| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "core/frame/csp/CSPDirectiveList.h" | 5 #include "core/frame/csp/CSPDirectiveList.h" |
| 6 | 6 |
| 7 #include "bindings/core/v8/SourceLocation.h" | 7 #include "bindings/core/v8/SourceLocation.h" |
| 8 #include "core/dom/Document.h" | 8 #include "core/dom/Document.h" |
| 9 #include "core/dom/SecurityContext.h" | 9 #include "core/dom/SecurityContext.h" |
| 10 #include "core/dom/SpaceSplitString.h" | 10 #include "core/dom/SpaceSplitString.h" |
| (...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 80 if (directives->isReportOnly() && | 80 if (directives->isReportOnly() && |
| 81 source != ContentSecurityPolicyHeaderSourceMeta && | 81 source != ContentSecurityPolicyHeaderSourceMeta && |
| 82 directives->reportEndpoints().isEmpty()) | 82 directives->reportEndpoints().isEmpty()) |
| 83 policy->reportMissingReportURI(String(begin, end - begin)); | 83 policy->reportMissingReportURI(String(begin, end - begin)); |
| 84 | 84 |
| 85 return directives; | 85 return directives; |
| 86 } | 86 } |
| 87 | 87 |
| 88 void CSPDirectiveList::reportViolation( | 88 void CSPDirectiveList::reportViolation( |
| 89 const String& directiveText, | 89 const String& directiveText, |
| 90 const ContentSecurityPolicy::DirectiveType& effectiveType, | 90 const String& effectiveDirective, |
| 91 const String& consoleMessage, | 91 const String& consoleMessage, |
| 92 const KURL& blockedURL, | 92 const KURL& blockedURL, |
| 93 ResourceRequest::RedirectStatus redirectStatus) const { | 93 ResourceRequest::RedirectStatus redirectStatus) const { |
| 94 String message = | 94 String message = |
| 95 isReportOnly() ? "[Report Only] " + consoleMessage : consoleMessage; | 95 isReportOnly() ? "[Report Only] " + consoleMessage : consoleMessage; |
| 96 m_policy->logToConsole(ConsoleMessage::create(SecurityMessageSource, | 96 m_policy->logToConsole(ConsoleMessage::create(SecurityMessageSource, |
| 97 ErrorMessageLevel, message)); | 97 ErrorMessageLevel, message)); |
| 98 m_policy->reportViolation(directiveText, effectiveType, message, blockedURL, | 98 m_policy->reportViolation(directiveText, effectiveDirective, message, |
| 99 m_reportEndpoints, m_header, m_headerType, | 99 blockedURL, m_reportEndpoints, m_header, |
| 100 ContentSecurityPolicy::URLViolation, nullptr, | 100 m_headerType, ContentSecurityPolicy::URLViolation, |
| 101 redirectStatus); | 101 nullptr, redirectStatus); |
| 102 } | 102 } |
| 103 | 103 |
| 104 void CSPDirectiveList::reportViolationWithFrame( | 104 void CSPDirectiveList::reportViolationWithFrame( |
| 105 const String& directiveText, | 105 const String& directiveText, |
| 106 const ContentSecurityPolicy::DirectiveType& effectiveType, | 106 const String& effectiveDirective, |
| 107 const String& consoleMessage, | 107 const String& consoleMessage, |
| 108 const KURL& blockedURL, | 108 const KURL& blockedURL, |
| 109 LocalFrame* frame) const { | 109 LocalFrame* frame) const { |
| 110 String message = | 110 String message = |
| 111 isReportOnly() ? "[Report Only] " + consoleMessage : consoleMessage; | 111 isReportOnly() ? "[Report Only] " + consoleMessage : consoleMessage; |
| 112 m_policy->logToConsole( | 112 m_policy->logToConsole( |
| 113 ConsoleMessage::create(SecurityMessageSource, ErrorMessageLevel, message), | 113 ConsoleMessage::create(SecurityMessageSource, ErrorMessageLevel, message), |
| 114 frame); | 114 frame); |
| 115 m_policy->reportViolation(directiveText, effectiveType, message, blockedURL, | 115 m_policy->reportViolation( |
| 116 m_reportEndpoints, m_header, m_headerType, | 116 directiveText, effectiveDirective, message, blockedURL, m_reportEndpoints, |
| 117 ContentSecurityPolicy::URLViolation, frame); | 117 m_header, m_headerType, ContentSecurityPolicy::URLViolation, frame); |
| 118 } | 118 } |
| 119 | 119 |
| 120 void CSPDirectiveList::reportViolationWithLocation( | 120 void CSPDirectiveList::reportViolationWithLocation( |
| 121 const String& directiveText, | 121 const String& directiveText, |
| 122 const ContentSecurityPolicy::DirectiveType& effectiveType, | 122 const String& effectiveDirective, |
| 123 const String& consoleMessage, | 123 const String& consoleMessage, |
| 124 const KURL& blockedURL, | 124 const KURL& blockedURL, |
| 125 const String& contextURL, | 125 const String& contextURL, |
| 126 const WTF::OrdinalNumber& contextLine, | 126 const WTF::OrdinalNumber& contextLine, |
| 127 Element* element) const { | 127 Element* element) const { |
| 128 String message = | 128 String message = |
| 129 isReportOnly() ? "[Report Only] " + consoleMessage : consoleMessage; | 129 isReportOnly() ? "[Report Only] " + consoleMessage : consoleMessage; |
| 130 m_policy->logToConsole(ConsoleMessage::create( | 130 m_policy->logToConsole(ConsoleMessage::create( |
| 131 SecurityMessageSource, ErrorMessageLevel, message, | 131 SecurityMessageSource, ErrorMessageLevel, message, |
| 132 SourceLocation::capture(contextURL, contextLine.oneBasedInt(), 0))); | 132 SourceLocation::capture(contextURL, contextLine.oneBasedInt(), 0))); |
| 133 m_policy->reportViolation( | 133 m_policy->reportViolation( |
| 134 directiveText, effectiveType, message, blockedURL, m_reportEndpoints, | 134 directiveText, effectiveDirective, message, blockedURL, m_reportEndpoints, |
| 135 m_header, m_headerType, ContentSecurityPolicy::InlineViolation, nullptr, | 135 m_header, m_headerType, ContentSecurityPolicy::InlineViolation, nullptr, |
| 136 RedirectStatus::NoRedirect, contextLine.oneBasedInt(), element); | 136 RedirectStatus::NoRedirect, contextLine.oneBasedInt(), element); |
| 137 } | 137 } |
| 138 | 138 |
| 139 void CSPDirectiveList::reportViolationWithState( | 139 void CSPDirectiveList::reportViolationWithState( |
| 140 const String& directiveText, | 140 const String& directiveText, |
| 141 const ContentSecurityPolicy::DirectiveType& effectiveType, | 141 const String& effectiveDirective, |
| 142 const String& message, | 142 const String& message, |
| 143 const KURL& blockedURL, | 143 const KURL& blockedURL, |
| 144 ScriptState* scriptState, | 144 ScriptState* scriptState, |
| 145 const ContentSecurityPolicy::ExceptionStatus exceptionStatus) const { | 145 const ContentSecurityPolicy::ExceptionStatus exceptionStatus) const { |
| 146 String reportMessage = isReportOnly() ? "[Report Only] " + message : message; | 146 String reportMessage = isReportOnly() ? "[Report Only] " + message : message; |
| 147 // Print a console message if it won't be redundant with a | 147 // Print a console message if it won't be redundant with a |
