| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "core/frame/csp/CSPDirectiveList.h" | 5 #include "core/frame/csp/CSPDirectiveList.h" |
| 6 | 6 |
| 7 #include "bindings/core/v8/SourceLocation.h" | 7 #include "bindings/core/v8/SourceLocation.h" |
| 8 #include "core/dom/Document.h" | 8 #include "core/dom/Document.h" |
| 9 #include "core/dom/SecurityContext.h" | 9 #include "core/dom/SecurityContext.h" |
| 10 #include "core/dom/SpaceSplitString.h" | 10 #include "core/dom/SpaceSplitString.h" |
| (...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 80 if (directives->isReportOnly() && | 80 if (directives->isReportOnly() && |
| 81 source != ContentSecurityPolicyHeaderSourceMeta && | 81 source != ContentSecurityPolicyHeaderSourceMeta && |
| 82 directives->reportEndpoints().isEmpty()) | 82 directives->reportEndpoints().isEmpty()) |
| 83 policy->reportMissingReportURI(String(begin, end - begin)); | 83 policy->reportMissingReportURI(String(begin, end - begin)); |
| 84 | 84 |
| 85 return directives; | 85 return directives; |
| 86 } | 86 } |
| 87 | 87 |
| 88 void CSPDirectiveList::reportViolation( | 88 void CSPDirectiveList::reportViolation( |
| 89 const String& directiveText, | 89 const String& directiveText, |
| 90 const String& effectiveDirective, | 90 const ContentSecurityPolicy::DirectiveType& effectiveType, |
| 91 const String& consoleMessage, | 91 const String& consoleMessage, |
| 92 const KURL& blockedURL, | 92 const KURL& blockedURL, |
| 93 ResourceRequest::RedirectStatus redirectStatus) const { | 93 ResourceRequest::RedirectStatus redirectStatus) const { |
| 94 String message = | 94 String message = |
| 95 isReportOnly() ? "[Report Only] " + consoleMessage : consoleMessage; | 95 isReportOnly() ? "[Report Only] " + consoleMessage : consoleMessage; |
| 96 m_policy->logToConsole(ConsoleMessage::create(SecurityMessageSource, | 96 m_policy->logToConsole(ConsoleMessage::create(SecurityMessageSource, |
| 97 ErrorMessageLevel, message)); | 97 ErrorMessageLevel, message)); |
| 98 m_policy->reportViolation(directiveText, effectiveDirective, message, | 98 m_policy->reportViolation(directiveText, effectiveType, message, blockedURL, |
| 99 blockedURL, m_reportEndpoints, m_header, | 99 m_reportEndpoints, m_header, m_headerType, |
| 100 m_headerType, ContentSecurityPolicy::URLViolation, | 100 ContentSecurityPolicy::URLViolation, nullptr, |
| 101 nullptr, redirectStatus); | 101 redirectStatus); |
| 102 } | 102 } |
| 103 | 103 |
| 104 void CSPDirectiveList::reportViolationWithFrame( | 104 void CSPDirectiveList::reportViolationWithFrame( |
| 105 const String& directiveText, | 105 const String& directiveText, |
| 106 const String& effectiveDirective, | 106 const ContentSecurityPolicy::DirectiveType& effectiveType, |
| 107 const String& consoleMessage, | 107 const String& consoleMessage, |
| 108 const KURL& blockedURL, | 108 const KURL& blockedURL, |
| 109 LocalFrame* frame) const { | 109 LocalFrame* frame) const { |
| 110 String message = | 110 String message = |
| 111 isReportOnly() ? "[Report Only] " + consoleMessage : consoleMessage; | 111 isReportOnly() ? "[Report Only] " + consoleMessage : consoleMessage; |
| 112 m_policy->logToConsole( | 112 m_policy->logToConsole( |
| 113 ConsoleMessage::create(SecurityMessageSource, ErrorMessageLevel, message), | 113 ConsoleMessage::create(SecurityMessageSource, ErrorMessageLevel, message), |
| 114 frame); | 114 frame); |
| 115 m_policy->reportViolation( | 115 m_policy->reportViolation(directiveText, effectiveType, message, blockedURL, |
| 116 directiveText, effectiveDirective, message, blockedURL, m_reportEndpoints, | 116 m_reportEndpoints, m_header, m_headerType, |
| 117 m_header, m_headerType, ContentSecurityPolicy::URLViolation, frame); | 117 ContentSecurityPolicy::URLViolation, frame); |
| 118 } | 118 } |
| 119 | 119 |
| 120 void CSPDirectiveList::reportViolationWithLocation( | 120 void CSPDirectiveList::reportViolationWithLocation( |
