OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
85 const char ContentSecurityPolicy::ScriptSrc[] = "script-src"; | 85 const char ContentSecurityPolicy::ScriptSrc[] = "script-src"; |
86 const char ContentSecurityPolicy::StyleSrc[] = "style-src"; | 86 const char ContentSecurityPolicy::StyleSrc[] = "style-src"; |
87 | 87 |
88 // CSP Level 2 Directives | 88 // CSP Level 2 Directives |
89 const char ContentSecurityPolicy::BaseURI[] = "base-uri"; | 89 const char ContentSecurityPolicy::BaseURI[] = "base-uri"; |
90 const char ContentSecurityPolicy::ChildSrc[] = "child-src"; | 90 const char ContentSecurityPolicy::ChildSrc[] = "child-src"; |
91 const char ContentSecurityPolicy::FormAction[] = "form-action"; | 91 const char ContentSecurityPolicy::FormAction[] = "form-action"; |
92 const char ContentSecurityPolicy::FrameAncestors[] = "frame-ancestors"; | 92 const char ContentSecurityPolicy::FrameAncestors[] = "frame-ancestors"; |
93 const char ContentSecurityPolicy::PluginTypes[] = "plugin-types"; | 93 const char ContentSecurityPolicy::PluginTypes[] = "plugin-types"; |
94 | 94 |
95 // CSP Editor's Draft: | 95 // CSP Level 3 Directives |
96 // https://w3c.github.io/webappsec/specs/content-security-policy | |
97 const char ContentSecurityPolicy::ManifestSrc[] = "manifest-src"; | 96 const char ContentSecurityPolicy::ManifestSrc[] = "manifest-src"; |
| 97 const char ContentSecurityPolicy::WorkerSrc[] = "worker-src"; |
98 | 98 |
99 // Mixed Content Directive | 99 // Mixed Content Directive |
100 // https://w3c.github.io/webappsec/specs/mixedcontent/#strict-mode | 100 // https://w3c.github.io/webappsec/specs/mixedcontent/#strict-mode |
101 const char ContentSecurityPolicy::BlockAllMixedContent[] = | 101 const char ContentSecurityPolicy::BlockAllMixedContent[] = |
102 "block-all-mixed-content"; | 102 "block-all-mixed-content"; |
103 | 103 |
104 // https://w3c.github.io/webappsec/specs/upgrade/ | 104 // https://w3c.github.io/webappsec/specs/upgrade/ |
105 const char ContentSecurityPolicy::UpgradeInsecureRequests[] = | 105 const char ContentSecurityPolicy::UpgradeInsecureRequests[] = |
106 "upgrade-insecure-requests"; | 106 "upgrade-insecure-requests"; |
107 | 107 |
(...skipping 10 matching lines...) Expand all Loading... |
118 equalIgnoringCase(name, DefaultSrc) || equalIgnoringCase(name, FontSrc) || | 118 equalIgnoringCase(name, DefaultSrc) || equalIgnoringCase(name, FontSrc) || |
119 equalIgnoringCase(name, FrameSrc) || equalIgnoringCase(name, ImgSrc) || | 119 equalIgnoringCase(name, FrameSrc) || equalIgnoringCase(name, ImgSrc) || |
120 equalIgnoringCase(name, MediaSrc) || equalIgnoringCase(name, ObjectSrc) || | 120 equalIgnoringCase(name, MediaSrc) || equalIgnoringCase(name, ObjectSrc) || |
121 equalIgnoringCase(name, ReportURI) || equalIgnoringCase(name, Sandbox) || | 121 equalIgnoringCase(name, ReportURI) || equalIgnoringCase(name, Sandbox) || |
122 equalIgnoringCase(name, ScriptSrc) || equalIgnoringCase(name, StyleSrc) || | 122 equalIgnoringCase(name, ScriptSrc) || equalIgnoringCase(name, StyleSrc) || |
123 equalIgnoringCase(name, BaseURI) || equalIgnoringCase(name, ChildSrc) || | 123 equalIgnoringCase(name, BaseURI) || equalIgnoringCase(name, ChildSrc) || |
124 equalIgnoringCase(name, FormAction) || | 124 equalIgnoringCase(name, FormAction) || |
125 equalIgnoringCase(name, FrameAncestors) || | 125 equalIgnoringCase(name, FrameAncestors) || |
126 equalIgnoringCase(name, PluginTypes) || | 126 equalIgnoringCase(name, PluginTypes) || |
127 equalIgnoringCase(name, ManifestSrc) || | 127 equalIgnoringCase(name, ManifestSrc) || |
| 128 equalIgnoringCase(name, WorkerSrc) || |
128 equalIgnoringCase(name, BlockAllMixedContent) || | 129 equalIgnoringCase(name, BlockAllMixedContent) || |
129 equalIgnoringCase(name, UpgradeInsecureRequests) || | 130 equalIgnoringCase(name, UpgradeInsecureRequests) || |
130 equalIgnoringCase(name, TreatAsPublicAddress) || | 131 equalIgnoringCase(name, TreatAsPublicAddress) || |
131 equalIgnoringCase(name, RequireSRIFor)); | 132 equalIgnoringCase(name, RequireSRIFor)); |
132 } | 133 } |
133 | 134 |