| 148 // JavaScript exception that the caller will throw. (Exceptions will | 148 // JavaScript exception that the caller will throw. (Exceptions will |
| 149 // never get thrown in report-only mode because the caller won't see | 149 // never get thrown in report-only mode because the caller won't see |
| 150 // a violation.) | 150 // a violation.) |
| 151 if (isReportOnly() || | 151 if (isReportOnly() || |
| 152 exceptionStatus == ContentSecurityPolicy::WillNotThrowException) { | 152 exceptionStatus == ContentSecurityPolicy::WillNotThrowException) { |
| 153 ConsoleMessage* consoleMessage = ConsoleMessage::create( | 153 ConsoleMessage* consoleMessage = ConsoleMessage::create( |
| 154 SecurityMessageSource, ErrorMessageLevel, reportMessage); | 154 SecurityMessageSource, ErrorMessageLevel, reportMessage); |
| 155 m_policy->logToConsole(consoleMessage); | 155 m_policy->logToConsole(consoleMessage); |
| 156 } | 156 } |
| 157 m_policy->reportViolation(directiveText, effectiveType, message, blockedURL, | 157 m_policy->reportViolation(directiveText, effectiveDirective, message, |
| 158 m_reportEndpoints, m_header, m_headerType, | 158 blockedURL, m_reportEndpoints, m_header, |
| 159 ContentSecurityPolicy::EvalViolation); | 159 m_headerType, ContentSecurityPolicy::EvalViolation); |
| 160 } | 160 } |
| 161 | 161 |
| 162 bool CSPDirectiveList::checkEval(SourceListDirective* directive) const { | 162 bool CSPDirectiveList::checkEval(SourceListDirective* directive) const { |
| 163 return !directive || directive->allowEval(); | 163 return !directive || directive->allowEval(); |
| 164 } | 164 } |
| 165 | 165 |
| 166 bool CSPDirectiveList::checkInline(SourceListDirective* directive) const { | 166 bool CSPDirectiveList::checkInline(SourceListDirective* directive) const { |
| 167 return !directive || | 167 return !directive || |
| 168 (directive->allowInline() && !directive->isHashOrNoncePresent()); | 168 (directive->allowInline() && !directive->isHashOrNoncePresent()); |
| 169 } | 169 } |
| (...skipping 14 matching lines...) Expand all Loading... |
| 184 } | 184 } |
| 185 | 185 |
| 186 bool CSPDirectiveList::checkDynamic(SourceListDirective* directive) const { | 186 bool CSPDirectiveList::checkDynamic(SourceListDirective* directive) const { |
| 187 return !directive || directive->allowDynamic(); | 187 return !directive || directive->allowDynamic(); |
| 188 } | 188 } |
| 189 | 189 |
| 190 void CSPDirectiveList::reportMixedContent( | 190 void CSPDirectiveList::reportMixedContent( |
| 191 const KURL& mixedURL, | 191 const KURL& mixedURL, |
| 192 ResourceRequest::RedirectStatus redirectStatus) const { | 192 ResourceRequest::RedirectStatus redirectStatus) const { |
| 193 if (strictMixedContentChecking()) { | 193 if (strictMixedContentChecking()) { |
| 194 m_policy->reportViolation( | 194 m_policy->reportViolation(ContentSecurityPolicy::BlockAllMixedContent, |
| 195 ContentSecurityPolicy::getDirectiveName( | 195 ContentSecurityPolicy::BlockAllMixedContent, |
| 196 ContentSecurityPolicy::DirectiveType::BlockAllMixedContent), | 196 String(), mixedURL, m_reportEndpoints, m_header, |
| 197 ContentSecurityPolicy::DirectiveType::BlockAllMixedContent, String(), | 197 m_headerType, ContentSecurityPolicy::URLViolation, |
| 198 mixedURL, m_reportEndpoints, m_header, m_headerType, | 198 nullptr, redirectStatus); |
| 199 ContentSecurityPolicy::URLViolation, nullptr, redirectStatus); | |
| 200 } | 199 } |
| 201 } | 200 } |
| 202 | 201 |
| 203 bool CSPDirectiveList::checkSource( | 202 bool CSPDirectiveList::checkSource( |
| 204 SourceListDirective* directive, | 203 SourceListDirective* directive, |
| 205 const KURL& url, | 204 const KURL& url, |
| 206 ResourceRequest::RedirectStatus redirectStatus) const { | 205 ResourceRequest::RedirectStatus redirectStatus) const { |
| 207 // If |url| is empty, fall back to the policy URL to ensure that <object>'s | 206 // If |url| is empty, fall back to the policy URL to ensure that <object>'s |
| 208 // without a `src` can be blocked/allowed, as they can still load plugins | 207 // without a `src` can be blocked/allowed, as they can still load plugins |
| 209 // even though they don't actually have a URL. | 208 // even though they don't actually have a URL. |
| (...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 276 case WebURLRequest::RequestContextSharedWorker: | 275 case WebURLRequest::RequestContextSharedWorker: |
| 277 resourceType = "shared worker"; | 276 resourceType = "shared worker"; |
| 278 break; | 277 break; |
| 279 case WebURLRequest::RequestContextWorker: | 278 case WebURLRequest::RequestContextWorker: |
| 280 resourceType = "worker"; | 279 resourceType = "worker"; |
| 281 break; | 280 break; |
| 282 default: | 281 default: |
| 283 break; | 282 break; |
| 284 } | 283 } |
| 285 | 284 |
| 286 reportViolation(ContentSecurityPolicy::getDirectiveName( | 285 reportViolation(ContentSecurityPolicy::RequireSRIFor, |
| 287 ContentSecurityPolicy::DirectiveType::RequireSRIFor), | 286 ContentSecurityPolicy::RequireSRIFor, |
| 288 ContentSecurityPolicy::DirectiveType::RequireSRIFor, | |
| 289 "Refused to load the " + resourceType + " '" + | 287 "Refused to load the " + resourceType + " '" + |
| 290 url.elidedString() + | 288 url.elidedString() + |
| 291 "' because 'require-sri-for' directive requires " | 289 "' because 'require-sri-for' directive requires " |
| 292 "integrity attribute be present for all " + | 290 "integrity attribute be present for all " + |
| 293 resourceType + "s.", | 291 resourceType + "s.", |
| 294 url, redirectStatus); | 292 url, redirectStatus); |
| 295 return denyIfEnforcingPolicy(); | 293 return denyIfEnforcingPolicy(); |
| 296 } | 294 } |
| 297 | 295 |
| 298 bool CSPDirectiveList::allowRequestWithoutIntegrity( | 296 bool CSPDirectiveList::allowRequestWithoutIntegrity( |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 335 if (checkEval(directive)) | 333 if (checkEval(directive)) |
| 336 return true; | 334 return true; |
| 337 | 335 |
| 338 String suffix = String(); | 336 String suffix = String(); |
| 339 if (directive == m_defaultSrc) | 337 if (directive == m_defaultSrc) |
| 340 suffix = | 338 suffix = |
| 341 " Note that 'script-src' was not explicitly set, so 'default-src' is " | 339 " Note that 'script-src' was not explicitly set, so 'default-src' is " |
| 342 "used as a fallback."; | 340 "used as a fallback."; |
| 343 | 341 |
| 344 reportViolationWithState( | 342 reportViolationWithState( |
| 345 directive->text(), ContentSecurityPolicy::DirectiveType::ScriptSrc, | 343 directive->text(), ContentSecurityPolicy::ScriptSrc, |
| 346 consoleMessage + "\"" + directive->text() + "\"." + suffix + "\n", KURL(), | 344 consoleMessage + "\"" + directive->text() + "\"." + suffix + "\n", KURL(), |
