| Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
|
| diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
|
| index 403a7fc926ed0bc2a290ce7c945d471a9339885f..34611c35cf3466b6a3e1401ca7c0c5637baf77bf 100644
|
| --- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
|
| +++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
|
| @@ -72,6 +72,66 @@
|
| #include <memory>
|
|
|
| namespace blink {
|
| +
|
| +// CSP Level 1 Directives
|
| +const char ContentSecurityPolicy::ConnectSrc[] = "connect-src";
|
| +const char ContentSecurityPolicy::DefaultSrc[] = "default-src";
|
| +const char ContentSecurityPolicy::FontSrc[] = "font-src";
|
| +const char ContentSecurityPolicy::FrameSrc[] = "frame-src";
|
| +const char ContentSecurityPolicy::ImgSrc[] = "img-src";
|
| +const char ContentSecurityPolicy::MediaSrc[] = "media-src";
|
| +const char ContentSecurityPolicy::ObjectSrc[] = "object-src";
|
| +const char ContentSecurityPolicy::ReportURI[] = "report-uri";
|
| +const char ContentSecurityPolicy::Sandbox[] = "sandbox";
|
| +const char ContentSecurityPolicy::ScriptSrc[] = "script-src";
|
| +const char ContentSecurityPolicy::StyleSrc[] = "style-src";
|
| +
|
| +// CSP Level 2 Directives
|
| +const char ContentSecurityPolicy::BaseURI[] = "base-uri";
|
| +const char ContentSecurityPolicy::ChildSrc[] = "child-src";
|
| +const char ContentSecurityPolicy::FormAction[] = "form-action";
|
| +const char ContentSecurityPolicy::FrameAncestors[] = "frame-ancestors";
|
| +const char ContentSecurityPolicy::PluginTypes[] = "plugin-types";
|
| +
|
| +// CSP Level 3 Directives
|
| +const char ContentSecurityPolicy::ManifestSrc[] = "manifest-src";
|
| +const char ContentSecurityPolicy::WorkerSrc[] = "worker-src";
|
| +
|
| +// Mixed Content Directive
|
| +// https://w3c.github.io/webappsec/specs/mixedcontent/#strict-mode
|
| +const char ContentSecurityPolicy::BlockAllMixedContent[] =
|
| + "block-all-mixed-content";
|
| +
|
| +// https://w3c.github.io/webappsec/specs/upgrade/
|
| +const char ContentSecurityPolicy::UpgradeInsecureRequests[] =
|
| + "upgrade-insecure-requests";
|
| +
|
| +// https://mikewest.github.io/cors-rfc1918/#csp
|
| +const char ContentSecurityPolicy::TreatAsPublicAddress[] =
|
| + "treat-as-public-address";
|
| +
|
| +// https://w3c.github.io/webappsec-subresource-integrity/#require-sri-for
|
| +const char ContentSecurityPolicy::RequireSRIFor[] = "require-sri-for";
|
| +
|
| +bool ContentSecurityPolicy::isDirectiveName(const String& name) {
|
| + return (
|
| + equalIgnoringCase(name, ConnectSrc) ||
|
| + equalIgnoringCase(name, DefaultSrc) || equalIgnoringCase(name, FontSrc) ||
|
| + equalIgnoringCase(name, FrameSrc) || equalIgnoringCase(name, ImgSrc) ||
|
| + equalIgnoringCase(name, MediaSrc) || equalIgnoringCase(name, ObjectSrc) ||
|
| + equalIgnoringCase(name, ReportURI) || equalIgnoringCase(name, Sandbox) ||
|
| + equalIgnoringCase(name, ScriptSrc) || equalIgnoringCase(name, StyleSrc) ||
|
| + equalIgnoringCase(name, BaseURI) || equalIgnoringCase(name, ChildSrc) ||
|
| + equalIgnoringCase(name, FormAction) ||
|
| + equalIgnoringCase(name, FrameAncestors) ||
|
| + equalIgnoringCase(name, PluginTypes) ||
|
| + equalIgnoringCase(name, ManifestSrc) ||
|
| + equalIgnoringCase(name, WorkerSrc) ||
|
| + equalIgnoringCase(name, BlockAllMixedContent) ||
|
| + equalIgnoringCase(name, UpgradeInsecureRequests) ||
|
| + equalIgnoringCase(name, TreatAsPublicAddress) ||
|
| + equalIgnoringCase(name, RequireSRIFor));
|
| +}
|
|
|
| bool ContentSecurityPolicy::isNonceableElement(const Element* element) {
|
