OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 812 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
823 | 823 |
824 switch (context) { | 824 switch (context) { |
825 case WebURLRequest::RequestContextAudio: | 825 case WebURLRequest::RequestContextAudio: |
826 case WebURLRequest::RequestContextTrack: | 826 case WebURLRequest::RequestContextTrack: |
827 case WebURLRequest::RequestContextVideo: | 827 case WebURLRequest::RequestContextVideo: |
828 return allowMediaFromSource(url, redirectStatus, reportingStatus); | 828 return allowMediaFromSource(url, redirectStatus, reportingStatus); |
829 case WebURLRequest::RequestContextBeacon: | 829 case WebURLRequest::RequestContextBeacon: |
830 case WebURLRequest::RequestContextEventSource: | 830 case WebURLRequest::RequestContextEventSource: |
831 case WebURLRequest::RequestContextFetch: | 831 case WebURLRequest::RequestContextFetch: |
832 case WebURLRequest::RequestContextXMLHttpRequest: | 832 case WebURLRequest::RequestContextXMLHttpRequest: |
833 case WebURLRequest::RequestContextSubresource: | |
Mike West
2016/11/10 18:59:10
How confident are you that `Subresource` is target
| |
833 return allowConnectToSource(url, redirectStatus, reportingStatus); | 834 return allowConnectToSource(url, redirectStatus, reportingStatus); |
834 case WebURLRequest::RequestContextEmbed: | 835 case WebURLRequest::RequestContextEmbed: |
835 case WebURLRequest::RequestContextObject: | 836 case WebURLRequest::RequestContextObject: |
836 return allowObjectFromSource(url, redirectStatus, reportingStatus); | 837 return allowObjectFromSource(url, redirectStatus, reportingStatus); |
837 case WebURLRequest::RequestContextFavicon: | 838 case WebURLRequest::RequestContextFavicon: |
838 case WebURLRequest::RequestContextImage: | 839 case WebURLRequest::RequestContextImage: |
839 case WebURLRequest::RequestContextImageSet: | 840 case WebURLRequest::RequestContextImageSet: |
840 return allowImageFromSource(url, redirectStatus, reportingStatus); | 841 return allowImageFromSource(url, redirectStatus, reportingStatus); |
841 case WebURLRequest::RequestContextFont: | 842 case WebURLRequest::RequestContextFont: |
842 return allowFontFromSource(url, redirectStatus, reportingStatus); | 843 return allowFontFromSource(url, redirectStatus, reportingStatus); |
(...skipping 18 matching lines...) Expand all Loading... | |
861 case WebURLRequest::RequestContextStyle: | 862 case WebURLRequest::RequestContextStyle: |
862 return allowStyleFromSource(url, nonce, redirectStatus, reportingStatus); | 863 return allowStyleFromSource(url, nonce, redirectStatus, reportingStatus); |
863 case WebURLRequest::RequestContextCSPReport: | 864 case WebURLRequest::RequestContextCSPReport: |
864 case WebURLRequest::RequestContextDownload: | 865 case WebURLRequest::RequestContextDownload: |
865 case WebURLRequest::RequestContextHyperlink: | 866 case WebURLRequest::RequestContextHyperlink: |
866 case WebURLRequest::RequestContextInternal: | 867 case WebURLRequest::RequestContextInternal: |
867 case WebURLRequest::RequestContextLocation: | 868 case WebURLRequest::RequestContextLocation: |
868 case WebURLRequest::RequestContextPing: | 869 case WebURLRequest::RequestContextPing: |
869 case WebURLRequest::RequestContextPlugin: | 870 case WebURLRequest::RequestContextPlugin: |
870 case WebURLRequest::RequestContextPrefetch: | 871 case WebURLRequest::RequestContextPrefetch: |
871 case WebURLRequest::RequestContextSubresource: | |
872 case WebURLRequest::RequestContextUnspecified: | 872 case WebURLRequest::RequestContextUnspecified: |
873 return true; | 873 return true; |
874 } | 874 } |
875 ASSERT_NOT_REACHED(); | 875 ASSERT_NOT_REACHED(); |
876 return true; | 876 return true; |
877 } | 877 } |
878 | 878 |
879 void ContentSecurityPolicy::usesScriptHashAlgorithms(uint8_t algorithms) { | 879 void ContentSecurityPolicy::usesScriptHashAlgorithms(uint8_t algorithms) { |
880 m_scriptHashAlgorithmsUsed |= algorithms; | 880 m_scriptHashAlgorithmsUsed |= algorithms; |
881 } | 881 } |
(...skipping 631 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1513 // Collisions have no security impact, so we can save space by storing only | 1513 // Collisions have no security impact, so we can save space by storing only |
1514 // the string's hash rather than the whole report. | 1514 // the string's hash rather than the whole report. |
1515 return !m_violationReportsSent.contains(report.impl()->hash()); | 1515 return !m_violationReportsSent.contains(report.impl()->hash()); |
1516 } | 1516 } |
1517 | 1517 |
1518 void ContentSecurityPolicy::didSendViolationReport(const String& report) { | 1518 void ContentSecurityPolicy::didSendViolationReport(const String& report) { |
1519 m_violationReportsSent.add(report.impl()->hash()); | 1519 m_violationReportsSent.add(report.impl()->hash()); |
1520 } | 1520 } |
1521 | 1521 |
1522 } // namespace blink | 1522 } // namespace blink |
OLD | NEW |