| 347 scriptState, exceptionStatus); | 345 scriptState, exceptionStatus); |
| 348 if (!isReportOnly()) { | 346 if (!isReportOnly()) { |
| 349 m_policy->reportBlockedScriptExecutionToInspector(directive->text()); | 347 m_policy->reportBlockedScriptExecutionToInspector(directive->text()); |
| 350 return false; | 348 return false; |
| 351 } | 349 } |
| 352 return true; | 350 return true; |
| 353 } | 351 } |
| 354 | 352 |
| 355 bool CSPDirectiveList::checkMediaTypeAndReportViolation( | 353 bool CSPDirectiveList::checkMediaTypeAndReportViolation( |
| 356 MediaListDirective* directive, | 354 MediaListDirective* directive, |
| 357 const String& type, | 355 const String& type, |
| 358 const String& typeAttribute, | 356 const String& typeAttribute, |
| 359 const String& consoleMessage) const { | 357 const String& consoleMessage) const { |
| 360 if (checkMediaType(directive, type, typeAttribute)) | 358 if (checkMediaType(directive, type, typeAttribute)) |
| 361 return true; | 359 return true; |
| 362 | 360 |
| 363 String message = consoleMessage + "\'" + directive->text() + "\'."; | 361 String message = consoleMessage + "\'" + directive->text() + "\'."; |
| 364 if (typeAttribute.isEmpty()) | 362 if (typeAttribute.isEmpty()) |
| 365 message = message + | 363 message = message + |
| 366 " When enforcing the 'plugin-types' directive, the plugin's " | 364 " When enforcing the 'plugin-types' directive, the plugin's " |
| 367 "media type must be explicitly declared with a 'type' attribute " | 365 "media type must be explicitly declared with a 'type' attribute " |
| 368 "on the containing element (e.g. '<object type=\"[TYPE GOES " | 366 "on the containing element (e.g. '<object type=\"[TYPE GOES " |
| 369 "HERE]\" ...>')."; | 367 "HERE]\" ...>')."; |
| 370 | 368 |
| 371 // 'RedirectStatus::NoRedirect' is safe here, as we do the media type check | 369 // 'RedirectStatus::NoRedirect' is safe here, as we do the media type check |
| 372 // before actually loading data; this means that we shouldn't leak redirect | 370 // before actually loading data; this means that we shouldn't leak redirect |
| 373 // targets, as we won't have had a chance to redirect yet. | 371 // targets, as we won't have had a chance to redirect yet. |
| 374 reportViolation( | 372 reportViolation(directive->text(), ContentSecurityPolicy::PluginTypes, |
| 375 directive->text(), ContentSecurityPolicy::DirectiveType::PluginTypes, | 373 message + "\n", KURL(), |
| 376 message + "\n", KURL(), ResourceRequest::RedirectStatus::NoRedirect); | 374 ResourceRequest::RedirectStatus::NoRedirect); |
| 377 return denyIfEnforcingPolicy(); | 375 return denyIfEnforcingPolicy(); |
| 378 } | 376 } |
| 379 | 377 |
| 380 bool CSPDirectiveList::checkInlineAndReportViolation( | 378 bool CSPDirectiveList::checkInlineAndReportViolation( |
| 381 SourceListDirective* directive, | 379 SourceListDirective* directive, |
| 382 const String& consoleMessage, | 380 const String& consoleMessage, |
| 383 Element* element, | 381 Element* element, |
| 384 const String& contextURL, | 382 const String& contextURL, |
| 385 const WTF::OrdinalNumber& contextLine, | 383 const WTF::OrdinalNumber& contextLine, |
| 386 bool isScript, | 384 bool isScript, |
| (...skipping 13 matching lines...) Expand all Loading... |
| 400 " Either the 'unsafe-inline' keyword, a hash ('" + hashValue + | 398 " Either the 'unsafe-inline' keyword, a hash ('" + hashValue + |
| 401 "'), or a nonce ('nonce-...') is required to enable inline execution."; | 399 "'), or a nonce ('nonce-...') is required to enable inline execution."; |
| 402 if (directive == m_defaultSrc) | 400 if (directive == m_defaultSrc) |
| 403 suffix = suffix + " Note also that '" + | 401 suffix = suffix + " Note also that '" + |
| 404 String(isScript ? "script" : "style") + | 402 String(isScript ? "script" : "style") + |
| 405 "-src' was not explicitly set, so 'default-src' is used as a " | 403 "-src' was not explicitly set, so 'default-src' is used as a " |
| 406 "fallback."; | 404 "fallback."; |
| 407 } | 405 } |
| 408 | 406 |
| 409 reportViolationWithLocation( | 407 reportViolationWithLocation( |
| 410 directive->text(), | 408 directive->text(), isScript ? ContentSecurityPolicy::ScriptSrc |
| 411 isScript ? ContentSecurityPolicy::DirectiveType::ScriptSrc | 409 : ContentSecurityPolicy::StyleSrc, |
| 412 : ContentSecurityPolicy::DirectiveType::StyleSrc, | |
| 413 consoleMessage + "\"" + directive->text() + "\"." + suffix + "\n", KURL(), | 410 consoleMessage + "\"" + directive->text() + "\"." + suffix + "\n", KURL(), |
| 414 contextURL, contextLine, element); | 411 contextURL, contextLine, element); |
| 415 | 412 |
| 416 if (!isReportOnly()) { | 413 if (!isReportOnly()) { |
| 417 if (isScript) | 414 if (isScript) |
| 418 m_policy->reportBlockedScriptExecutionToInspector(directive->text()); | 415 m_policy->reportBlockedScriptExecutionToInspector(directive->text()); |
| 419 return false; | 416 return false; |
| 420 } | 417 } |
| 421 return true; | 418 return true; |
| 422 } | 419 } |
| 423 | 420 |
| 424 bool CSPDirectiveList::checkSourceAndReportViolation( | 421 bool CSPDirectiveList::checkSourceAndReportViolation( |
| 425 SourceListDirective* directive, | 422 SourceListDirective* directive, |
| 426 const KURL& url, | 423 const KURL& url, |
| 427 const ContentSecurityPolicy::DirectiveType& effectiveType, | 424 const String& effectiveDirective, |
| 428 ResourceRequest::RedirectStatus redirectStatus) const { | 425 ResourceRequest::RedirectStatus redirectStatus) const { |
| 429 if (!directive) | 426 if (!directive) |
| 430 return true; | 427 return true; |
| 431 | 428 |
| 432 // We ignore URL-based whitelists if we're allowing dynamic script injection. | 429 // We ignore URL-based whitelists if we're allowing dynamic script injection. |
| 433 if (checkSource(directive, url, redirectStatus) && !checkDynamic(directive)) | 430 if (checkSource(directive, url, redirectStatus) && !checkDynamic(directive)) |
| 434 return true; | 431 return true; |
| 435 | 432 |
| 436 // We should never have a violation against `child-src` or `default-src` | 433 // We should never have a violation against `child-src` or `default-src` |
| 437 // directly; the effective directive should always be one of the explicit | 434 // directly; the effective directive should always be one of the explicit |
| 438 // fetch directives. | 435 // fetch directives. |
| 439 DCHECK_NE(ContentSecurityPolicy::DirectiveType::ChildSrc, effectiveType); | 436 DCHECK_NE(ContentSecurityPolicy::ChildSrc, effectiveDirective); |
