpp ('k') | third_party/WebKit/Source/core/frame/csp/SourceListDirective.h » ('j') | third_party/WebKit/Source/core/frame/csp/SourceListDirective.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2011 Google, Inc. All rights reserved. 2 * Copyright (C) 2011 Google, Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
(...skipping 23 matching lines...) Expand all
34 #include "core/dom/SandboxFlags.h" 34 #include "core/dom/SandboxFlags.h"
35 #include "core/events/EventQueue.h" 35 #include "core/events/EventQueue.h"
36 #include "core/events/SecurityPolicyViolationEvent.h" 36 #include "core/events/SecurityPolicyViolationEvent.h"
37 #include "core/fetch/IntegrityMetadata.h" 37 #include "core/fetch/IntegrityMetadata.h"
38 #include "core/frame/FrameClient.h" 38 #include "core/frame/FrameClient.h"
39 #include "core/frame/LocalDOMWindow.h" 39 #include "core/frame/LocalDOMWindow.h"
40 #include "core/frame/LocalFrame.h" 40 #include "core/frame/LocalFrame.h"
41 #include "core/frame/UseCounter.h" 41 #include "core/frame/UseCounter.h"
42 #include "core/frame/csp/CSPDirectiveList.h" 42 #include "core/frame/csp/CSPDirectiveList.h"
43 #include "core/frame/csp/CSPSource.h" 43 #include "core/frame/csp/CSPSource.h"
44 #include "core/frame/csp/CSPSourceList.h"
45 #include "core/frame/csp/MediaListDirective.h" 44 #include "core/frame/csp/MediaListDirective.h"
46 #include "core/frame/csp/SourceListDirective.h" 45 #include "core/frame/csp/SourceListDirective.h"
47 #include "core/inspector/ConsoleMessage.h" 46 #include "core/inspector/ConsoleMessage.h"
48 #include "core/inspector/InspectorInstrumentation.h" 47 #include "core/inspector/InspectorInstrumentation.h"
49 #include "core/loader/DocumentLoader.h" 48 #include "core/loader/DocumentLoader.h"
50 #include "core/loader/FrameLoaderClient.h" 49 #include "core/loader/FrameLoaderClient.h"
51 #include "core/loader/PingLoader.h" 50 #include "core/loader/PingLoader.h"
52 #include "platform/RuntimeEnabledFeatures.h" 51 #include "platform/RuntimeEnabledFeatures.h"
53 #include "platform/json/JSONValues.h" 52 #include "platform/json/JSONValues.h"
54 #include "platform/network/ContentSecurityPolicyParsers.h" 53 #include "platform/network/ContentSecurityPolicyParsers.h"
(...skipping 563 matching lines...) Expand 10 before | Expand all | Expand 10 after
618 617
619 template <bool (CSPDirectiveList::*allowed)(const CSPHashValue&, 618 template <bool (CSPDirectiveList::*allowed)(const CSPHashValue&,
620 ContentSecurityPolicy::InlineType) 619 ContentSecurityPolicy::InlineType)
621 const> 620 const>
622 bool checkDigest(const String& source, 621 bool checkDigest(const String& source,
623 ContentSecurityPolicy::InlineType type, 622 ContentSecurityPolicy::InlineType type,
624 uint8_t hashAlgorithmsUsed, 623 uint8_t hashAlgorithmsUsed,
625 const CSPDirectiveListVector& policies) { 624 const CSPDirectiveListVector& policies) {
626 // Any additions or subtractions from this struct should also modify the 625 // Any additions or subtractions from this struct should also modify the
627 // respective entries in the kSupportedPrefixes array in 626 // respective entries in the kSupportedPrefixes array in
628 // CSPSourceList::parseHash(). 627 // SourceListDirective::parseHash().
629 static const struct { 628 static const struct {
630 ContentSecurityPolicyHashAlgorithm cspHashAlgorithm; 629 ContentSecurityPolicyHashAlgorithm cspHashAlgorithm;
631 HashAlgorithm algorithm; 630 HashAlgorithm algorithm;
632 } kAlgorithmMap[] = { 631 } kAlgorithmMap[] = {
633 {ContentSecurityPolicyHashAlgorithmSha1, HashAlgorithmSha1}, 632 {ContentSecurityPolicyHashAlgorithmSha1, HashAlgorithmSha1},
634 {ContentSecurityPolicyHashAlgorithmSha256, HashAlgorithmSha256}, 633 {ContentSecurityPolicyHashAlgorithmSha256, HashAlgorithmSha256},
635 {ContentSecurityPolicyHashAlgorithmSha384, HashAlgorithmSha384}, 634 {ContentSecurityPolicyHashAlgorithmSha384, HashAlgorithmSha384},
636 {ContentSecurityPolicyHashAlgorithmSha512, HashAlgorithmSha512}}; 635 {ContentSecurityPolicyHashAlgorithmSha512, HashAlgorithmSha512}};
637 636
638 // Only bother normalizing the source/computing digests if there are any 637 // Only bother normalizing the source/computing digests if there are any
(...skipping 905 matching lines...) Expand 10 before | Expand all | Expand 10 after
1544 // Collisions have no security impact, so we can save space by storing only 1543 // Collisions have no security impact, so we can save space by storing only
1545 // the string's hash rather than the whole report. 1544 // the string's hash rather than the whole report.
1546 return !m_violationReportsSent.contains(report.impl()->hash()); 1545 return !m_violationReportsSent.contains(report.impl()->hash());
1547 } 1546 }
1548 1547
1549 void ContentSecurityPolicy::didSendViolationReport(const String& report) { 1548 void ContentSecurityPolicy::didSendViolationReport(const String& report) {
1550 m_violationReportsSent.add(report.impl()->hash()); 1549 m_violationReportsSent.add(report.impl()->hash());
1551 } 1550 }
1552 1551
1553 } // namespace blink 1552 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/CSPSourceListTest.cpp ('k') | third_party/WebKit/Source/core/frame/csp/SourceListDirective.h » ('j') | third_party/WebKit/Source/core/frame/csp/SourceListDirective.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698