| if (!element->fastHasAttribute(HTMLNames::nonceAttr))
|
| @@ -981,11 +1041,10 @@
|
| m_insecureRequestPolicy |= kUpgradeInsecureRequests;
|
| }
|
|
|
| -static String stripURLForUseInReport(
|
| - ExecutionContext* context,
|
| - const KURL& url,
|
| - RedirectStatus redirectStatus,
|
| - const ContentSecurityPolicy::DirectiveType& effectiveType) {
|
| +static String stripURLForUseInReport(ExecutionContext* context,
|
| + const KURL& url,
|
| + RedirectStatus redirectStatus,
|
| + const String& effectiveDirective) {
|
| if (!url.isValid())
|
| return String();
|
| if (!url.isHierarchical() || url.protocolIs("file"))
|
| @@ -997,8 +1056,10 @@
|
| bool canSafelyExposeURL =
|
| context->getSecurityOrigin()->canRequest(url) ||
|
| (redirectStatus == RedirectStatus::NoRedirect &&
|
| - effectiveType != ContentSecurityPolicy::DirectiveType::FrameSrc &&
|
| - effectiveType != ContentSecurityPolicy::DirectiveType::ObjectSrc);
|
| + !equalIgnoringCase(effectiveDirective,
|
| + ContentSecurityPolicy::FrameSrc) &&
|
| + !equalIgnoringCase(effectiveDirective,
|
| + ContentSecurityPolicy::ObjectSrc));
|
|
|
| if (canSafelyExposeURL) {
|
| // 'KURL::strippedForUseAsReferrer()' dumps 'String()' for non-webby URLs.
|
| @@ -1014,14 +1075,15 @@
|
| SecurityPolicyViolationEventInit& init,
|
| ExecutionContext* context,
|
| const String& directiveText,
|
| - const ContentSecurityPolicy::DirectiveType& effectiveType,
|
| + const String& effectiveDirective,
|
| const KURL& blockedURL,
|
| const String& header,
|
| RedirectStatus redirectStatus,
|
| ContentSecurityPolicyHeaderType headerType,
|
| ContentSecurityPolicy::ViolationType violationType,
|
| int contextLine) {
|
| - if (effectiveType == ContentSecurityPolicy::DirectiveType::FrameAncestors) {
|
| + if (equalIgnoringCase(effectiveDirective,
|
| + ContentSecurityPolicy::FrameAncestors)) {
|
| // If this load was blocked via 'frame-ancestors', then the URL of
|
| // |document| has not yet been initialized. In this case, we'll set both
|
| // 'documentURI' and 'blockedURI' to the blocked document's URL.
|
| @@ -1038,13 +1100,11 @@
|
| break;
|
| case ContentSecurityPolicy::URLViolation:
|
| init.setBlockedURI(stripURLForUseInReport(
|
| - context, blockedURL, redirectStatus, effectiveType));
|
| + context, blockedURL, redirectStatus, effectiveDirective));
|
| break;
|
| }
|
| }
|
|
|
| - String effectiveDirective =
|
| - ContentSecurityPolicy::getDirectiveName(effectiveType);
|
| init.setViolatedDirective(effectiveDirective);
|
| init.setEffectiveDirective(effectiveDirective);
|
| init.setOriginalPolicy(header);
|
| @@ -1069,8 +1129,8 @@
|
| std::unique_ptr<SourceLocation> location = SourceLocation::capture(context);
|
| if (location->lineNumber()) {
|
| KURL source = KURL(ParsedURLString, location->url());
|
| - init.setSourceFile(
|
| - stripURLForUseInReport(context, source, redirectStatus, effectiveType));
|
| + init.setSourceFile(stripURLForUseInReport(context, source, redirectStatus,
|
| + effectiveDirective));
|
| init.setLineNumber(location->lineNumber());
|
| init.setColumnNumber(location->columnNumber());
|
| }
|
| @@ -1078,7 +1138,7 @@
|
|
|
| void ContentSecurityPolicy::reportViolation(
|
| const String& directiveText,
|
| - const DirectiveType& effectiveType,
|
| + const String& effectiveDirective,
|
| const String& consoleMessage,
|
| const KURL& blockedURL,
|
| const Vector<String>& reportEndpoints,
|
| @@ -1095,14 +1155,19 @@
|
| // https://crbug.com/611232 (or move CSP child-src and frame-src checks to the
|
| // browser process - see https://crbug.com/376522).