| 440 DCHECK_NE(ContentSecurityPolicy::DirectiveType::DefaultSrc, effectiveType); | 437 DCHECK_NE(ContentSecurityPolicy::DefaultSrc, effectiveDirective); |
| 441 | 438 |
| 442 String prefix; | 439 String prefix; |
| 443 if (ContentSecurityPolicy::DirectiveType::BaseURI == effectiveType) | 440 if (ContentSecurityPolicy::BaseURI == effectiveDirective) |
| 444 prefix = "Refused to set the document's base URI to '"; | 441 prefix = "Refused to set the document's base URI to '"; |
| 445 else if (ContentSecurityPolicy::DirectiveType::WorkerSrc == effectiveType) | 442 else if (ContentSecurityPolicy::WorkerSrc == effectiveDirective) |
| 446 prefix = "Refused to create a worker from '"; | 443 prefix = "Refused to create a worker from '"; |
| 447 else if (ContentSecurityPolicy::DirectiveType::ConnectSrc == effectiveType) | 444 else if (ContentSecurityPolicy::ConnectSrc == effectiveDirective) |
| 448 prefix = "Refused to connect to '"; | 445 prefix = "Refused to connect to '"; |
| 449 else if (ContentSecurityPolicy::DirectiveType::FontSrc == effectiveType) | 446 else if (ContentSecurityPolicy::FontSrc == effectiveDirective) |
| 450 prefix = "Refused to load the font '"; | 447 prefix = "Refused to load the font '"; |
| 451 else if (ContentSecurityPolicy::DirectiveType::FormAction == effectiveType) | 448 else if (ContentSecurityPolicy::FormAction == effectiveDirective) |
| 452 prefix = "Refused to send form data to '"; | 449 prefix = "Refused to send form data to '"; |
| 453 else if (ContentSecurityPolicy::DirectiveType::FrameSrc == effectiveType) | 450 else if (ContentSecurityPolicy::FrameSrc == effectiveDirective) |
| 454 prefix = "Refused to frame '"; | 451 prefix = "Refused to frame '"; |
| 455 else if (ContentSecurityPolicy::DirectiveType::ImgSrc == effectiveType) | 452 else if (ContentSecurityPolicy::ImgSrc == effectiveDirective) |
| 456 prefix = "Refused to load the image '"; | 453 prefix = "Refused to load the image '"; |
| 457 else if (ContentSecurityPolicy::DirectiveType::MediaSrc == effectiveType) | 454 else if (ContentSecurityPolicy::MediaSrc == effectiveDirective) |
| 458 prefix = "Refused to load media from '"; | 455 prefix = "Refused to load media from '"; |
| 459 else if (ContentSecurityPolicy::DirectiveType::ManifestSrc == effectiveType) | 456 else if (ContentSecurityPolicy::ManifestSrc == effectiveDirective) |
| 460 prefix = "Refused to load manifest from '"; | 457 prefix = "Refused to load manifest from '"; |
| 461 else if (ContentSecurityPolicy::DirectiveType::ObjectSrc == effectiveType) | 458 else if (ContentSecurityPolicy::ObjectSrc == effectiveDirective) |
| 462 prefix = "Refused to load plugin data from '"; | 459 prefix = "Refused to load plugin data from '"; |
| 463 else if (ContentSecurityPolicy::DirectiveType::ScriptSrc == effectiveType) | 460 else if (ContentSecurityPolicy::ScriptSrc == effectiveDirective) |
| 464 prefix = "Refused to load the script '"; | 461 prefix = "Refused to load the script '"; |
| 465 else if (ContentSecurityPolicy::DirectiveType::StyleSrc == effectiveType) | 462 else if (ContentSecurityPolicy::StyleSrc == effectiveDirective) |
| 466 prefix = "Refused to load the stylesheet '"; | 463 prefix = "Refused to load the stylesheet '"; |
| 467 | 464 |
| 468 String suffix = String(); | 465 String suffix = String(); |
| 469 if (checkDynamic(directive)) | 466 if (checkDynamic(directive)) |
| 470 suffix = | 467 suffix = |
| 471 " 'strict-dynamic' is present, so host-based whitelisting is disabled."; | 468 " 'strict-dynamic' is present, so host-based whitelisting is disabled."; |
| 472 if (directive == m_defaultSrc) | 469 if (directive == m_defaultSrc) |
| 473 suffix = | 470 suffix = |
| 474 suffix + " Note that '" + | 471 suffix + " Note that '" + effectiveDirective + |
| 475 ContentSecurityPolicy::getDirectiveName(effectiveType) + | |
| 476 "' was not explicitly set, so 'default-src' is used as a fallback."; | 472 "' was not explicitly set, so 'default-src' is used as a fallback."; |
| 477 | 473 |
| 478 reportViolation(directive->text(), effectiveType, | 474 reportViolation(directive->text(), effectiveDirective, |
| 479 prefix + url.elidedString() + | 475 prefix + url.elidedString() + |
| 480 "' because it violates the following Content Security " | 476 "' because it violates the following Content Security " |
| 481 "Policy directive: \"" + | 477 "Policy directive: \"" + |
| 482 directive->text() + "\"." + suffix + "\n", | 478 directive->text() + "\"." + suffix + "\n", |
| 483 url, redirectStatus); | 479 url, redirectStatus); |
| 484 return denyIfEnforcingPolicy(); | 480 return denyIfEnforcingPolicy(); |
| 485 } | 481 } |
| 486 | 482 |
| 487 bool CSPDirectiveList::checkAncestorsAndReportViolation( | 483 bool CSPDirectiveList::checkAncestorsAndReportViolation( |
| 488 SourceListDirective* directive, | 484 SourceListDirective* directive, |
| 489 LocalFrame* frame, | 485 LocalFrame* frame, |
| 490 const KURL& url) const { | 486 const KURL& url) const { |
| 491 if (checkAncestors(directive, frame)) | 487 if (checkAncestors(directive, frame)) |
| 492 return true; | 488 return true; |
| 493 | 489 |
| 494 reportViolationWithFrame(directive->text(), | 490 reportViolationWithFrame(directive->text(), "frame-ancestors", |
| 495 ContentSecurityPolicy::DirectiveType::FrameAncestors, | |
| 496 "Refused to display '" + url.elidedString() + | 491 "Refused to display '" + url.elidedString() + |
| 497 "' in a frame because an ancestor violates the " | 492 "' in a frame because an ancestor violates the " |
| 498 "following Content Security Policy directive: " | 493 "following Content Security Policy directive: " |
| 499 "\"" + | 494 "\"" + |
| 500 directive->text() + "\".", | 495 directive->text() + "\".", |
| 501 url, frame); | 496 url, frame); |
| 502 return denyIfEnforcingPolicy(); | 497 return denyIfEnforcingPolicy(); |
| 503 } | 498 } |
| 504 | 499 |
| 505 bool CSPDirectiveList::allowJavaScriptURLs( | 500 bool CSPDirectiveList::allowJavaScriptURLs( |
| (...skipping 105 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 611 ParserDisposition parserDisposition, | 606 ParserDisposition parserDisposition, |
| 612 ResourceRequest::RedirectStatus redirectStatus, | 607 ResourceRequest::RedirectStatus redirectStatus, |
| 613 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 608 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 614 if (isMatchingNoncePresent(operativeDirective(m_scriptSrc.get()), nonce)) | 609 if (isMatchingNoncePresent(operativeDirective(m_scriptSrc.get()), nonce)) |
| 615 return true; | 610 return true; |
