OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/SourceListDirective.h" | 5 #include "core/frame/csp/SourceListDirective.h" |
6 | 6 |
7 #include "core/frame/csp/CSPSource.h" | 7 #include "core/frame/csp/CSPSource.h" |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "platform/network/ContentSecurityPolicyParsers.h" | 9 #include "platform/network/ContentSecurityPolicyParsers.h" |
10 #include "platform/weborigin/KURL.h" | 10 #include "platform/weborigin/KURL.h" |
(...skipping 557 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
568 | 568 |
569 return false; | 569 return false; |
570 } | 570 } |
571 | 571 |
572 HeapVector<Member<CSPSource>> SourceListDirective::getIntersectCSPSources( | 572 HeapVector<Member<CSPSource>> SourceListDirective::getIntersectCSPSources( |
573 HeapVector<Member<CSPSource>> otherVector) { | 573 HeapVector<Member<CSPSource>> otherVector) { |
574 HeapVector<Member<CSPSource>> normalized; | 574 HeapVector<Member<CSPSource>> normalized; |
575 for (const auto& aCspSource : m_list) { | 575 for (const auto& aCspSource : m_list) { |
576 Member<CSPSource> matchedCspSource(nullptr); | 576 Member<CSPSource> matchedCspSource(nullptr); |
577 for (const auto& bCspSource : otherVector) { | 577 for (const auto& bCspSource : otherVector) { |
578 if ((matchedCspSource = bCspSource->intersect(aCspSource))) | 578 if (aCspSource->isSchemeOnly() && bCspSource->isSchemeOnly()) { |
Mike West
2016/11/17 10:58:31
Nit: I guess I reviewed this earlier, but looking
| |
579 if (Member<CSPSource> intersection = | |
580 bCspSource->intersect(aCspSource)) { | |
581 matchedCspSource = intersection; | |
582 break; | |
583 } | |
584 } | |
585 if (bCspSource->subsumes(aCspSource)) { | |
amalika
2016/11/09 17:53:46
We always want to preserve the CSPSource we are cu
| |
586 matchedCspSource = aCspSource; | |
579 break; | 587 break; |
588 } | |
589 if (Member<CSPSource> intersection = bCspSource->intersect(aCspSource)) | |
590 matchedCspSource = intersection; | |
580 } | 591 } |
581 if (matchedCspSource) | 592 if (matchedCspSource) |
582 normalized.append(matchedCspSource); | 593 normalized.append(matchedCspSource); |
583 } | 594 } |
584 return normalized; | 595 return normalized; |
585 } | 596 } |
586 | 597 |
587 DEFINE_TRACE(SourceListDirective) { | 598 DEFINE_TRACE(SourceListDirective) { |
588 visitor->trace(m_policy); | 599 visitor->trace(m_policy); |
589 visitor->trace(m_list); | 600 visitor->trace(m_list); |
590 CSPDirective::trace(visitor); | 601 CSPDirective::trace(visitor); |
591 } | 602 } |
592 | 603 |
593 } // namespace blink | 604 } // namespace blink |
OLD | NEW |