OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 2 * Copyright (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
3 * Copyright (C) 2006, 2007, 2008, 2009 Apple Inc. All rights reserved. | 3 * Copyright (C) 2006, 2007, 2008, 2009 Apple Inc. All rights reserved. |
4 * Copyright (C) 2009 Torch Mobile Inc. http://www.torchmobile.com/ | 4 * Copyright (C) 2009 Torch Mobile Inc. http://www.torchmobile.com/ |
5 * Copyright (C) 2009 Google Inc. All rights reserved. | 5 * Copyright (C) 2009 Google Inc. All rights reserved. |
6 * Copyright (C) 2011 Apple Inc. All Rights Reserved. | 6 * Copyright (C) 2011 Apple Inc. All Rights Reserved. |
7 * | 7 * |
8 * Redistribution and use in source and binary forms, with or without | 8 * Redistribution and use in source and binary forms, with or without |
9 * modification, are permitted provided that the following conditions | 9 * modification, are permitted provided that the following conditions |
10 * are met: | 10 * are met: |
(...skipping 561 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
572 } | 572 } |
573 } | 573 } |
574 | 574 |
575 ContentTypeOptionsDisposition parseContentTypeOptionsHeader( | 575 ContentTypeOptionsDisposition parseContentTypeOptionsHeader( |
576 const String& header) { | 576 const String& header) { |
577 if (header.stripWhiteSpace().lower() == "nosniff") | 577 if (header.stripWhiteSpace().lower() == "nosniff") |
578 return ContentTypeOptionsNosniff; | 578 return ContentTypeOptionsNosniff; |
579 return ContentTypeOptionsNone; | 579 return ContentTypeOptionsNone; |
580 } | 580 } |
581 | 581 |
582 XFrameOptionsDisposition parseXFrameOptionsHeader(const String& header) { | |
583 XFrameOptionsDisposition result = XFrameOptionsInvalid; | |
584 | |
585 if (header.isEmpty()) | |
586 return result; | |
587 | |
588 Vector<String> headers; | |
589 header.split(',', headers); | |
590 | |
591 bool hasValue = false; | |
592 for (size_t i = 0; i < headers.size(); i++) { | |
593 String currentHeader = headers[i].stripWhiteSpace(); | |
594 XFrameOptionsDisposition currentValue = XFrameOptionsInvalid; | |
595 if (equalIgnoringCase(currentHeader, "deny")) | |
596 currentValue = XFrameOptionsDeny; | |
597 else if (equalIgnoringCase(currentHeader, "sameorigin")) | |
598 currentValue = XFrameOptionsSameOrigin; | |
599 else if (equalIgnoringCase(currentHeader, "allowall")) | |
600 currentValue = XFrameOptionsAllowAll; | |
601 | |
602 if (!hasValue) | |
603 result = currentValue; | |
604 else if (result != currentValue) | |
605 return XFrameOptionsConflict; | |
606 hasValue = true; | |
607 } | |
608 return result; | |
609 } | |
610 | |
611 static bool isCacheHeaderSeparator(UChar c) { | 582 static bool isCacheHeaderSeparator(UChar c) { |
612 // See RFC 2616, Section 2.2 | 583 // See RFC 2616, Section 2.2 |
613 switch (c) { | 584 switch (c) { |
614 case '(': | 585 case '(': |
615 case ')': | 586 case ')': |
616 case '<': | 587 case '<': |
617 case '>': | 588 case '>': |
618 case '@': | 589 case '@': |
619 case ',': | 590 case ',': |
620 case ';': | 591 case ';': |
(...skipping 280 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
901 StringBuilder sb; | 872 StringBuilder sb; |
902 sb.append("["); | 873 sb.append("["); |
903 sb.append(header); | 874 sb.append(header); |
904 sb.append("]"); | 875 sb.append("]"); |
905 std::unique_ptr<JSONValue> headerValue = | 876 std::unique_ptr<JSONValue> headerValue = |
906 parseJSON(sb.toString(), maxParseDepth); | 877 parseJSON(sb.toString(), maxParseDepth); |
907 return JSONArray::from(std::move(headerValue)); | 878 return JSONArray::from(std::move(headerValue)); |
908 } | 879 } |
909 | 880 |
910 } // namespace blink | 881 } // namespace blink |
OLD | NEW |