| 616 if (parserDisposition == NotParserInserted && allowDynamic()) | 611 if (parserDisposition == NotParserInserted && allowDynamic()) |
| 617 return true; | 612 return true; |
| 618 return reportingStatus == ContentSecurityPolicy::SendReport | 613 return reportingStatus == ContentSecurityPolicy::SendReport |
| 619 ? checkSourceAndReportViolation( | 614 ? checkSourceAndReportViolation( |
| 620 operativeDirective(m_scriptSrc.get()), url, | 615 operativeDirective(m_scriptSrc.get()), url, |
| 621 ContentSecurityPolicy::DirectiveType::ScriptSrc, | 616 ContentSecurityPolicy::ScriptSrc, redirectStatus) |
| 622 redirectStatus) | |
| 623 : checkSource(operativeDirective(m_scriptSrc.get()), url, | 617 : checkSource(operativeDirective(m_scriptSrc.get()), url, |
| 624 redirectStatus); | 618 redirectStatus); |
| 625 } | 619 } |
| 626 | 620 |
| 627 bool CSPDirectiveList::allowObjectFromSource( | 621 bool CSPDirectiveList::allowObjectFromSource( |
| 628 const KURL& url, | 622 const KURL& url, |
| 629 ResourceRequest::RedirectStatus redirectStatus, | 623 ResourceRequest::RedirectStatus redirectStatus, |
| 630 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 624 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 631 if (url.protocolIsAbout()) | 625 if (url.protocolIsAbout()) |
| 632 return true; | 626 return true; |
| 633 return reportingStatus == ContentSecurityPolicy::SendReport | 627 return reportingStatus == ContentSecurityPolicy::SendReport |
| 634 ? checkSourceAndReportViolation( | 628 ? checkSourceAndReportViolation( |
| 635 operativeDirective(m_objectSrc.get()), url, | 629 operativeDirective(m_objectSrc.get()), url, |
| 636 ContentSecurityPolicy::DirectiveType::ObjectSrc, | 630 ContentSecurityPolicy::ObjectSrc, redirectStatus) |
| 637 redirectStatus) | |
| 638 : checkSource(operativeDirective(m_objectSrc.get()), url, | 631 : checkSource(operativeDirective(m_objectSrc.get()), url, |
| 639 redirectStatus); | 632 redirectStatus); |
| 640 } | 633 } |
| 641 | 634 |
| 642 bool CSPDirectiveList::allowFrameFromSource( | 635 bool CSPDirectiveList::allowFrameFromSource( |
| 643 const KURL& url, | 636 const KURL& url, |
| 644 ResourceRequest::RedirectStatus redirectStatus, | 637 ResourceRequest::RedirectStatus redirectStatus, |
| 645 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 638 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 646 if (url.protocolIsAbout()) | 639 if (url.protocolIsAbout()) |
| 647 return true; | 640 return true; |
| 648 | 641 |
| 649 // 'frame-src' overrides 'child-src', which overrides the default | 642 // 'frame-src' overrides 'child-src', which overrides the default |
| 650 // sources. So, we do this nested set of calls to 'operativeDirective()' to | 643 // sources. So, we do this nested set of calls to 'operativeDirective()' to |
| 651 // grab 'frame-src' if it exists, 'child-src' if it doesn't, and 'defaut-src' | 644 // grab 'frame-src' if it exists, 'child-src' if it doesn't, and 'defaut-src' |
| 652 // if neither are available. | 645 // if neither are available. |
| 653 SourceListDirective* whichDirective = operativeDirective( | 646 SourceListDirective* whichDirective = operativeDirective( |
| 654 m_frameSrc.get(), operativeDirective(m_childSrc.get())); | 647 m_frameSrc.get(), operativeDirective(m_childSrc.get())); |
| 655 | 648 |
| 656 return reportingStatus == ContentSecurityPolicy::SendReport | 649 return reportingStatus == ContentSecurityPolicy::SendReport |
| 657 ? checkSourceAndReportViolation( | 650 ? checkSourceAndReportViolation(whichDirective, url, |
| 658 whichDirective, url, | 651 ContentSecurityPolicy::FrameSrc, |
| 659 ContentSecurityPolicy::DirectiveType::FrameSrc, | 652 redirectStatus) |
| 660 redirectStatus) | |
| 661 : checkSource(whichDirective, url, redirectStatus); | 653 : checkSource(whichDirective, url, redirectStatus); |
| 662 } | 654 } |
| 663 | 655 |
| 664 bool CSPDirectiveList::allowImageFromSource( | 656 bool CSPDirectiveList::allowImageFromSource( |
| 665 const KURL& url, | 657 const KURL& url, |
| 666 ResourceRequest::RedirectStatus redirectStatus, | 658 ResourceRequest::RedirectStatus redirectStatus, |
| 667 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 659 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 668 return reportingStatus == ContentSecurityPolicy::SendReport | 660 return reportingStatus == ContentSecurityPolicy::SendReport |
| 669 ? checkSourceAndReportViolation( | 661 ? checkSourceAndReportViolation(operativeDirective(m_imgSrc.get()), |
| 670 operativeDirective(m_imgSrc.get()), url, | 662 url, ContentSecurityPolicy::ImgSrc, |
| 671 ContentSecurityPolicy::DirectiveType::ImgSrc, redirectStatus) | 663 redirectStatus) |
| 672 : checkSource(operativeDirective(m_imgSrc.get()), url, | 664 : checkSource(operativeDirective(m_imgSrc.get()), url, |
| 673 redirectStatus); | 665 redirectStatus); |
| 674 } | 666 } |
| 675 | 667 |
| 676 bool CSPDirectiveList::allowStyleFromSource( | 668 bool CSPDirectiveList::allowStyleFromSource( |
| 677 const KURL& url, | 669 const KURL& url, |
| 678 const String& nonce, | 670 const String& nonce, |
| 679 ResourceRequest::RedirectStatus redirectStatus, | 671 ResourceRequest::RedirectStatus redirectStatus, |
| 680 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 672 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 681 if (isMatchingNoncePresent(operativeDirective(m_styleSrc.get()), nonce)) | 673 if (isMatchingNoncePresent(operativeDirective(m_styleSrc.get()), nonce)) |
| 682 return true; | 674 return true; |
| 683 return reportingStatus == ContentSecurityPolicy::SendReport | 675 return reportingStatus == ContentSecurityPolicy::SendReport |
| 684 ? checkSourceAndReportViolation( | 676 ? checkSourceAndReportViolation( |
| 685 operativeDirective(m_styleSrc.get()), url, | 677 operativeDirective(m_styleSrc.get()), url, |
| 686 ContentSecurityPolicy::DirectiveType::StyleSrc, | 678 ContentSecurityPolicy::StyleSrc, redirectStatus) |
| 687 redirectStatus) | |
| 688 : checkSource(operativeDirective(m_styleSrc.get()), url, | 679 : checkSource(operativeDirective(m_styleSrc.get()), url, |
| 689 redirectStatus); | 680 redirectStatus); |
| 690 } | 681 } |
| 691 | 682 |
| 692 bool CSPDirectiveList::allowFontFromSource( | 683 bool CSPDirectiveList::allowFontFromSource( |
| 693 const KURL& url, | 684 const KURL& url, |
| 694 ResourceRequest::RedirectStatus redirectStatus, | 685 ResourceRequest::RedirectStatus redirectStatus, |
| 695 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 686 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 696 return reportingStatus == ContentSecurityPolicy::SendReport | 687 return reportingStatus == ContentSecurityPolicy::SendReport |