| 121 const String& directiveText, | 121 const String& directiveText, |
| 122 const String& effectiveDirective, | 122 const ContentSecurityPolicy::DirectiveType& effectiveType, |
| 123 const String& consoleMessage, | 123 const String& consoleMessage, |
| 124 const KURL& blockedURL, | 124 const KURL& blockedURL, |
| 125 const String& contextURL, | 125 const String& contextURL, |
| 126 const WTF::OrdinalNumber& contextLine, | 126 const WTF::OrdinalNumber& contextLine, |
| 127 Element* element) const { | 127 Element* element) const { |
| 128 String message = | 128 String message = |
| 129 isReportOnly() ? "[Report Only] " + consoleMessage : consoleMessage; | 129 isReportOnly() ? "[Report Only] " + consoleMessage : consoleMessage; |
| 130 m_policy->logToConsole(ConsoleMessage::create( | 130 m_policy->logToConsole(ConsoleMessage::create( |
| 131 SecurityMessageSource, ErrorMessageLevel, message, | 131 SecurityMessageSource, ErrorMessageLevel, message, |
| 132 SourceLocation::capture(contextURL, contextLine.oneBasedInt(), 0))); | 132 SourceLocation::capture(contextURL, contextLine.oneBasedInt(), 0))); |
| 133 m_policy->reportViolation( | 133 m_policy->reportViolation( |
| 134 directiveText, effectiveDirective, message, blockedURL, m_reportEndpoints, | 134 directiveText, effectiveType, message, blockedURL, m_reportEndpoints, |
| 135 m_header, m_headerType, ContentSecurityPolicy::InlineViolation, nullptr, | 135 m_header, m_headerType, ContentSecurityPolicy::InlineViolation, nullptr, |
| 136 RedirectStatus::NoRedirect, contextLine.oneBasedInt(), element); | 136 RedirectStatus::NoRedirect, contextLine.oneBasedInt(), element); |
| 137 } | 137 } |
| 138 | 138 |
| 139 void CSPDirectiveList::reportViolationWithState( | 139 void CSPDirectiveList::reportViolationWithState( |
| 140 const String& directiveText, | 140 const String& directiveText, |
| 141 const String& effectiveDirective, | 141 const ContentSecurityPolicy::DirectiveType& effectiveType, |
| 142 const String& message, | 142 const String& message, |
| 143 const KURL& blockedURL, | 143 const KURL& blockedURL, |
| 144 ScriptState* scriptState, | 144 ScriptState* scriptState, |
| 145 const ContentSecurityPolicy::ExceptionStatus exceptionStatus) const { | 145 const ContentSecurityPolicy::ExceptionStatus exceptionStatus) const { |
| 146 String reportMessage = isReportOnly() ? "[Report Only] " + message : message; | 146 String reportMessage = isReportOnly() ? "[Report Only] " + message : message; |
| 147 // Print a console message if it won't be redundant with a | 147 // Print a console message if it won't be redundant with a |
| 148 // JavaScript exception that the caller will throw. (Exceptions will | 148 // JavaScript exception that the caller will throw. (Exceptions will |
| 149 // never get thrown in report-only mode because the caller won't see | 149 // never get thrown in report-only mode because the caller won't see |
| 150 // a violation.) | 150 // a violation.) |
| 151 if (isReportOnly() || | 151 if (isReportOnly() || |
| 152 exceptionStatus == ContentSecurityPolicy::WillNotThrowException) { | 152 exceptionStatus == ContentSecurityPolicy::WillNotThrowException) { |
| 153 ConsoleMessage* consoleMessage = ConsoleMessage::create( | 153 ConsoleMessage* consoleMessage = ConsoleMessage::create( |
| 154 SecurityMessageSource, ErrorMessageLevel, reportMessage); | 154 SecurityMessageSource, ErrorMessageLevel, reportMessage); |
| 155 m_policy->logToConsole(consoleMessage); | 155 m_policy->logToConsole(consoleMessage); |
| 156 } | 156 } |
| 157 m_policy->reportViolation(directiveText, effectiveDirective, message, | 157 m_policy->reportViolation(directiveText, effectiveType, message, blockedURL, |
| 158 blockedURL, m_reportEndpoints, m_header, | 158 m_reportEndpoints, m_header, m_headerType, |
| 159 m_headerType, ContentSecurityPolicy::EvalViolation); | 159 ContentSecurityPolicy::EvalViolation); |
| 160 } | 160 } |
| 161 | 161 |
