| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 138 | 138 |
| 139 bool nonceable = true; | 139 bool nonceable = true; |
| 140 | 140 |
| 141 // To prevent an attacker from hijacking an existing nonce via a dangling | 141 // To prevent an attacker from hijacking an existing nonce via a dangling |
| 142 // markup injection, we walk through the attributes of each nonced script | 142 // markup injection, we walk through the attributes of each nonced script |
| 143 // element: if their names or values contain "<script" or "<style", we won't | 143 // element: if their names or values contain "<script" or "<style", we won't |
| 144 // apply the nonce when loading script. | 144 // apply the nonce when loading script. |
| 145 // | 145 // |
| 146 // See http://blog.innerht.ml/csp-2015/#danglingmarkupinjection for an example | 146 // See http://blog.innerht.ml/csp-2015/#danglingmarkupinjection for an example |
| 147 // of the kind of attack this is aimed at mitigating. | 147 // of the kind of attack this is aimed at mitigating. |
| 148 DEFINE_STATIC_LOCAL(AtomicString, scriptString, ("<script")); | 148 static const char scriptString[] = "<script"; |
| 149 DEFINE_STATIC_LOCAL(AtomicString, styleString, ("<style")); | 149 static const char styleString[] = "<style"; |
| 150 for (const Attribute& attr : element->attributes()) { | 150 for (const Attribute& attr : element->attributes()) { |
| 151 AtomicString name = attr.localName().lowerASCII(); | 151 AtomicString name = attr.localName().lowerASCII(); |
| 152 AtomicString value = attr.value().lowerASCII(); | 152 AtomicString value = attr.value().lowerASCII(); |
| 153 if (name.find(scriptString) != WTF::kNotFound || | 153 if (name.find(scriptString) != WTF::kNotFound || |
| 154 name.find(styleString) != WTF::kNotFound || | 154 name.find(styleString) != WTF::kNotFound || |
| 155 value.find(scriptString) != WTF::kNotFound || | 155 value.find(scriptString) != WTF::kNotFound || |
| 156 value.find(styleString) != WTF::kNotFound) { | 156 value.find(styleString) != WTF::kNotFound) { |
| 157 nonceable = false; | 157 nonceable = false; |
| 158 break; | 158 break; |
| 159 } | 159 } |
| (...skipping 1139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1299 | 1299 |
| 1300 void ContentSecurityPolicy::reportInvalidDirectiveInMeta( | 1300 void ContentSecurityPolicy::reportInvalidDirectiveInMeta( |
| 1301 const String& directive) { | 1301 const String& directive) { |
| 1302 logToConsole( | 1302 logToConsole( |
| 1303 "Content Security Policies delivered via a <meta> element may not " | 1303 "Content Security Policies delivered via a <meta> element may not " |
| 1304 "contain the " + | 1304 "contain the " + |
| 1305 directive + " directive."); | 1305 directive + " directive."); |
| 1306 } | 1306 } |
| 1307 | 1307 |
| 1308 void ContentSecurityPolicy::reportUnsupportedDirective(const String& name) { | 1308 void ContentSecurityPolicy::reportUnsupportedDirective(const String& name) { |
| 1309 DEFINE_STATIC_LOCAL(String, allow, ("allow")); | 1309 static const char allow[] = "allow"; |
| 1310 DEFINE_STATIC_LOCAL(String, options, ("options")); | 1310 static const char options[] = "options"; |
| 1311 DEFINE_STATIC_LOCAL(String, policyURI, ("policy-uri")); | 1311 static const char policyURI[] = "policy-uri"; |
| 1312 DEFINE_STATIC_LOCAL( | 1312 static const char allowMessage[] = |
| 1313 String, allowMessage, | 1313 "The 'allow' directive has been replaced with 'default-src'. Please use " |
| 1314 ("The 'allow' directive has been replaced with 'default-src'. Please use " | 1314 "that directive instead, as 'allow' has no effect."; |
| 1315 "that directive instead, as 'allow' has no effect.")); | 1315 static const char optionsMessage[] = |
| 1316 DEFINE_STATIC_LOCAL( | 1316 "The 'options' directive has been replaced with 'unsafe-inline' and " |
| 1317 String, optionsMessage, | 1317 "'unsafe-eval' source expressions for the 'script-src' and 'style-src' " |
| 1318 ("The 'options' directive has been replaced with 'unsafe-inline' and " | 1318 "directives. Please use those directives instead, as 'options' has no " |
| 1319 "'unsafe-eval' source expressions for the 'script-src' and 'style-src' " | 1319 "effect."; |
| 1320 "directives. Please use those directives instead, as 'options' has no " | 1320 static const char policyURIMessage[] = |
| 1321 "effect.")); | 1321 "The 'policy-uri' directive has been removed from the " |
| 1322 DEFINE_STATIC_LOCAL(String, policyURIMessage, | 1322 "specification. Please specify a complete policy via " |
| 1323 ("The 'policy-uri' directive has been removed from the " | 1323 "the Content-Security-Policy header."; |
| 1324 "specification. Please specify a complete policy via " | |
| 1325 "the Content-Security-Policy header.")); | |
| 1326 | 1324 |
| 1327 String message = | 1325 String message = |
| 1328 "Unrecognized Content-Security-Policy directive '" + name + "'.\n"; | 1326 "Unrecognized Content-Security-Policy directive '" + name + "'.\n"; |
| 1329 MessageLevel level = ErrorMessageLevel; | 1327 MessageLevel level = ErrorMessageLevel; |
| 1330 if (equalIgnoringCase(name, allow)) { | 1328 if (equalIgnoringCase(name, allow)) { |
| 1331 message = allowMessage; | 1329 message = allowMessage; |
| 1332 } else if (equalIgnoringCase(name, options)) { | 1330 } else if (equalIgnoringCase(name, options)) { |
| 1333 message = optionsMessage; | 1331 message = optionsMessage; |
| 1334 } else if (equalIgnoringCase(name, policyURI)) { | 1332 } else if (equalIgnoringCase(name, policyURI)) { |
| 1335 message = policyURIMessage; | 1333 message = policyURIMessage; |
| (...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1514 // Collisions have no security impact, so we can save space by storing only | 1512 // Collisions have no security impact, so we can save space by storing only |
| 1515 // the string's hash rather than the whole report. | 1513 // the string's hash rather than the whole report. |
| 1516 return !m_violationReportsSent.contains(report.impl()->hash()); | 1514 return !m_violationReportsSent.contains(report.impl()->hash()); |
| 1517 } | 1515 } |
| 1518 | 1516 |
| 1519 void ContentSecurityPolicy::didSendViolationReport(const String& report) { | 1517 void ContentSecurityPolicy::didSendViolationReport(const String& report) { |
| 1520 m_violationReportsSent.add(report.impl()->hash()); | 1518 m_violationReportsSent.add(report.impl()->hash()); |
| 1521 } | 1519 } |
| 1522 | 1520 |
| 1523 } // namespace blink | 1521 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2497543003:
ContentSecurityPolicy: avoid defining static String singletons. (Closed)