| 697 ? checkSourceAndReportViolation( | 688 ? checkSourceAndReportViolation( |
| 698 operativeDirective(m_fontSrc.get()), url, | 689 operativeDirective(m_fontSrc.get()), url, |
| 699 ContentSecurityPolicy::DirectiveType::FontSrc, | 690 ContentSecurityPolicy::FontSrc, redirectStatus) |
| 700 redirectStatus) | |
| 701 : checkSource(operativeDirective(m_fontSrc.get()), url, | 691 : checkSource(operativeDirective(m_fontSrc.get()), url, |
| 702 redirectStatus); | 692 redirectStatus); |
| 703 } | 693 } |
| 704 | 694 |
| 705 bool CSPDirectiveList::allowMediaFromSource( | 695 bool CSPDirectiveList::allowMediaFromSource( |
| 706 const KURL& url, | 696 const KURL& url, |
| 707 ResourceRequest::RedirectStatus redirectStatus, | 697 ResourceRequest::RedirectStatus redirectStatus, |
| 708 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 698 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 709 return reportingStatus == ContentSecurityPolicy::SendReport | 699 return reportingStatus == ContentSecurityPolicy::SendReport |
| 710 ? checkSourceAndReportViolation( | 700 ? checkSourceAndReportViolation( |
| 711 operativeDirective(m_mediaSrc.get()), url, | 701 operativeDirective(m_mediaSrc.get()), url, |
| 712 ContentSecurityPolicy::DirectiveType::MediaSrc, | 702 ContentSecurityPolicy::MediaSrc, redirectStatus) |
| 713 redirectStatus) | |
| 714 : checkSource(operativeDirective(m_mediaSrc.get()), url, | 703 : checkSource(operativeDirective(m_mediaSrc.get()), url, |
| 715 redirectStatus); | 704 redirectStatus); |
| 716 } | 705 } |
| 717 | 706 |
| 718 bool CSPDirectiveList::allowManifestFromSource( | 707 bool CSPDirectiveList::allowManifestFromSource( |
| 719 const KURL& url, | 708 const KURL& url, |
| 720 ResourceRequest::RedirectStatus redirectStatus, | 709 ResourceRequest::RedirectStatus redirectStatus, |
| 721 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 710 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 722 return reportingStatus == ContentSecurityPolicy::SendReport | 711 return reportingStatus == ContentSecurityPolicy::SendReport |
| 723 ? checkSourceAndReportViolation( | 712 ? checkSourceAndReportViolation( |
| 724 operativeDirective(m_manifestSrc.get()), url, | 713 operativeDirective(m_manifestSrc.get()), url, |
| 725 ContentSecurityPolicy::DirectiveType::ManifestSrc, | 714 ContentSecurityPolicy::ManifestSrc, redirectStatus) |
| 726 redirectStatus) | |
| 727 : checkSource(operativeDirective(m_manifestSrc.get()), url, | 715 : checkSource(operativeDirective(m_manifestSrc.get()), url, |
| 728 redirectStatus); | 716 redirectStatus); |
| 729 } | 717 } |
| 730 | 718 |
| 731 bool CSPDirectiveList::allowConnectToSource( | 719 bool CSPDirectiveList::allowConnectToSource( |
| 732 const KURL& url, | 720 const KURL& url, |
| 733 ResourceRequest::RedirectStatus redirectStatus, | 721 ResourceRequest::RedirectStatus redirectStatus, |
| 734 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 722 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 735 return reportingStatus == ContentSecurityPolicy::SendReport | 723 return reportingStatus == ContentSecurityPolicy::SendReport |
| 736 ? checkSourceAndReportViolation( | 724 ? checkSourceAndReportViolation( |
| 737 operativeDirective(m_connectSrc.get()), url, | 725 operativeDirective(m_connectSrc.get()), url, |
| 738 ContentSecurityPolicy::DirectiveType::ConnectSrc, | 726 ContentSecurityPolicy::ConnectSrc, redirectStatus) |
| 739 redirectStatus) | |
| 740 : checkSource(operativeDirective(m_connectSrc.get()), url, | 727 : checkSource(operativeDirective(m_connectSrc.get()), url, |
| 741 redirectStatus); | 728 redirectStatus); |
| 742 } | 729 } |
| 743 | 730 |
| 744 bool CSPDirectiveList::allowFormAction( | 731 bool CSPDirectiveList::allowFormAction( |
| 745 const KURL& url, | 732 const KURL& url, |
| 746 ResourceRequest::RedirectStatus redirectStatus, | 733 ResourceRequest::RedirectStatus redirectStatus, |
| 747 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 734 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 748 return reportingStatus == ContentSecurityPolicy::SendReport | 735 return reportingStatus == ContentSecurityPolicy::SendReport |
| 749 ? checkSourceAndReportViolation( | 736 ? checkSourceAndReportViolation(m_formAction.get(), url, |
| 750 m_formAction.get(), url, | 737 ContentSecurityPolicy::FormAction, |
| 751 ContentSecurityPolicy::DirectiveType::FormAction, | 738 redirectStatus) |
| 752 redirectStatus) | |
| 753 : checkSource(m_formAction.get(), url, redirectStatus); | 739 : checkSource(m_formAction.get(), url, redirectStatus); |
| 754 } | 740 } |
| 755 | 741 |
| 756 bool CSPDirectiveList::allowBaseURI( | 742 bool CSPDirectiveList::allowBaseURI( |
| 757 const KURL& url, | 743 const KURL& url, |
| 758 ResourceRequest::RedirectStatus redirectStatus, | 744 ResourceRequest::RedirectStatus redirectStatus, |
| 759 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 745 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 760 return reportingStatus == ContentSecurityPolicy::SendReport | 746 return reportingStatus == ContentSecurityPolicy::SendReport |
| 761 ? checkSourceAndReportViolation( | 747 ? checkSourceAndReportViolation(m_baseURI.get(), url, |
| 762 m_baseURI.get(), url, | 748 ContentSecurityPolicy::BaseURI, |
| 763 ContentSecurityPolicy::DirectiveType::BaseURI, | 749 redirectStatus) |
| 764 redirectStatus) | |
| 765 : checkSource(m_baseURI.get(), url, redirectStatus); | 750 : checkSource(m_baseURI.get(), url, redirectStatus); |
| 766 } | 751 } |
| 767 | 752 |
| 768 bool CSPDirectiveList::allowWorkerFromSource( | 753 bool CSPDirectiveList::allowWorkerFromSource( |
| 769 const KURL& url, | 754 const KURL& url, |
| 770 ResourceRequest::RedirectStatus redirectStatus, | 755 ResourceRequest::RedirectStatus redirectStatus, |
| 771 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 756 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 772 // 'worker-src' overrides 'child-src', which overrides the default | 757 // 'worker-src' overrides 'child-src', which overrides the default |
| 773 // sources. So, we do this nested set of calls to 'operativeDirective()' to | 758 // sources. So, we do this nested set of calls to 'operativeDirective()' to |
| 774 // grab 'worker-src' if it exists, 'child-src' if it doesn't, and 'defaut-src' | 759 // grab 'worker-src' if it exists, 'child-src' if it doesn't, and 'defaut-src' |
| 775 // if neither are available. | 760 // if neither are available. |
| 776 SourceListDirective* whichDirective = operativeDirective( | 761 SourceListDirective* whichDirective = operativeDirective( |
