| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 2 * Copyright (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
| 3 * Copyright (C) 2009 Google Inc. All rights reserved. | 3 * Copyright (C) 2009 Google Inc. All rights reserved. |
| 4 * Copyright (C) 2011 Apple Inc. All Rights Reserved. | 4 * Copyright (C) 2011 Apple Inc. All Rights Reserved. |
| 5 * | 5 * |
| 6 * Redistribution and use in source and binary forms, with or without | 6 * Redistribution and use in source and binary forms, with or without |
| 7 * modification, are permitted provided that the following conditions | 7 * modification, are permitted provided that the following conditions |
| 8 * are met: | 8 * are met: |
| 9 * | 9 * |
| 10 * 1. Redistributions of source code must retain the above copyright | 10 * 1. Redistributions of source code must retain the above copyright |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 51 ContentDispositionInline, | 51 ContentDispositionInline, |
| 52 ContentDispositionAttachment, | 52 ContentDispositionAttachment, |
| 53 ContentDispositionOther | 53 ContentDispositionOther |
| 54 } ContentDispositionType; | 54 } ContentDispositionType; |
| 55 | 55 |
| 56 enum ContentTypeOptionsDisposition { | 56 enum ContentTypeOptionsDisposition { |
| 57 ContentTypeOptionsNone, | 57 ContentTypeOptionsNone, |
| 58 ContentTypeOptionsNosniff | 58 ContentTypeOptionsNosniff |
| 59 }; | 59 }; |
| 60 | 60 |
| 61 enum XFrameOptionsDisposition { | |
| 62 XFrameOptionsInvalid, | |
| 63 XFrameOptionsDeny, | |
| 64 XFrameOptionsSameOrigin, | |
| 65 XFrameOptionsAllowAll, | |
| 66 XFrameOptionsConflict | |
| 67 }; | |
| 68 | |
| 69 // Be sure to update the behavior of | 61 // Be sure to update the behavior of |
| 70 // XSSAuditor::combineXSSProtectionHeaderAndCSP whenever you change this enum's | 62 // XSSAuditor::combineXSSProtectionHeaderAndCSP whenever you change this enum's |
| 71 // content or ordering. | 63 // content or ordering. |
| 72 enum ReflectedXSSDisposition { | 64 enum ReflectedXSSDisposition { |
| 73 ReflectedXSSUnset = 0, | 65 ReflectedXSSUnset = 0, |
| 74 AllowReflectedXSS, | 66 AllowReflectedXSS, |
| 75 ReflectedXSSInvalid, | 67 ReflectedXSSInvalid, |
| 76 FilterReflectedXSS, | 68 FilterReflectedXSS, |
| 77 BlockReflectedXSS | 69 BlockReflectedXSS |
| 78 }; | 70 }; |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 128 PLATFORM_EXPORT String extractCharsetFromMediaType(const String&); | 120 PLATFORM_EXPORT String extractCharsetFromMediaType(const String&); |
| 129 PLATFORM_EXPORT void findCharsetInMediaType(const String& mediaType, | 121 PLATFORM_EXPORT void findCharsetInMediaType(const String& mediaType, |
| 130 unsigned& charsetPos, | 122 unsigned& charsetPos, |
| 131 unsigned& charsetLen, | 123 unsigned& charsetLen, |
| 132 unsigned start = 0); | 124 unsigned start = 0); |
| 133 PLATFORM_EXPORT ReflectedXSSDisposition | 125 PLATFORM_EXPORT ReflectedXSSDisposition |
| 134 parseXSSProtectionHeader(const String& header, | 126 parseXSSProtectionHeader(const String& header, |
| 135 String& failureReason, | 127 String& failureReason, |
| 136 unsigned& failurePosition, | 128 unsigned& failurePosition, |
| 137 String& reportURL); | 129 String& reportURL); |
| 138 PLATFORM_EXPORT XFrameOptionsDisposition | |
| 139 parseXFrameOptionsHeader(const String&); | |
| 140 PLATFORM_EXPORT CacheControlHeader | 130 PLATFORM_EXPORT CacheControlHeader |
| 141 parseCacheControlDirectives(const AtomicString& cacheControlHeader, | 131 parseCacheControlDirectives(const AtomicString& cacheControlHeader, |
| 142 const AtomicString& pragmaHeader); | 132 const AtomicString& pragmaHeader); |
| 143 PLATFORM_EXPORT void parseCommaDelimitedHeader(const String& headerValue, | 133 PLATFORM_EXPORT void parseCommaDelimitedHeader(const String& headerValue, |
| 144 CommaDelimitedHeaderSet&); | 134 CommaDelimitedHeaderSet&); |
| 145 // Returns true on success, otherwise false. The Suborigin argument must be a | 135 // Returns true on success, otherwise false. The Suborigin argument must be a |
| 146 // non-null return argument. |messages| is a list of messages based on any | 136 // non-null return argument. |messages| is a list of messages based on any |
| 147 // parse warnings or errors. Even if parseSuboriginHeader returns true, there | 137 // parse warnings or errors. Even if parseSuboriginHeader returns true, there |
| 148 // may be Strings in |messages|. | 138 // may be Strings in |messages|. |
| 149 PLATFORM_EXPORT bool parseSuboriginHeader(const String& header, | 139 PLATFORM_EXPORT bool parseSuboriginHeader(const String& header, |
| (...skipping 14 matching lines...) Expand all Loading... |
| 164 // https://tools.ietf.org/html/draft-ietf-httpbis-jfv-01 | 154 // https://tools.ietf.org/html/draft-ietf-httpbis-jfv-01 |
| 165 // Returns an empty unique_ptr if the header cannot be parsed as JSON. JSON | 155 // Returns an empty unique_ptr if the header cannot be parsed as JSON. JSON |
| 166 // strings which represent object nested deeper than |maxParseDepth| will also | 156 // strings which represent object nested deeper than |maxParseDepth| will also |
| 167 // cause an empty return value. | 157 // cause an empty return value. |
| 168 PLATFORM_EXPORT std::unique_ptr<JSONArray> parseJSONHeader(const String& header, | 158 PLATFORM_EXPORT std::unique_ptr<JSONArray> parseJSONHeader(const String& header, |
| 169 int maxParseDepth); | 159 int maxParseDepth); |
| 170 | 160 |
| 171 } // namespace blink | 161 } // namespace blink |
| 172 | 162 |
| 173 #endif | 163 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2488743003:
(Re-)introduce AncestorThrottle to handle 'X-Frame-Options'. (Closed)