| 162 bool CSPDirectiveList::checkEval(SourceListDirective* directive) const { | 162 bool CSPDirectiveList::checkEval(SourceListDirective* directive) const { |
| 163 return !directive || directive->allowEval(); | 163 return !directive || directive->allowEval(); |
| 164 } | 164 } |
| 165 | 165 |
| 166 bool CSPDirectiveList::checkInline(SourceListDirective* directive) const { | 166 bool CSPDirectiveList::checkInline(SourceListDirective* directive) const { |
| 167 return !directive || | 167 return !directive || |
| 168 (directive->allowInline() && !directive->isHashOrNoncePresent()); | 168 (directive->allowInline() && !directive->isHashOrNoncePresent()); |
| 169 } | 169 } |
| (...skipping 14 matching lines...) Expand all Loading... |
| 184 } | 184 } |
| 185 | 185 |
| 186 bool CSPDirectiveList::checkDynamic(SourceListDirective* directive) const { | 186 bool CSPDirectiveList::checkDynamic(SourceListDirective* directive) const { |
| 187 return !directive || directive->allowDynamic(); | 187 return !directive || directive->allowDynamic(); |
| 188 } | 188 } |
| 189 | 189 |
| 190 void CSPDirectiveList::reportMixedContent( | 190 void CSPDirectiveList::reportMixedContent( |
| 191 const KURL& mixedURL, | 191 const KURL& mixedURL, |
| 192 ResourceRequest::RedirectStatus redirectStatus) const { | 192 ResourceRequest::RedirectStatus redirectStatus) const { |
| 193 if (strictMixedContentChecking()) { | 193 if (strictMixedContentChecking()) { |
| 194 m_policy->reportViolation(ContentSecurityPolicy::BlockAllMixedContent, | 194 m_policy->reportViolation( |
| 195 ContentSecurityPolicy::BlockAllMixedContent, | 195 ContentSecurityPolicy::getDirectiveName( |
| 196 String(), mixedURL, m_reportEndpoints, m_header, | 196 ContentSecurityPolicy::DirectiveType::BlockAllMixedContent), |
| 197 m_headerType, ContentSecurityPolicy::URLViolation, | 197 ContentSecurityPolicy::DirectiveType::BlockAllMixedContent, String(), |
| 198 nullptr, redirectStatus); | 198 mixedURL, m_reportEndpoints, m_header, m_headerType, |
| 199 ContentSecurityPolicy::URLViolation, nullptr, redirectStatus); |
| 199 } | 200 } |
| 200 } | 201 } |
| 201 | 202 |
| 202 bool CSPDirectiveList::checkSource( | 203 bool CSPDirectiveList::checkSource( |
| 203 SourceListDirective* directive, | 204 SourceListDirective* directive, |
| 204 const KURL& url, | 205 const KURL& url, |
| 205 ResourceRequest::RedirectStatus redirectStatus) const { | 206 ResourceRequest::RedirectStatus redirectStatus) const { |
| 206 // If |url| is empty, fall back to the policy URL to ensure that <object>'s | 207 // If |url| is empty, fall back to the policy URL to ensure that <object>'s |
| 207 // without a `src` can be blocked/allowed, as they can still load plugins | 208 // without a `src` can be blocked/allowed, as they can still load plugins |
| 208 // even though they don't actually have a URL. | 209 // even though they don't actually have a URL. |
| (...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 275 case WebURLRequest::RequestContextSharedWorker: | 276 case WebURLRequest::RequestContextSharedWorker: |
| 276 resourceType = "shared worker"; | 277 resourceType = "shared worker"; |
| 277 break; | 278 break; |
| 278 case WebURLRequest::RequestContextWorker: | 279 case WebURLRequest::RequestContextWorker: |
| 279 resourceType = "worker"; | 280 resourceType = "worker"; |
| 280 break; | 281 break; |
| 281 default: | 282 default: |
| 282 break; | 283 break; |
| 283 } | 284 } |
| 284 | 285 |
| 285 reportViolation(ContentSecurityPolicy::RequireSRIFor, | 286 reportViolation(ContentSecurityPolicy::getDirectiveName( |
| 286 ContentSecurityPolicy::RequireSRIFor, | 287 ContentSecurityPolicy::DirectiveType::RequireSRIFor), |
| 288 ContentSecurityPolicy::DirectiveType::RequireSRIFor, |
| 287 "Refused to load the " + resourceType + " '" + | 289 "Refused to load the " + resourceType + " '" + |
| 288 url.elidedString() + | 290 url.elidedString() + |
| 289 "' because 'require-sri-for' directive requires " | 291 "' because 'require-sri-for' directive requires " |