| 777 m_workerSrc.get(), operativeDirective(m_childSrc.get())); | 762 m_workerSrc.get(), operativeDirective(m_childSrc.get())); |
| 778 | 763 |
| 779 return reportingStatus == ContentSecurityPolicy::SendReport | 764 return reportingStatus == ContentSecurityPolicy::SendReport |
| 780 ? checkSourceAndReportViolation( | 765 ? checkSourceAndReportViolation(whichDirective, url, |
| 781 whichDirective, url, | 766 ContentSecurityPolicy::WorkerSrc, |
| 782 ContentSecurityPolicy::DirectiveType::WorkerSrc, | 767 redirectStatus) |
| 783 redirectStatus) | |
| 784 : checkSource(whichDirective, url, redirectStatus); | 768 : checkSource(whichDirective, url, redirectStatus); |
| 785 } | 769 } |
| 786 | 770 |
| 787 bool CSPDirectiveList::allowAncestors( | 771 bool CSPDirectiveList::allowAncestors( |
| 788 LocalFrame* frame, | 772 LocalFrame* frame, |
| 789 const KURL& url, | 773 const KURL& url, |
| 790 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 774 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 791 return reportingStatus == ContentSecurityPolicy::SendReport | 775 return reportingStatus == ContentSecurityPolicy::SendReport |
| 792 ? checkAncestorsAndReportViolation(m_frameAncestors.get(), frame, | 776 ? checkAncestorsAndReportViolation(m_frameAncestors.get(), frame, |
| 793 url) | 777 url) |
| (...skipping 212 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1006 const String& value, | 990 const String& value, |
| 1007 Member<CSPDirectiveType>& directive) { | 991 Member<CSPDirectiveType>& directive) { |
| 1008 if (directive) { | 992 if (directive) { |
| 1009 m_policy->reportDuplicateDirective(name); | 993 m_policy->reportDuplicateDirective(name); |
| 1010 return; | 994 return; |
| 1011 } | 995 } |
| 1012 | 996 |
| 1013 // Remove frame-ancestors directives in meta policies, per | 997 // Remove frame-ancestors directives in meta policies, per |
| 1014 // https://www.w3.org/TR/CSP2/#delivery-html-meta-element. | 998 // https://www.w3.org/TR/CSP2/#delivery-html-meta-element. |
| 1015 if (m_headerSource == ContentSecurityPolicyHeaderSourceMeta && | 999 if (m_headerSource == ContentSecurityPolicyHeaderSourceMeta && |
| 1016 ContentSecurityPolicy::getDirectiveType(name) == | 1000 name == ContentSecurityPolicy::FrameAncestors) { |
| 1017 ContentSecurityPolicy::DirectiveType::FrameAncestors) { | |
| 1018 m_policy->reportInvalidDirectiveInMeta(name); | 1001 m_policy->reportInvalidDirectiveInMeta(name); |
| 1019 return; | 1002 return; |
| 1020 } | 1003 } |
| 1021 | 1004 |
| 1022 directive = new CSPDirectiveType(name, value, m_policy); | 1005 directive = new CSPDirectiveType(name, value, m_policy); |
| 1023 } | 1006 } |
| 1024 | 1007 |
| 1025 void CSPDirectiveList::applySandboxPolicy(const String& name, | 1008 void CSPDirectiveList::applySandboxPolicy(const String& name, |
| 1026 const String& sandboxPolicy) { | 1009 const String& sandboxPolicy) { |
| 1027 // Remove sandbox directives in meta policies, per | 1010 // Remove sandbox directives in meta policies, per |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1092 m_upgradeInsecureRequests = true; | 1075 m_upgradeInsecureRequests = true; |
| 1093 | 1076 |
| 1094 m_policy->upgradeInsecureRequests(); | 1077 m_policy->upgradeInsecureRequests(); |
| 1095 if (!value.isEmpty()) | 1078 if (!value.isEmpty()) |
| 1096 m_policy->reportValueForEmptyDirective(name, value); | 1079 m_policy->reportValueForEmptyDirective(name, value); |
| 1097 } | 1080 } |
| 1098 | 1081 |
| 1099 void CSPDirectiveList::addDirective(const String& name, const String& value) { | 1082 void CSPDirectiveList::addDirective(const String& name, const String& value) { |
| 1100 ASSERT(!name.isEmpty()); | 1083 ASSERT(!name.isEmpty()); |
| 1101 | 1084 |
| 1102 ContentSecurityPolicy::DirectiveType type = | 1085 if (equalIgnoringCase(name, ContentSecurityPolicy::DefaultSrc)) { |
| 1103 ContentSecurityPolicy::getDirectiveType(name); | |
| 1104 if (type == ContentSecurityPolicy::DirectiveType::DefaultSrc) { | |
| 1105 setCSPDirective<SourceListDirective>(name, value, m_defaultSrc); | 1086 setCSPDirective<SourceListDirective>(name, value, m_defaultSrc); |
| 1106 // TODO(mkwst) It seems unlikely that developers would use different | 1087 // TODO(mkwst) It seems unlikely that developers would use different |
| 1107 // algorithms for scripts and styles. We may want to combine the | 1088 // algorithms for scripts and styles. We may want to combine the |
| 1108 // usesScriptHashAlgorithms() and usesStyleHashAlgorithms. | 1089 // usesScriptHashAlgorithms() and usesStyleHashAlgorithms. |
| 1109 m_policy->usesScriptHashAlgorithms(m_defaultSrc->hashAlgorithmsUsed()); | 1090 m_policy->usesScriptHashAlgorithms(m_defaultSrc->hashAlgorithmsUsed()); |
| 1110 m_policy->usesStyleHashAlgorithms(m_defaultSrc->hashAlgorithmsUsed()); | 1091 m_policy->usesStyleHashAlgorithms(m_defaultSrc->hashAlgorithmsUsed()); |
| 1111 } else if (type == ContentSecurityPolicy::DirectiveType::ScriptSrc) { | 1092 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ScriptSrc)) { |
| 1112 setCSPDirective<SourceListDirective>(name, value, m_scriptSrc); | 1093 setCSPDirective<SourceListDirective>(name, value, m_scriptSrc); |
| 1113 m_policy->usesScriptHashAlgorithms(m_scriptSrc->hashAlgorithmsUsed()); | 1094 m_policy->usesScriptHashAlgorithms(m_scriptSrc->hashAlgorithmsUsed()); |
| 1114 } else if (type == ContentSecurityPolicy::DirectiveType::ObjectSrc) { | 1095 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ObjectSrc)) { |
| 1115 setCSPDirective<SourceListDirective>(name, value, m_objectSrc); | 1096 setCSPDirective<SourceListDirective>(name, value, m_objectSrc); |
| 1116 } else if (type == | 1097 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FrameAncestors)) { |
| 1117 | |
| 1118 ContentSecurityPolicy::DirectiveType::FrameAncestors) { | |
| 1119 setCSPDirective<SourceListDirective>(name, value, m_frameAncestors); | 1098 setCSPDirective<SourceListDirective>(name, value, m_frameAncestors); |
| 1120 } else if (type == ContentSecurityPolicy::DirectiveType::FrameSrc) { | 1099 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FrameSrc)) { |
| 1121 setCSPDirective<SourceListDirective>(name, value, m_frameSrc); | 1100 setCSPDirective<SourceListDirective>(name, value, m_frameSrc); |
| 1122 } else if (type == ContentSecurityPolicy::DirectiveType::ImgSrc) { | 1101 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ImgSrc)) { |
| 1123 setCSPDirective<SourceListDirective>(name, value, m_imgSrc); | 1102 setCSPDirective<SourceListDirective>(name, value, m_imgSrc); |
