Index: third_party/WebKit/Source/core/frame/csp/SourceListDirective.h |
diff --git a/third_party/WebKit/Source/core/frame/csp/SourceListDirective.h b/third_party/WebKit/Source/core/frame/csp/SourceListDirective.h |
index a432b5983f79678477b0590270dc188f71c4a5f1..38752daecb9163b5dc885ed101e7156d0cc3930e 100644 |
--- a/third_party/WebKit/Source/core/frame/csp/SourceListDirective.h |
+++ b/third_party/WebKit/Source/core/frame/csp/SourceListDirective.h |
@@ -5,8 +5,10 @@ |
#ifndef SourceListDirective_h |
#define SourceListDirective_h |
+#include "core/CoreExport.h" |
#include "core/frame/csp/CSPDirective.h" |
-#include "core/frame/csp/CSPSourceList.h" |
+#include "core/frame/csp/CSPSource.h" |
+#include "platform/Crypto.h" |
#include "platform/network/ContentSecurityPolicyParsers.h" |
#include "platform/network/ResourceRequest.h" |
#include "wtf/HashSet.h" |
@@ -17,7 +19,7 @@ namespace blink { |
class ContentSecurityPolicy; |
class KURL; |
-class SourceListDirective final : public CSPDirective { |
+class CORE_EXPORT SourceListDirective final : public CSPDirective { |
WTF_MAKE_NONCOPYABLE(SourceListDirective); |
public: |
@@ -26,7 +28,15 @@ class SourceListDirective final : public CSPDirective { |
ContentSecurityPolicy*); |
DECLARE_TRACE(); |
- bool allows(const KURL&, ResourceRequest::RedirectStatus) const; |
+ void parse(const UChar* begin, const UChar* end); |
+ |
+ bool matches(const KURL&, |
+ ResourceRequest::RedirectStatus = |
+ ResourceRequest::RedirectStatus::NoRedirect) const; |
+ |
+ bool allows(const KURL&, |
+ ResourceRequest::RedirectStatus = |
+ ResourceRequest::RedirectStatus::NoRedirect) const; |
bool allowInline() const; |
bool allowEval() const; |
bool allowDynamic() const; |
@@ -37,7 +47,54 @@ class SourceListDirective final : public CSPDirective { |
uint8_t hashAlgorithmsUsed() const; |
private: |
- CSPSourceList m_sourceList; |
+ bool parseSource(const UChar* begin, |
+ const UChar* end, |
+ String& scheme, |
+ String& host, |
+ int& port, |
+ String& path, |
+ CSPSource::WildcardDisposition&, |
+ CSPSource::WildcardDisposition&); |
+ bool parseScheme(const UChar* begin, const UChar* end, String& scheme); |
+ bool parseHost(const UChar* begin, |
+ const UChar* end, |
+ String& host, |
+ CSPSource::WildcardDisposition&); |
+ bool parsePort(const UChar* begin, |
+ const UChar* end, |
+ int& port, |
+ CSPSource::WildcardDisposition&); |
+ bool parsePath(const UChar* begin, const UChar* end, String& path); |
+ bool parseNonce(const UChar* begin, const UChar* end, String& nonce); |
+ bool parseHash(const UChar* begin, |
+ const UChar* end, |
+ DigestValue& hash, |
+ ContentSecurityPolicyHashAlgorithm&); |
+ |
+ void addSourceSelf(); |
+ void addSourceStar(); |
+ void addSourceUnsafeInline(); |
+ void addSourceUnsafeEval(); |
+ void addSourceStrictDynamic(); |
+ void addSourceUnsafeHashedAttributes(); |
+ void addSourceNonce(const String& nonce); |
+ void addSourceHash(const ContentSecurityPolicyHashAlgorithm&, |
+ const DigestValue& hash); |
+ |
+ bool hasSourceMatchInList(const KURL&, ResourceRequest::RedirectStatus) const; |
+ |
+ Member<ContentSecurityPolicy> m_policy; |
+ HeapVector<Member<CSPSource>> m_list; |
+ String m_directiveName; |
+ bool m_allowSelf; |
+ bool m_allowStar; |
+ bool m_allowInline; |
+ bool m_allowEval; |
+ bool m_allowDynamic; |
+ bool m_allowHashedAttributes; |
+ HashSet<String> m_nonces; |
+ HashSet<CSPHashValue> m_hashes; |
+ uint8_t m_hashAlgorithmsUsed; |
}; |
} // namespace blink |