OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/CSPDirectiveList.h" | 5 #include "core/frame/csp/CSPDirectiveList.h" |
6 | 6 |
7 #include "bindings/core/v8/SourceLocation.h" | 7 #include "bindings/core/v8/SourceLocation.h" |
8 #include "core/dom/Document.h" | 8 #include "core/dom/Document.h" |
9 #include "core/dom/SecurityContext.h" | 9 #include "core/dom/SecurityContext.h" |
10 #include "core/dom/SpaceSplitString.h" | 10 #include "core/dom/SpaceSplitString.h" |
(...skipping 412 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
423 const KURL& url, | 423 const KURL& url, |
424 const String& effectiveDirective, | 424 const String& effectiveDirective, |
425 ResourceRequest::RedirectStatus redirectStatus) const { | 425 ResourceRequest::RedirectStatus redirectStatus) const { |
426 if (!directive) | 426 if (!directive) |
427 return true; | 427 return true; |
428 | 428 |
429 // We ignore URL-based whitelists if we're allowing dynamic script injection. | 429 // We ignore URL-based whitelists if we're allowing dynamic script injection. |
430 if (checkSource(directive, url, redirectStatus) && !checkDynamic(directive)) | 430 if (checkSource(directive, url, redirectStatus) && !checkDynamic(directive)) |
431 return true; | 431 return true; |
432 | 432 |
| 433 // We should never have a violation against `child-src` or `default-src` |
| 434 // directly; the effective directive should always be one of the explicit |
| 435 // fetch directives. |
| 436 DCHECK_NE(ContentSecurityPolicy::ChildSrc, effectiveDirective); |
| 437 DCHECK_NE(ContentSecurityPolicy::DefaultSrc, effectiveDirective); |
| 438 |
433 String prefix; | 439 String prefix; |
434 if (ContentSecurityPolicy::BaseURI == effectiveDirective) | 440 if (ContentSecurityPolicy::BaseURI == effectiveDirective) |
435 prefix = "Refused to set the document's base URI to '"; | 441 prefix = "Refused to set the document's base URI to '"; |
436 else if (ContentSecurityPolicy::ChildSrc == effectiveDirective) | 442 else if (ContentSecurityPolicy::WorkerSrc == effectiveDirective) |
437 prefix = "Refused to create a child context containing '"; | 443 prefix = "Refused to create a worker from '"; |
438 else if (ContentSecurityPolicy::ConnectSrc == effectiveDirective) | 444 else if (ContentSecurityPolicy::ConnectSrc == effectiveDirective) |
439 prefix = "Refused to connect to '"; | 445 prefix = "Refused to connect to '"; |
440 else if (ContentSecurityPolicy::FontSrc == effectiveDirective) | 446 else if (ContentSecurityPolicy::FontSrc == effectiveDirective) |
441 prefix = "Refused to load the font '"; | 447 prefix = "Refused to load the font '"; |
442 else if (ContentSecurityPolicy::FormAction == effectiveDirective) | 448 else if (ContentSecurityPolicy::FormAction == effectiveDirective) |
443 prefix = "Refused to send form data to '"; | 449 prefix = "Refused to send form data to '"; |
444 else if (ContentSecurityPolicy::FrameSrc == effectiveDirective) | 450 else if (ContentSecurityPolicy::FrameSrc == effectiveDirective) |
445 prefix = "Refused to frame '"; | 451 prefix = "Refused to frame '"; |
446 else if (ContentSecurityPolicy::ImgSrc == effectiveDirective) | 452 else if (ContentSecurityPolicy::ImgSrc == effectiveDirective) |
447 prefix = "Refused to load the image '"; | 453 prefix = "Refused to load the image '"; |
(...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
619 if (url.protocolIsAbout()) | 625 if (url.protocolIsAbout()) |
620 return true; | 626 return true; |
621 return reportingStatus == ContentSecurityPolicy::SendReport | 627 return reportingStatus == ContentSecurityPolicy::SendReport |
622 ? checkSourceAndReportViolation( | 628 ? checkSourceAndReportViolation( |
623 operativeDirective(m_objectSrc.get()), url, | 629 operativeDirective(m_objectSrc.get()), url, |
624 ContentSecurityPolicy::ObjectSrc, redirectStatus) | 630 ContentSecurityPolicy::ObjectSrc, redirectStatus) |
625 : checkSource(operativeDirective(m_objectSrc.get()), url, | 631 : checkSource(operativeDirective(m_objectSrc.get()), url, |
626 redirectStatus); | 632 redirectStatus); |
627 } | 633 } |
628 | 634 |
629 bool CSPDirectiveList::allowChildFrameFromSource( | 635 bool CSPDirectiveList::allowFrameFromSource( |