| 1124 } else if (type == ContentSecurityPolicy::DirectiveType::StyleSrc) { | 1103 } else if (equalIgnoringCase(name, ContentSecurityPolicy::StyleSrc)) { |
| 1125 setCSPDirective<SourceListDirective>(name, value, m_styleSrc); | 1104 setCSPDirective<SourceListDirective>(name, value, m_styleSrc); |
| 1126 m_policy->usesStyleHashAlgorithms(m_styleSrc->hashAlgorithmsUsed()); | 1105 m_policy->usesStyleHashAlgorithms(m_styleSrc->hashAlgorithmsUsed()); |
| 1127 } else if (type == ContentSecurityPolicy::DirectiveType::FontSrc) { | 1106 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FontSrc)) { |
| 1128 setCSPDirective<SourceListDirective>(name, value, m_fontSrc); | 1107 setCSPDirective<SourceListDirective>(name, value, m_fontSrc); |
| 1129 } else if (type == ContentSecurityPolicy::DirectiveType::MediaSrc) { | 1108 } else if (equalIgnoringCase(name, ContentSecurityPolicy::MediaSrc)) { |
| 1130 setCSPDirective<SourceListDirective>(name, value, m_mediaSrc); | 1109 setCSPDirective<SourceListDirective>(name, value, m_mediaSrc); |
| 1131 } else if (type == ContentSecurityPolicy::DirectiveType::ConnectSrc) { | 1110 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ConnectSrc)) { |
| 1132 setCSPDirective<SourceListDirective>(name, value, m_connectSrc); | 1111 setCSPDirective<SourceListDirective>(name, value, m_connectSrc); |
| 1133 } else if (type == ContentSecurityPolicy::DirectiveType::Sandbox) { | 1112 } else if (equalIgnoringCase(name, ContentSecurityPolicy::Sandbox)) { |
| 1134 applySandboxPolicy(name, value); | 1113 applySandboxPolicy(name, value); |
| 1135 } else if (type == ContentSecurityPolicy::DirectiveType::ReportURI) { | 1114 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ReportURI)) { |
| 1136 parseReportURI(name, value); | 1115 parseReportURI(name, value); |
| 1137 } else if (type == ContentSecurityPolicy::DirectiveType::BaseURI) { | 1116 } else if (equalIgnoringCase(name, ContentSecurityPolicy::BaseURI)) { |
| 1138 setCSPDirective<SourceListDirective>(name, value, m_baseURI); | 1117 setCSPDirective<SourceListDirective>(name, value, m_baseURI); |
| 1139 } else if (type == ContentSecurityPolicy::DirectiveType::ChildSrc) { | 1118 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ChildSrc)) { |
| 1140 setCSPDirective<SourceListDirective>(name, value, m_childSrc); | 1119 setCSPDirective<SourceListDirective>(name, value, m_childSrc); |
| 1141 } else if (type == ContentSecurityPolicy::DirectiveType::WorkerSrc && | 1120 } else if (equalIgnoringCase(name, ContentSecurityPolicy::WorkerSrc) && |
| 1142 m_policy->experimentalFeaturesEnabled()) { | 1121 m_policy->experimentalFeaturesEnabled()) { |
| 1143 setCSPDirective<SourceListDirective>(name, value, m_workerSrc); | 1122 setCSPDirective<SourceListDirective>(name, value, m_workerSrc); |
| 1144 } else if (type == ContentSecurityPolicy::DirectiveType::FormAction) { | 1123 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FormAction)) { |
| 1145 setCSPDirective<SourceListDirective>(name, value, m_formAction); | 1124 setCSPDirective<SourceListDirective>(name, value, m_formAction); |
| 1146 } else if (type == ContentSecurityPolicy::DirectiveType::PluginTypes) { | 1125 } else if (equalIgnoringCase(name, ContentSecurityPolicy::PluginTypes)) { |
| 1147 setCSPDirective<MediaListDirective>(name, value, m_pluginTypes); | 1126 setCSPDirective<MediaListDirective>(name, value, m_pluginTypes); |
| 1148 } else if (type == | 1127 } else if (equalIgnoringCase( |
| 1149 ContentSecurityPolicy::DirectiveType::UpgradeInsecureRequests) { | 1128 name, ContentSecurityPolicy::UpgradeInsecureRequests)) { |
| 1150 enableInsecureRequestsUpgrade(name, value); | 1129 enableInsecureRequestsUpgrade(name, value); |
| 1151 } else if (type == | 1130 } else if (equalIgnoringCase(name, |
| 1152 ContentSecurityPolicy::DirectiveType::BlockAllMixedContent) { | 1131 ContentSecurityPolicy::BlockAllMixedContent)) { |
| 1153 enforceStrictMixedContentChecking(name, value); | 1132 enforceStrictMixedContentChecking(name, value); |
| 1154 } else if (type == ContentSecurityPolicy::DirectiveType::ManifestSrc) { | 1133 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ManifestSrc)) { |
| 1155 setCSPDirective<SourceListDirective>(name, value, m_manifestSrc); | 1134 setCSPDirective<SourceListDirective>(name, value, m_manifestSrc); |
| 1156 } else if (type == | 1135 } else if (equalIgnoringCase(name, |
| 1157 ContentSecurityPolicy::DirectiveType::TreatAsPublicAddress) { | 1136 ContentSecurityPolicy::TreatAsPublicAddress)) { |
| 1158 treatAsPublicAddress(name, value); | 1137 treatAsPublicAddress(name, value); |
| 1159 } else if (type == ContentSecurityPolicy::DirectiveType::RequireSRIFor && | 1138 } else if (equalIgnoringCase(name, ContentSecurityPolicy::RequireSRIFor) && |
| 1160 m_policy->experimentalFeaturesEnabled()) { | 1139 m_policy->experimentalFeaturesEnabled()) { |
| 1161 parseRequireSRIFor(name, value); | 1140 parseRequireSRIFor(name, value); |
| 1162 } else { | 1141 } else { |
| 1163 m_policy->reportUnsupportedDirective(name); | 1142 m_policy->reportUnsupportedDirective(name); |
| 1164 } | 1143 } |
| 1165 } | 1144 } |
| 1166 | 1145 |
| 1167 DEFINE_TRACE(CSPDirectiveList) { | 1146 DEFINE_TRACE(CSPDirectiveList) { |
| 1168 visitor->trace(m_policy); | 1147 visitor->trace(m_policy); |
| 1169 visitor->trace(m_pluginTypes); | 1148 visitor->trace(m_pluginTypes); |
| 1170 visitor->trace(m_baseURI); | 1149 visitor->trace(m_baseURI); |
| 1171 visitor->trace(m_childSrc); | 1150 visitor->trace(m_childSrc); |
| 1172 visitor->trace(m_connectSrc); | 1151 visitor->trace(m_connectSrc); |
| 1173 visitor->trace(m_defaultSrc); | 1152 visitor->trace(m_defaultSrc); |
| 1174 visitor->trace(m_fontSrc); | 1153 visitor->trace(m_fontSrc); |
| 1175 visitor->trace(m_formAction); | 1154 visitor->trace(m_formAction); |
| 1176 visitor->trace(m_frameAncestors); | 1155 visitor->trace(m_frameAncestors); |
| 1177 visitor->trace(m_frameSrc); | 1156 visitor->trace(m_frameSrc); |
| 1178 visitor->trace(m_imgSrc); | 1157 visitor->trace(m_imgSrc); |
| 1179 visitor->trace(m_mediaSrc); | 1158 visitor->trace(m_mediaSrc); |
| 1180 visitor->trace(m_manifestSrc); | 1159 visitor->trace(m_manifestSrc); |
| 1181 visitor->trace(m_objectSrc); | 1160 visitor->trace(m_objectSrc); |
| 1182 visitor->trace(m_scriptSrc); | 1161 visitor->trace(m_scriptSrc); |
| 1183 visitor->trace(m_styleSrc); | 1162 visitor->trace(m_styleSrc); |
| 1184 visitor->trace(m_workerSrc); | 1163 visitor->trace(m_workerSrc); |
| 1185 } | 1164 } |
| 1186 | 1165 |
| 1187 } // namespace blink | 1166 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2528133002:
Revert of Embedding-CSP: Refactoring directive strings into enum (Closed)