134 bool ContentSecurityPolicy::isNonceableElement(const Element* element) { | 135 bool ContentSecurityPolicy::isNonceableElement(const Element* element) { |
135 if (!element->fastHasAttribute(HTMLNames::nonceAttr)) | 136 if (!element->fastHasAttribute(HTMLNames::nonceAttr)) |
136 return false; | 137 return false; |
137 | 138 |
(...skipping 699 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
837 case WebURLRequest::RequestContextFavicon: | 838 case WebURLRequest::RequestContextFavicon: |
838 case WebURLRequest::RequestContextImage: | 839 case WebURLRequest::RequestContextImage: |
839 case WebURLRequest::RequestContextImageSet: | 840 case WebURLRequest::RequestContextImageSet: |
840 return allowImageFromSource(url, redirectStatus, reportingStatus); | 841 return allowImageFromSource(url, redirectStatus, reportingStatus); |
841 case WebURLRequest::RequestContextFont: | 842 case WebURLRequest::RequestContextFont: |
842 return allowFontFromSource(url, redirectStatus, reportingStatus); | 843 return allowFontFromSource(url, redirectStatus, reportingStatus); |
843 case WebURLRequest::RequestContextForm: | 844 case WebURLRequest::RequestContextForm: |
844 return allowFormAction(url, redirectStatus, reportingStatus); | 845 return allowFormAction(url, redirectStatus, reportingStatus); |
845 case WebURLRequest::RequestContextFrame: | 846 case WebURLRequest::RequestContextFrame: |
846 case WebURLRequest::RequestContextIframe: | 847 case WebURLRequest::RequestContextIframe: |
847 return allowChildFrameFromSource(url, redirectStatus, reportingStatus); | 848 return allowFrameFromSource(url, redirectStatus, reportingStatus); |
848 case WebURLRequest::RequestContextImport: | 849 case WebURLRequest::RequestContextImport: |
849 case WebURLRequest::RequestContextScript: | 850 case WebURLRequest::RequestContextScript: |
850 return allowScriptFromSource(url, nonce, parserDisposition, | 851 return allowScriptFromSource(url, nonce, parserDisposition, |
851 redirectStatus, reportingStatus); | 852 redirectStatus, reportingStatus); |
852 case WebURLRequest::RequestContextXSLT: | 853 case WebURLRequest::RequestContextXSLT: |
853 return allowScriptFromSource(url, nonce, parserDisposition, | 854 return allowScriptFromSource(url, nonce, parserDisposition, |
854 redirectStatus, reportingStatus); | 855 redirectStatus, reportingStatus); |
855 case WebURLRequest::RequestContextManifest: | 856 case WebURLRequest::RequestContextManifest: |
856 return allowManifestFromSource(url, redirectStatus, reportingStatus); | 857 return allowManifestFromSource(url, redirectStatus, reportingStatus); |
857 case WebURLRequest::RequestContextServiceWorker: | 858 case WebURLRequest::RequestContextServiceWorker: |
(...skipping 27 matching lines...) Expand all Loading... |
885 } | 886 } |
886 | 887 |
887 bool ContentSecurityPolicy::allowObjectFromSource( | 888 bool ContentSecurityPolicy::allowObjectFromSource( |
888 const KURL& url, | 889 const KURL& url, |
889 RedirectStatus redirectStatus, | 890 RedirectStatus redirectStatus, |
890 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 891 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
891 return isAllowedByAll<&CSPDirectiveList::allowObjectFromSource>( | 892 return isAllowedByAll<&CSPDirectiveList::allowObjectFromSource>( |
892 m_policies, url, redirectStatus, reportingStatus); | 893 m_policies, url, redirectStatus, reportingStatus); |
893 } | 894 } |
894 | 895 |
895 bool ContentSecurityPolicy::allowChildFrameFromSource( | 896 bool ContentSecurityPolicy::allowFrameFromSource( |
896 const KURL& url, | 897 const KURL& url, |
897 RedirectStatus redirectStatus, | 898 RedirectStatus redirectStatus, |
898 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 899 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
899 return isAllowedByAll<&CSPDirectiveList::allowChildFrameFromSource>( | 900 return isAllowedByAll<&CSPDirectiveList::allowFrameFromSource>( |
900 m_policies, url, redirectStatus, reportingStatus); | 901 m_policies, url, redirectStatus, reportingStatus); |
901 } | 902 } |
902 | 903 |
903 bool ContentSecurityPolicy::allowImageFromSource( | 904 bool ContentSecurityPolicy::allowImageFromSource( |