630 const KURL& url, | 636 const KURL& url, |
631 ResourceRequest::RedirectStatus redirectStatus, | 637 ResourceRequest::RedirectStatus redirectStatus, |
632 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 638 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
633 if (url.protocolIsAbout()) | 639 if (url.protocolIsAbout()) |
634 return true; | 640 return true; |
635 | 641 |
636 // 'frame-src' is the only directive which overrides something other than the | 642 // 'frame-src' overrides 'child-src', which overrides the default |
637 // default sources. It overrides 'child-src', which overrides the default | |
638 // sources. So, we do this nested set of calls to 'operativeDirective()' to | 643 // sources. So, we do this nested set of calls to 'operativeDirective()' to |
639 // grab 'frame-src' if it exists, 'child-src' if it doesn't, and 'defaut-src' | 644 // grab 'frame-src' if it exists, 'child-src' if it doesn't, and 'defaut-src' |
640 // if neither are available. | 645 // if neither are available. |
641 SourceListDirective* whichDirective = operativeDirective( | 646 SourceListDirective* whichDirective = operativeDirective( |
642 m_frameSrc.get(), operativeDirective(m_childSrc.get())); | 647 m_frameSrc.get(), operativeDirective(m_childSrc.get())); |
643 | 648 |
644 return reportingStatus == ContentSecurityPolicy::SendReport | 649 return reportingStatus == ContentSecurityPolicy::SendReport |
645 ? checkSourceAndReportViolation(whichDirective, url, | 650 ? checkSourceAndReportViolation(whichDirective, url, |
646 ContentSecurityPolicy::FrameSrc, | 651 ContentSecurityPolicy::FrameSrc, |
647 redirectStatus) | 652 redirectStatus) |
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
738 const KURL& url, | 743 const KURL& url, |
739 ResourceRequest::RedirectStatus redirectStatus, | 744 ResourceRequest::RedirectStatus redirectStatus, |
740 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 745 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
741 return reportingStatus == ContentSecurityPolicy::SendReport | 746 return reportingStatus == ContentSecurityPolicy::SendReport |
742 ? checkSourceAndReportViolation(m_baseURI.get(), url, | 747 ? checkSourceAndReportViolation(m_baseURI.get(), url, |
743 ContentSecurityPolicy::BaseURI, | 748 ContentSecurityPolicy::BaseURI, |
744 redirectStatus) | 749 redirectStatus) |
745 : checkSource(m_baseURI.get(), url, redirectStatus); | 750 : checkSource(m_baseURI.get(), url, redirectStatus); |
746 } | 751 } |
747 | 752 |
748 bool CSPDirectiveList::allowChildContextFromSource( | 753 bool CSPDirectiveList::allowWorkerFromSource( |
749 const KURL& url, | 754 const KURL& url, |
750 ResourceRequest::RedirectStatus redirectStatus, | 755 ResourceRequest::RedirectStatus redirectStatus, |
751 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 756 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 757 // 'worker-src' overrides 'child-src', which overrides the default |
| 758 // sources. So, we do this nested set of calls to 'operativeDirective()' to |
| 759 // grab 'worker-src' if it exists, 'child-src' if it doesn't, and 'defaut-src' |
| 760 // if neither are available. |
| 761 SourceListDirective* whichDirective = operativeDirective( |
| 762 m_workerSrc.get(), operativeDirective(m_childSrc.get())); |
| 763 |
752 return reportingStatus == ContentSecurityPolicy::SendReport | 764 return reportingStatus == ContentSecurityPolicy::SendReport |
753 ? checkSourceAndReportViolation( | 765 ? checkSourceAndReportViolation(whichDirective, url, |
754 operativeDirective(m_childSrc.get()), url, | 766 ContentSecurityPolicy::WorkerSrc, |
755 ContentSecurityPolicy::ChildSrc, redirectStatus) | 767 redirectStatus) |
756 : checkSource(operativeDirective(m_childSrc.get()), url, | 768 : checkSource(whichDirective, url, redirectStatus); |
757 redirectStatus); | |
758 } | 769 } |
759 | 770 |
760 bool CSPDirectiveList::allowAncestors( | 771 bool CSPDirectiveList::allowAncestors( |
761 LocalFrame* frame, | 772 LocalFrame* frame, |
762 const KURL& url, | 773 const KURL& url, |