| 290 "integrity attribute be present for all " + | 292 "integrity attribute be present for all " + |
| 291 resourceType + "s.", | 293 resourceType + "s.", |
| 292 url, redirectStatus); | 294 url, redirectStatus); |
| 293 return denyIfEnforcingPolicy(); | 295 return denyIfEnforcingPolicy(); |
| 294 } | 296 } |
| 295 | 297 |
| 296 bool CSPDirectiveList::allowRequestWithoutIntegrity( | 298 bool CSPDirectiveList::allowRequestWithoutIntegrity( |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 333 if (checkEval(directive)) | 335 if (checkEval(directive)) |
| 334 return true; | 336 return true; |
| 335 | 337 |
| 336 String suffix = String(); | 338 String suffix = String(); |
| 337 if (directive == m_defaultSrc) | 339 if (directive == m_defaultSrc) |
| 338 suffix = | 340 suffix = |
| 339 " Note that 'script-src' was not explicitly set, so 'default-src' is " | 341 " Note that 'script-src' was not explicitly set, so 'default-src' is " |
| 340 "used as a fallback."; | 342 "used as a fallback."; |
| 341 | 343 |
| 342 reportViolationWithState( | 344 reportViolationWithState( |
| 343 directive->text(), ContentSecurityPolicy::ScriptSrc, | 345 directive->text(), ContentSecurityPolicy::DirectiveType::ScriptSrc, |
| 344 consoleMessage + "\"" + directive->text() + "\"." + suffix + "\n", KURL(), | 346 consoleMessage + "\"" + directive->text() + "\"." + suffix + "\n", KURL(), |
| 345 scriptState, exceptionStatus); | 347 scriptState, exceptionStatus); |
| 346 if (!isReportOnly()) { | 348 if (!isReportOnly()) { |
| 347 m_policy->reportBlockedScriptExecutionToInspector(directive->text()); | 349 m_policy->reportBlockedScriptExecutionToInspector(directive->text()); |
| 348 return false; | 350 return false; |
| 349 } | 351 } |
| 350 return true; | 352 return true; |
| 351 } | 353 } |
| 352 | 354 |
| 353 bool CSPDirectiveList::checkMediaTypeAndReportViolation( | 355 bool CSPDirectiveList::checkMediaTypeAndReportViolation( |
| 354 MediaListDirective* directive, | 356 MediaListDirective* directive, |
| 355 const String& type, | 357 const String& type, |
| 356 const String& typeAttribute, | 358 const String& typeAttribute, |
| 357 const String& consoleMessage) const { | 359 const String& consoleMessage) const { |
| 358 if (checkMediaType(directive, type, typeAttribute)) | 360 if (checkMediaType(directive, type, typeAttribute)) |
| 359 return true; | 361 return true; |
| 360 | 362 |
| 361 String message = consoleMessage + "\'" + directive->text() + "\'."; | 363 String message = consoleMessage + "\'" + directive->text() + "\'."; |
| 362 if (typeAttribute.isEmpty()) | 364 if (typeAttribute.isEmpty()) |
| 363 message = message + | 365 message = message + |
| 364 " When enforcing the 'plugin-types' directive, the plugin's " | 366 " When enforcing the 'plugin-types' directive, the plugin's " |
| 365 "media type must be explicitly declared with a 'type' attribute " | 367 "media type must be explicitly declared with a 'type' attribute " |
| 366 "on the containing element (e.g. '<object type=\"[TYPE GOES " | 368 "on the containing element (e.g. '<object type=\"[TYPE GOES " |
| 367 "HERE]\" ...>')."; | 369 "HERE]\" ...>')."; |
| 368 | 370 |
| 369 // 'RedirectStatus::NoRedirect' is safe here, as we do the media type check | 371 // 'RedirectStatus::NoRedirect' is safe here, as we do the media type check |
| 370 // before actually loading data; this means that we shouldn't leak redirect | 372 // before actually loading data; this means that we shouldn't leak redirect |
| 371 // targets, as we won't have had a chance to redirect yet. | 373 // targets, as we won't have had a chance to redirect yet. |
| 372 reportViolation(directive->text(), ContentSecurityPolicy::PluginTypes, | 374 reportViolation( |
| 373 message + "\n", KURL(), | 375 directive->text(), ContentSecurityPolicy::DirectiveType::PluginTypes, |
| 374 ResourceRequest::RedirectStatus::NoRedirect); | 376 message + "\n", KURL(), ResourceRequest::RedirectStatus::NoRedirect); |