|
| if (!m_executionContext && !contextFrame) {
|
| - DCHECK(effectiveType == DirectiveType::ChildSrc ||
|
| - effectiveType == DirectiveType::FrameSrc ||
|
| - effectiveType == DirectiveType::PluginTypes);
|
| + DCHECK(equalIgnoringCase(effectiveDirective,
|
| + ContentSecurityPolicy::ChildSrc) ||
|
| + equalIgnoringCase(effectiveDirective,
|
| + ContentSecurityPolicy::FrameSrc) ||
|
| + equalIgnoringCase(effectiveDirective,
|
| + ContentSecurityPolicy::PluginTypes));
|
| return;
|
| }
|
|
|
| DCHECK((m_executionContext && !contextFrame) ||
|
| - ((effectiveType == DirectiveType::FrameAncestors) && contextFrame));
|
| + (equalIgnoringCase(effectiveDirective,
|
| + ContentSecurityPolicy::FrameAncestors) &&
|
| + contextFrame));
|
|
|
| SecurityPolicyViolationEventInit violationData;
|
|
|
| @@ -1112,8 +1177,9 @@
|
| contextFrame ? contextFrame->document() : m_executionContext;
|
| DCHECK(relevantContext);
|
| gatherSecurityPolicyViolationEventData(
|
| - violationData, relevantContext, directiveText, effectiveType, blockedURL,
|
| - header, redirectStatus, headerType, violationType, contextLine);
|
| + violationData, relevantContext, directiveText, effectiveDirective,
|
| + blockedURL, header, redirectStatus, headerType, violationType,
|
| + contextLine);
|
|
|
| // TODO(mkwst): Obviously, we shouldn't hit this check, as extension-loaded
|
| // resources should be allowed regardless. We apparently do, however, so
|
| @@ -1200,8 +1266,8 @@
|
| // document's URL.
|
| DCHECK(!contextFrame || !m_executionContext);
|
| DCHECK(!contextFrame ||
|
| - getDirectiveType(violationData.effectiveDirective()) ==
|
| - DirectiveType::FrameAncestors);
|
| + equalIgnoringCase(violationData.effectiveDirective(),
|
| + FrameAncestors));
|
| KURL url =
|
| contextFrame
|
| ? frame->document()->completeURLWithOverride(
|
| @@ -1303,7 +1369,7 @@
|
| message = optionsMessage;
|
| } else if (equalIgnoringCase(name, policyURI)) {
|
| message = policyURIMessage;
|
| - } else if (getDirectiveType(name) != DirectiveType::Undefined) {
|
| + } else if (isDirectiveName(name)) {
|
| message = "The Content-Security-Policy directive '" + name +
|
| "' is implemented behind a flag which is currently disabled.\n";
|
| level = InfoMessageLevel;
|
| @@ -1490,109 +1556,4 @@
|
| m_violationReportsSent.add(report.impl()->hash());
|
| }
|
|
|
| -const char* ContentSecurityPolicy::getDirectiveName(const DirectiveType& type) {
|
| - switch (type) {
|
| - case DirectiveType::BaseURI:
|
| - return "base-uri";
|
| - case DirectiveType::BlockAllMixedContent:
|
| - return "block-all-mixed-content";
|
| - case DirectiveType::ChildSrc:
|
| - return "child-src";
|
| - case DirectiveType::ConnectSrc:
|
| - return "connect-src";
|
| - case DirectiveType::DefaultSrc:
|
| - return "default-src";
|
| - case DirectiveType::FrameAncestors:
|
| - return "frame-ancestors";
|
| - case DirectiveType::FrameSrc:
|
| - return "frame-src";
|
| - case DirectiveType::FontSrc:
|
| - return "font-src";
|
| - case DirectiveType::FormAction:
|
| - return "form-action";
|
| - case DirectiveType::ImgSrc:
|
| - return "img-src";
|
| - case DirectiveType::ManifestSrc:
|
| - return "manifest-src";
|
| - case DirectiveType::MediaSrc:
|
| - return "media-src";
|
| - case DirectiveType::ObjectSrc:
|
| - return "object-src";
|
| - case DirectiveType::PluginTypes:
|
| - return "plugin-types";
|
| - case DirectiveType::ReportURI:
|
| - return "report-uri";
|
| - case DirectiveType::RequireSRIFor:
|
| - return "require-sri-for";
|
| - case DirectiveType::Sandbox:
|
| - return "sandbox";
|
| - case DirectiveType::ScriptSrc:
|
| - return "script-src";
|
| - case DirectiveType::StyleSrc:
|
| - return "style-src";
|
| - case DirectiveType::TreatAsPublicAddress:
|
| - return "treat-as-public-address";
|
| - case DirectiveType::UpgradeInsecureRequests:
|
| - return "upgrade-insecure-requests";
|
| - case DirectiveType::WorkerSrc:
|
| - return "worker-src";
|
| - case DirectiveType::Undefined:
|
| - NOTREACHED();
|
| - return "";
|
| - }
|
| -
|
| - NOTREACHED();
|
| - return "";
|
| -}
|
| -
|
| -ContentSecurityPolicy::DirectiveType ContentSecurityPolicy::getDirectiveType(
|
| - const String& name) {
|
| - if (name == "base-uri")
|
| - return DirectiveType::BaseURI;
|
| - if (name == "block-all-mixed-content")
|
| - return DirectiveType::BlockAllMixedContent;
|
| - if (name == "child-src")
|
| - return DirectiveType::ChildSrc;
|
| - if (name == "connect-src")
|
| - return DirectiveType::ConnectSrc;
|
| - if (name == "default-src")
|
| - return DirectiveType::DefaultSrc;
|
| - if (name == "frame-ancestors")
|
| - return DirectiveType::FrameAncestors;
|
| - if (name == "frame-src")
|
| - return DirectiveType::FrameSrc;
|
| - if (name == "font-src")
|
| - return DirectiveType::FontSrc;
|
| - if (name == "form-action")
|
| - return DirectiveType::FormAction;
|
| - if (name == "img-src")
|
| - return DirectiveType::ImgSrc;
|
| - if (name == "manifest-src")
|
| - return DirectiveType::ManifestSrc;
|
| - if (name == "media-src")
|
| - return DirectiveType::MediaSrc;
|
| - if (name == "object-src")
|
| - return DirectiveType::ObjectSrc;
|
| - if (name == "plugin-types")
|
| - return DirectiveType::PluginTypes;
|
| - if (name == "report-uri")
|
| - return DirectiveType::ReportURI;
|
| - if (name == "require-sri-for")
|
| - return DirectiveType::RequireSRIFor;
|
| - if (name == "sandbox")
|
| - return DirectiveType::Sandbox;
|
| - if (name == "script-src")
|
| - return DirectiveType::ScriptSrc;
|
| - if (name == "style-src")
|
| - return DirectiveType::StyleSrc;
|
| - if (name == "treat-as-public-address")
|
| - return DirectiveType::TreatAsPublicAddress;
|
| - if (name == "upgrade-insecure-requests")
|
| - return DirectiveType::UpgradeInsecureRequests;
|
| - if (name == "worker-src")
|
| - return DirectiveType::WorkerSrc;
|
| -
|
| - return DirectiveType::Undefined;
|
| -}
|
| -
|
| } // namespace blink
|
|
|
Chromium Code Reviews
Issue 2528133002:
Revert of Embedding-CSP: Refactoring directive strings into enum (Closed)