763 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 774 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
764 return reportingStatus == ContentSecurityPolicy::SendReport | 775 return reportingStatus == ContentSecurityPolicy::SendReport |
765 ? checkAncestorsAndReportViolation(m_frameAncestors.get(), frame, | 776 ? checkAncestorsAndReportViolation(m_frameAncestors.get(), frame, |
766 url) | 777 url) |
767 : checkAncestors(m_frameAncestors.get(), frame); | 778 : checkAncestors(m_frameAncestors.get(), frame); |
(...skipping 331 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1099 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ConnectSrc)) { | 1110 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ConnectSrc)) { |
1100 setCSPDirective<SourceListDirective>(name, value, m_connectSrc); | 1111 setCSPDirective<SourceListDirective>(name, value, m_connectSrc); |
1101 } else if (equalIgnoringCase(name, ContentSecurityPolicy::Sandbox)) { | 1112 } else if (equalIgnoringCase(name, ContentSecurityPolicy::Sandbox)) { |
1102 applySandboxPolicy(name, value); | 1113 applySandboxPolicy(name, value); |
1103 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ReportURI)) { | 1114 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ReportURI)) { |
1104 parseReportURI(name, value); | 1115 parseReportURI(name, value); |
1105 } else if (equalIgnoringCase(name, ContentSecurityPolicy::BaseURI)) { | 1116 } else if (equalIgnoringCase(name, ContentSecurityPolicy::BaseURI)) { |
1106 setCSPDirective<SourceListDirective>(name, value, m_baseURI); | 1117 setCSPDirective<SourceListDirective>(name, value, m_baseURI); |
1107 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ChildSrc)) { | 1118 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ChildSrc)) { |
1108 setCSPDirective<SourceListDirective>(name, value, m_childSrc); | 1119 setCSPDirective<SourceListDirective>(name, value, m_childSrc); |
| 1120 } else if (equalIgnoringCase(name, ContentSecurityPolicy::WorkerSrc)) { |
| 1121 setCSPDirective<SourceListDirective>(name, value, m_workerSrc); |
1109 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FormAction)) { | 1122 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FormAction)) { |
1110 setCSPDirective<SourceListDirective>(name, value, m_formAction); | 1123 setCSPDirective<SourceListDirective>(name, value, m_formAction); |
1111 } else if (equalIgnoringCase(name, ContentSecurityPolicy::PluginTypes)) { | 1124 } else if (equalIgnoringCase(name, ContentSecurityPolicy::PluginTypes)) { |
1112 setCSPDirective<MediaListDirective>(name, value, m_pluginTypes); | 1125 setCSPDirective<MediaListDirective>(name, value, m_pluginTypes); |
1113 } else if (equalIgnoringCase( | 1126 } else if (equalIgnoringCase( |
1114 name, ContentSecurityPolicy::UpgradeInsecureRequests)) { | 1127 name, ContentSecurityPolicy::UpgradeInsecureRequests)) { |
1115 enableInsecureRequestsUpgrade(name, value); | 1128 enableInsecureRequestsUpgrade(name, value); |
1116 } else if (equalIgnoringCase(name, | 1129 } else if (equalIgnoringCase(name, |
1117 ContentSecurityPolicy::BlockAllMixedContent)) { | 1130 ContentSecurityPolicy::BlockAllMixedContent)) { |
1118 enforceStrictMixedContentChecking(name, value); | 1131 enforceStrictMixedContentChecking(name, value); |
(...skipping 20 matching lines...) Expand all Loading... |
1139 visitor->trace(m_fontSrc); | 1152 visitor->trace(m_fontSrc); |
1140 visitor->trace(m_formAction); | 1153 visitor->trace(m_formAction); |
1141 visitor->trace(m_frameAncestors); | 1154 visitor->trace(m_frameAncestors); |
1142 visitor->trace(m_frameSrc); | 1155 visitor->trace(m_frameSrc); |
1143 visitor->trace(m_imgSrc); | 1156 visitor->trace(m_imgSrc); |
1144 visitor->trace(m_mediaSrc); | 1157 visitor->trace(m_mediaSrc); |
1145 visitor->trace(m_manifestSrc); | 1158 visitor->trace(m_manifestSrc); |
1146 visitor->trace(m_objectSrc); | 1159 visitor->trace(m_objectSrc); |
1147 visitor->trace(m_scriptSrc); | 1160 visitor->trace(m_scriptSrc); |
1148 visitor->trace(m_styleSrc); | 1161 visitor->trace(m_styleSrc); |
| 1162 visitor->trace(m_workerSrc); |
1149 } | 1163 } |
1150 | 1164 |
1151 } // namespace blink | 1165 } // namespace blink |
OLD | NEW |