OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/SourceListDirective.h" | 5 #include "core/frame/csp/SourceListDirective.h" |
6 | 6 |
7 #include "core/frame/csp/CSPSource.h" | 7 #include "core/frame/csp/CSPSource.h" |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "platform/network/ContentSecurityPolicyParsers.h" | 9 #include "platform/network/ContentSecurityPolicyParsers.h" |
10 #include "platform/weborigin/KURL.h" | 10 #include "platform/weborigin/KURL.h" |
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
134 CSPSource::WildcardDisposition hostWildcard = CSPSource::NoWildcard; | 134 CSPSource::WildcardDisposition hostWildcard = CSPSource::NoWildcard; |
135 CSPSource::WildcardDisposition portWildcard = CSPSource::NoWildcard; | 135 CSPSource::WildcardDisposition portWildcard = CSPSource::NoWildcard; |
136 | 136 |
137 if (parseSource(beginSource, position, scheme, host, port, path, | 137 if (parseSource(beginSource, position, scheme, host, port, path, |
138 hostWildcard, portWildcard)) { | 138 hostWildcard, portWildcard)) { |
139 // Wildcard hosts and keyword sources ('self', 'unsafe-inline', | 139 // Wildcard hosts and keyword sources ('self', 'unsafe-inline', |
140 // etc.) aren't stored in m_list, but as attributes on the source | 140 // etc.) aren't stored in m_list, but as attributes on the source |
141 // list itself. | 141 // list itself. |
142 if (scheme.isEmpty() && host.isEmpty()) | 142 if (scheme.isEmpty() && host.isEmpty()) |
143 continue; | 143 continue; |
144 if (ContentSecurityPolicy::getDirectiveType(host) != | 144 if (m_policy->isDirectiveName(host)) |
145 ContentSecurityPolicy::DirectiveType::Undefined) | |
146 m_policy->reportDirectiveAsSourceExpression(m_directiveName, host); | 145 m_policy->reportDirectiveAsSourceExpression(m_directiveName, host); |
147 m_list.append(new CSPSource(m_policy, scheme, host, port, path, | 146 m_list.append(new CSPSource(m_policy, scheme, host, port, path, |
148 hostWildcard, portWildcard)); | 147 hostWildcard, portWildcard)); |
149 } else { | 148 } else { |
150 m_policy->reportInvalidSourceExpression( | 149 m_policy->reportInvalidSourceExpression( |
151 m_directiveName, String(beginSource, position - beginSource)); | 150 m_directiveName, String(beginSource, position - beginSource)); |
152 } | 151 } |
153 | 152 |
154 DCHECK(position == end || isASCIISpace(*position)); | 153 DCHECK(position == end || isASCIISpace(*position)); |
155 } | 154 } |
(...skipping 443 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
599 return normalized; | 598 return normalized; |
600 } | 599 } |
601 | 600 |
602 DEFINE_TRACE(SourceListDirective) { | 601 DEFINE_TRACE(SourceListDirective) { |
603 visitor->trace(m_policy); | 602 visitor->trace(m_policy); |
604 visitor->trace(m_list); | 603 visitor->trace(m_list); |
605 CSPDirective::trace(visitor); | 604 CSPDirective::trace(visitor); |
606 } | 605 } |
607 | 606 |
608 } // namespace blink | 607 } // namespace blink |
OLD | NEW |