Chromium Code Reviews Chromium Code Reviews
Issue 2526473005:
Part 4.1: Is policy list subsumed under subsuming policy? (Closed)
| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 348 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 359 static bool isDirectiveName(const String&); | 359 static bool isDirectiveName(const String&); |
| 360 | 360 |
| 361 static bool isNonceableElement(const Element*); | 361 static bool isNonceableElement(const Element*); |
| 362 | 362 |
| 363 // This method checks whether the request should be allowed for an | 363 // This method checks whether the request should be allowed for an |
| 364 // experimental EmbeddingCSP feature | 364 // experimental EmbeddingCSP feature |
| 365 // Please, see https://w3c.github.io/webappsec-csp/embedded/#origin-allowed. | 365 // Please, see https://w3c.github.io/webappsec-csp/embedded/#origin-allowed. |
| 366 static bool shouldEnforceEmbeddersPolicy(const ResourceResponse&, | 366 static bool shouldEnforceEmbeddersPolicy(const ResourceResponse&, |
| 367 SecurityOrigin*); | 367 SecurityOrigin*); |
| 368 | 368 |
| 369 // This method checks if this CSP subsumes given CSP. | |
|
Mike West
2016/11/28 13:08:02
Nit: "... if this policy subsumes a given policy"
| |
| 370 // More information here: | |
| 371 // https://w3c.github.io/webappsec-csp/embedded/#subsume-policy | |
| 372 bool subsumes(const ContentSecurityPolicy&); | |
| 373 | |
| 369 Document* document() const; | 374 Document* document() const; |
| 370 | 375 |
| 371 private: | 376 private: |
| 372 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceInline); | 377 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceInline); |
| 373 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceSinglePolicy); | 378 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceSinglePolicy); |
| 374 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceMultiplePolicy); | 379 FRIEND_TEST_ALL_PREFIXES(ContentSecurityPolicyTest, NonceMultiplePolicy); |
| 375 | 380 |
| 376 ContentSecurityPolicy(); | 381 ContentSecurityPolicy(); |
| 377 | 382 |
| 378 void applyPolicySideEffectsToExecutionContext(); | 383 void applyPolicySideEffectsToExecutionContext(); |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 412 String m_disableEvalErrorMessage; | 417 String m_disableEvalErrorMessage; |
| 413 WebInsecureRequestPolicy m_insecureRequestPolicy; | 418 WebInsecureRequestPolicy m_insecureRequestPolicy; |
| 414 | 419 |
| 415 Member<CSPSource> m_selfSource; | 420 Member<CSPSource> m_selfSource; |
| 416 String m_selfProtocol; | 421 String m_selfProtocol; |
| 417 }; | 422 }; |
| 418 | 423 |
| 419 } // namespace blink | 424 } // namespace blink |
| 420 | 425 |
| 421 #endif | 426 #endif |
| OLD | NEW |
