OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef SourceListDirective_h | 5 #ifndef SourceListDirective_h |
6 #define SourceListDirective_h | 6 #define SourceListDirective_h |
7 | 7 |
8 #include "core/CoreExport.h" | 8 #include "core/CoreExport.h" |
9 #include "core/frame/csp/CSPDirective.h" | 9 #include "core/frame/csp/CSPDirective.h" |
10 #include "core/frame/csp/CSPSource.h" | 10 #include "core/frame/csp/CSPSource.h" |
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
44 bool allowHash(const CSPHashValue&) const; | 44 bool allowHash(const CSPHashValue&) const; |
45 bool allowHashedAttributes() const; | 45 bool allowHashedAttributes() const; |
46 bool isHashOrNoncePresent() const; | 46 bool isHashOrNoncePresent() const; |
47 uint8_t hashAlgorithmsUsed() const; | 47 uint8_t hashAlgorithmsUsed() const; |
48 // The algorothm is described more extensively here: | 48 // The algorothm is described more extensively here: |
49 // https://w3c.github.io/webappsec-csp/embedded/#subsume-source-list | 49 // https://w3c.github.io/webappsec-csp/embedded/#subsume-source-list |
50 bool subsumes(HeapVector<Member<SourceListDirective>>); | 50 bool subsumes(HeapVector<Member<SourceListDirective>>); |
51 | 51 |
52 private: | 52 private: |
53 FRIEND_TEST_ALL_PREFIXES(SourceListDirectiveTest, GetIntersectCSPSources); | 53 FRIEND_TEST_ALL_PREFIXES(SourceListDirectiveTest, GetIntersectCSPSources); |
54 FRIEND_TEST_ALL_PREFIXES(SourceListDirectiveTest, | |
55 GetIntersectCSPSourcesSchemes); | |
54 | 56 |
55 bool parseSource(const UChar* begin, | 57 bool parseSource(const UChar* begin, |
56 const UChar* end, | 58 const UChar* end, |
57 String& scheme, | 59 String& scheme, |
58 String& host, | 60 String& host, |
59 int& port, | 61 int& port, |
60 String& path, | 62 String& path, |
61 CSPSource::WildcardDisposition&, | 63 CSPSource::WildcardDisposition&, |
62 CSPSource::WildcardDisposition&); | 64 CSPSource::WildcardDisposition&); |
63 bool parseScheme(const UChar* begin, const UChar* end, String& scheme); | 65 bool parseScheme(const UChar* begin, const UChar* end, String& scheme); |
(...skipping 15 matching lines...) Expand all Loading... | |
79 void addSourceSelf(); | 81 void addSourceSelf(); |
80 void addSourceStar(); | 82 void addSourceStar(); |
81 void addSourceUnsafeInline(); | 83 void addSourceUnsafeInline(); |
82 void addSourceUnsafeEval(); | 84 void addSourceUnsafeEval(); |
83 void addSourceStrictDynamic(); | 85 void addSourceStrictDynamic(); |
84 void addSourceUnsafeHashedAttributes(); | 86 void addSourceUnsafeHashedAttributes(); |
85 void addSourceNonce(const String& nonce); | 87 void addSourceNonce(const String& nonce); |
86 void addSourceHash(const ContentSecurityPolicyHashAlgorithm&, | 88 void addSourceHash(const ContentSecurityPolicyHashAlgorithm&, |
87 const DigestValue& hash); | 89 const DigestValue& hash); |
88 | 90 |
91 static void addSourceToMap(HashMap<String, CSPSource*>&, CSPSource*); | |
sof
2016/12/01 16:15:52
HeapHashMap<String, Member<CSPSource>> is what's p
| |
92 | |
89 bool hasSourceMatchInList(const KURL&, ResourceRequest::RedirectStatus) const; | 93 bool hasSourceMatchInList(const KURL&, ResourceRequest::RedirectStatus) const; |
90 HeapVector<Member<CSPSource>> getIntersectCSPSources( | 94 HeapVector<Member<CSPSource>> getIntersectCSPSources( |
91 HeapVector<Member<CSPSource>> other); | 95 HeapVector<Member<CSPSource>> other); |
96 HashMap<String, CSPSource*> getIntersectSchemesOnly( | |
97 HeapVector<Member<CSPSource>> other); | |
92 | 98 |
93 Member<ContentSecurityPolicy> m_policy; | 99 Member<ContentSecurityPolicy> m_policy; |
94 HeapVector<Member<CSPSource>> m_list; | 100 HeapVector<Member<CSPSource>> m_list; |
95 String m_directiveName; | 101 String m_directiveName; |
96 bool m_allowSelf; | 102 bool m_allowSelf; |
97 bool m_allowStar; | 103 bool m_allowStar; |
98 bool m_allowInline; | 104 bool m_allowInline; |
99 bool m_allowEval; | 105 bool m_allowEval; |
100 bool m_allowDynamic; | 106 bool m_allowDynamic; |
101 bool m_allowHashedAttributes; | 107 bool m_allowHashedAttributes; |
102 HashSet<String> m_nonces; | 108 HashSet<String> m_nonces; |
103 HashSet<CSPHashValue> m_hashes; | 109 HashSet<CSPHashValue> m_hashes; |
104 uint8_t m_hashAlgorithmsUsed; | 110 uint8_t m_hashAlgorithmsUsed; |
105 }; | 111 }; |
106 | 112 |
107 } // namespace blink | 113 } // namespace blink |
108 | 114 |
109 #endif | 115 #endif |
OLD | NEW |