third_party/WebKit/Source/core/frame/csp/SourceListDirective.h - Issue 2449873004: Removing CSPSourceList level up to SourceListDirective.

Side by Side Diff: third_party/WebKit/Source/core/frame/csp/SourceListDirective.h

Issue 2449873004: Removing CSPSourceList level up to SourceListDirective. (Closed)

Patch Set: Moving CSPSourceList logic to SourceListDirective Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp ('k') | third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef SourceListDirective_h	5 #ifndef SourceListDirective_h

6 #define SourceListDirective_h	6 #define SourceListDirective_h

7	7

	8 #include "core/CoreExport.h"

8 #include "core/frame/csp/CSPDirective.h"	9 #include "core/frame/csp/CSPDirective.h"

9 #include "core/frame/csp/CSPSourceList.h"	10 #include "core/frame/csp/CSPSource.h"
	amalika 2016/10/26 12:04:53 CSPSourceList also included #include "platform/Cr CSPSourceList also included #include "platform/Crypto.h" #include "platform/heap/Handle.h" but it seemed to compile without so I didnt include them.
10 #include "platform/network/ContentSecurityPolicyParsers.h"	11 #include "platform/network/ContentSecurityPolicyParsers.h"

11 #include "platform/network/ResourceRequest.h"	12 #include "platform/network/ResourceRequest.h"

12 #include "wtf/HashSet.h"	13 #include "wtf/HashSet.h"

13 #include "wtf/text/WTFString.h"	14 #include "wtf/text/WTFString.h"

14	15

15 namespace blink {	16 namespace blink {

16	17

17 class ContentSecurityPolicy;	18 class ContentSecurityPolicy;

18 class KURL;	19 class KURL;

19	20

20 class SourceListDirective final : public CSPDirective {	21 class CORE_EXPORT SourceListDirective final : public CSPDirective {

21 WTF_MAKE_NONCOPYABLE(SourceListDirective);	22 WTF_MAKE_NONCOPYABLE(SourceListDirective);

22	23

23 public:	24 public:

24 SourceListDirective(const String& name,	25 SourceListDirective(const String& name,

25 const String& value,	26 const String& value,

26 ContentSecurityPolicy*);	27 ContentSecurityPolicy*);

27 DECLARE_TRACE();	28 DECLARE_TRACE();

28	29

29 bool allows(const KURL&, ResourceRequest::RedirectStatus) const;	30 void parse(const UChar* begin, const UChar* end);

	31

	32 bool matches(const KURL&,

	33 ResourceRequest::RedirectStatus =

	34 ResourceRequest::RedirectStatus::NoRedirect) const;

	35

	36 bool allows(const KURL&,

	37 ResourceRequest::RedirectStatus =

	38 ResourceRequest::RedirectStatus::NoRedirect) const;

30 bool allowInline() const;	39 bool allowInline() const;

31 bool allowEval() const;	40 bool allowEval() const;

32 bool allowDynamic() const;	41 bool allowDynamic() const;

33 bool allowNonce(const String& nonce) const;	42 bool allowNonce(String nonce) const;
	Mike West 2016/10/26 13:07:05 Why change this to a copy? Why change this to a copy?
34 bool allowHash(const CSPHashValue&) const;	43 bool allowHash(const CSPHashValue&) const;

35 bool allowHashedAttributes() const;	44 bool allowHashedAttributes() const;

36 bool isHashOrNoncePresent() const;	45 bool isHashOrNoncePresent() const;

37 uint8_t hashAlgorithmsUsed() const;	46 uint8_t hashAlgorithmsUsed() const;

38	47

39 private:	48 private:

40 CSPSourceList m_sourceList;	49 bool parseSource(const UChar* begin,

	50 const UChar* end,

	51 String& scheme,

	52 String& host,

	53 int& port,

	54 String& path,

	55 CSPSource::WildcardDisposition&,

	56 CSPSource::WildcardDisposition&);

	57 bool parseScheme(const UChar* begin, const UChar* end, String& scheme);

	58 bool parseHost(const UChar* begin,

	59 const UChar* end,

	60 String& host,

	61 CSPSource::WildcardDisposition&);

	62 bool parsePort(const UChar* begin,

	63 const UChar* end,

	64 int& port,

	65 CSPSource::WildcardDisposition&);

	66 bool parsePath(const UChar* begin, const UChar* end, String& path);

	67 bool parseNonce(const UChar* begin, const UChar* end, String& nonce);

	68 bool parseHash(const UChar* begin,

	69 const UChar* end,

	70 DigestValue& hash,

	71 ContentSecurityPolicyHashAlgorithm&);

	72

	73 void addSourceSelf();

	74 void addSourceStar();

	75 void addSourceUnsafeInline();

	76 void addSourceUnsafeEval();

	77 void addSourceStrictDynamic();

	78 void addSourceUnsafeHashedAttributes();

	79 void addSourceNonce(const String& nonce);

	80 void addSourceHash(const ContentSecurityPolicyHashAlgorithm&,

	81 const DigestValue& hash);

	82

	83 bool hasSourceMatchInList(const KURL&, ResourceRequest::RedirectStatus) const;

	84

	85 Member<ContentSecurityPolicy> m_policy;

	86 HeapVector<Member<CSPSource>> m_list;

	87 String m_directiveName;

	88 bool m_allowSelf;

	89 bool m_allowStar;

	90 bool m_allowInline;

	91 bool m_allowEval;

	92 bool m_allowDynamic;

	93 bool m_allowHashedAttributes;

	94 HashSet<String> m_nonces;

	95 HashSet<CSPHashValue> m_hashes;

	96 uint8_t m_hashAlgorithmsUsed;

41 };	97 };

42	98

43 } // namespace blink	99 } // namespace blink

44	100

45 #endif	101 #endif

OLD	NEW