904 const KURL& url, | 905 const KURL& url, |
905 RedirectStatus redirectStatus, | 906 RedirectStatus redirectStatus, |
906 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 907 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
907 if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy( | 908 if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy( |
908 url.protocol(), SchemeRegistry::PolicyAreaImage)) | 909 url.protocol(), SchemeRegistry::PolicyAreaImage)) |
909 return true; | 910 return true; |
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
964 } | 965 } |
965 | 966 |
966 bool ContentSecurityPolicy::allowWorkerContextFromSource( | 967 bool ContentSecurityPolicy::allowWorkerContextFromSource( |
967 const KURL& url, | 968 const KURL& url, |
968 RedirectStatus redirectStatus, | 969 RedirectStatus redirectStatus, |
969 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 970 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
970 // CSP 1.1 moves workers from 'script-src' to the new 'child-src'. Measure the | 971 // CSP 1.1 moves workers from 'script-src' to the new 'child-src'. Measure the |
971 // impact of this backwards-incompatible change. | 972 // impact of this backwards-incompatible change. |
972 if (Document* document = this->document()) { | 973 if (Document* document = this->document()) { |
973 UseCounter::count(*document, UseCounter::WorkerSubjectToCSP); | 974 UseCounter::count(*document, UseCounter::WorkerSubjectToCSP); |
974 if (isAllowedByAll<&CSPDirectiveList::allowChildContextFromSource>( | 975 if (isAllowedByAll<&CSPDirectiveList::allowWorkerFromSource>( |
975 m_policies, url, redirectStatus, SuppressReport) && | 976 m_policies, url, redirectStatus, SuppressReport) && |
976 !isAllowedByAll<&CSPDirectiveList::allowScriptFromSource>( | 977 !isAllowedByAll<&CSPDirectiveList::allowScriptFromSource>( |
977 m_policies, url, AtomicString(), NotParserInserted, redirectStatus, | 978 m_policies, url, AtomicString(), NotParserInserted, redirectStatus, |
978 SuppressReport)) { | 979 SuppressReport)) { |
979 UseCounter::count(*document, | 980 UseCounter::count(*document, |
980 UseCounter::WorkerAllowedByChildBlockedByScript); | 981 UseCounter::WorkerAllowedByChildBlockedByScript); |
981 } | 982 } |
982 } | 983 } |
983 | 984 |
984 return isAllowedByAll<&CSPDirectiveList::allowChildContextFromSource>( | 985 return isAllowedByAll<&CSPDirectiveList::allowWorkerFromSource>( |
985 m_policies, url, redirectStatus, reportingStatus); | 986 m_policies, url, redirectStatus, reportingStatus); |
986 } | 987 } |
987 | 988 |
988 bool ContentSecurityPolicy::allowManifestFromSource( | 989 bool ContentSecurityPolicy::allowManifestFromSource( |
989 const KURL& url, | 990 const KURL& url, |
990 RedirectStatus redirectStatus, | 991 RedirectStatus redirectStatus, |
991 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 992 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
992 return isAllowedByAll<&CSPDirectiveList::allowManifestFromSource>( | 993 return isAllowedByAll<&CSPDirectiveList::allowManifestFromSource>( |
993 m_policies, url, redirectStatus, reportingStatus); | 994 m_policies, url, redirectStatus, reportingStatus); |
994 } | 995 } |
(...skipping 518 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1513 // Collisions have no security impact, so we can save space by storing only | 1514 // Collisions have no security impact, so we can save space by storing only |
1514 // the string's hash rather than the whole report. | 1515 // the string's hash rather than the whole report. |
1515 return !m_violationReportsSent.contains(report.impl()->hash()); | 1516 return !m_violationReportsSent.contains(report.impl()->hash()); |
1516 } | 1517 } |
1517 | 1518 |
1518 void ContentSecurityPolicy::didSendViolationReport(const String& report) { | 1519 void ContentSecurityPolicy::didSendViolationReport(const String& report) { |
1519 m_violationReportsSent.add(report.impl()->hash()); | 1520 m_violationReportsSent.add(report.impl()->hash()); |
1520 } | 1521 } |
1521 | 1522 |
1522 } // namespace blink | 1523 } // namespace blink |
OLD | NEW |