OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 1538 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1549 const String& report) const { | 1549 const String& report) const { |
1550 // Collisions have no security impact, so we can save space by storing only | 1550 // Collisions have no security impact, so we can save space by storing only |
1551 // the string's hash rather than the whole report. | 1551 // the string's hash rather than the whole report. |
1552 return !m_violationReportsSent.contains(report.impl()->hash()); | 1552 return !m_violationReportsSent.contains(report.impl()->hash()); |
1553 } | 1553 } |
1554 | 1554 |
1555 void ContentSecurityPolicy::didSendViolationReport(const String& report) { | 1555 void ContentSecurityPolicy::didSendViolationReport(const String& report) { |
1556 m_violationReportsSent.add(report.impl()->hash()); | 1556 m_violationReportsSent.add(report.impl()->hash()); |
1557 } | 1557 } |
1558 | 1558 |
1559 bool ContentSecurityPolicy::subsumes(const ContentSecurityPolicy& other) { | |
1560 if (!m_policies.size() || !other.m_policies.size()) | |
1561 return !m_policies.size(); | |
1562 | |
1563 CSPDirectiveListVector otherVector; | |
1564 for (const auto& policy : other.m_policies) { | |
1565 if (!policy->isReportOnly()) | |
1566 otherVector.append(policy); | |
1567 } | |
1568 // Embedding-CSP specifies only one policy. | |
1569 DCHECK(m_policies.size(), 1u); | |
amalika
2016/11/28 11:56:22
Since Embedding-CSP can't be more than just one po
Mike West
2016/11/28 13:08:02
I'd suggest returning `false` if more than one pol
amalika
2016/11/29 12:43:52
Changed!
| |
1570 | |
1571 return m_policies[0]->subsumes(otherVector); | |
Mike West
2016/11/28 13:08:02
What if `m_policies[0]` is report-only?
amalika
2016/11/29 12:43:52
Current implementation of Embedding-CSP is such th
| |
1572 } | |
1573 | |
1559 } // namespace blink | 1574 } // namespace blink |
OLD | NEW |