| 375 return denyIfEnforcingPolicy(); | 377 return denyIfEnforcingPolicy(); |
| 376 } | 378 } |
| 377 | 379 |
| 378 bool CSPDirectiveList::checkInlineAndReportViolation( | 380 bool CSPDirectiveList::checkInlineAndReportViolation( |
| 379 SourceListDirective* directive, | 381 SourceListDirective* directive, |
| 380 const String& consoleMessage, | 382 const String& consoleMessage, |
| 381 Element* element, | 383 Element* element, |
| 382 const String& contextURL, | 384 const String& contextURL, |
| 383 const WTF::OrdinalNumber& contextLine, | 385 const WTF::OrdinalNumber& contextLine, |
| 384 bool isScript, | 386 bool isScript, |
| (...skipping 13 matching lines...) Expand all Loading... |
| 398 " Either the 'unsafe-inline' keyword, a hash ('" + hashValue + | 400 " Either the 'unsafe-inline' keyword, a hash ('" + hashValue + |
| 399 "'), or a nonce ('nonce-...') is required to enable inline execution."; | 401 "'), or a nonce ('nonce-...') is required to enable inline execution."; |
| 400 if (directive == m_defaultSrc) | 402 if (directive == m_defaultSrc) |
| 401 suffix = suffix + " Note also that '" + | 403 suffix = suffix + " Note also that '" + |
| 402 String(isScript ? "script" : "style") + | 404 String(isScript ? "script" : "style") + |
| 403 "-src' was not explicitly set, so 'default-src' is used as a " | 405 "-src' was not explicitly set, so 'default-src' is used as a " |
| 404 "fallback."; | 406 "fallback."; |
| 405 } | 407 } |
| 406 | 408 |
| 407 reportViolationWithLocation( | 409 reportViolationWithLocation( |
| 408 directive->text(), isScript ? ContentSecurityPolicy::ScriptSrc | 410 directive->text(), |
| 409 : ContentSecurityPolicy::StyleSrc, | 411 isScript ? ContentSecurityPolicy::DirectiveType::ScriptSrc |
| 412 : ContentSecurityPolicy::DirectiveType::StyleSrc, |
| 410 consoleMessage + "\"" + directive->text() + "\"." + suffix + "\n", KURL(), | 413 consoleMessage + "\"" + directive->text() + "\"." + suffix + "\n", KURL(), |
| 411 contextURL, contextLine, element); | 414 contextURL, contextLine, element); |
| 412 | 415 |
| 413 if (!isReportOnly()) { | 416 if (!isReportOnly()) { |
| 414 if (isScript) | 417 if (isScript) |
| 415 m_policy->reportBlockedScriptExecutionToInspector(directive->text()); | 418 m_policy->reportBlockedScriptExecutionToInspector(directive->text()); |
| 416 return false; | 419 return false; |
| 417 } | 420 } |
| 418 return true; | 421 return true; |
| 419 } | 422 } |
| 420 | 423 |
| 421 bool CSPDirectiveList::checkSourceAndReportViolation( | 424 bool CSPDirectiveList::checkSourceAndReportViolation( |
| 422 SourceListDirective* directive, | 425 SourceListDirective* directive, |
| 423 const KURL& url, | 426 const KURL& url, |
| 424 const String& effectiveDirective, | 427 const ContentSecurityPolicy::DirectiveType& effectiveType, |
| 425 ResourceRequest::RedirectStatus redirectStatus) const { | 428 ResourceRequest::RedirectStatus redirectStatus) const { |
| 426 if (!directive) | 429 if (!directive) |
| 427 return true; | 430 return true; |
| 428 | 431 |
| 429 // We ignore URL-based whitelists if we're allowing dynamic script injection. | 432 // We ignore URL-based whitelists if we're allowing dynamic script injection. |
| 430 if (checkSource(directive, url, redirectStatus) && !checkDynamic(directive)) | 433 if (checkSource(directive, url, redirectStatus) && !checkDynamic(directive)) |
| 431 return true; | 434 return true; |
| 432 | 435 |
| 433 // We should never have a violation against `child-src` or `default-src` | 436 // We should never have a violation against `child-src` or `default-src` |
| 434 // directly; the effective directive should always be one of the explicit | 437 // directly; the effective directive should always be one of the explicit |
| 435 // fetch directives. | 438 // fetch directives. |
| 436 DCHECK_NE(ContentSecurityPolicy::ChildSrc, effectiveDirective); | 439 DCHECK_NE(ContentSecurityPolicy::DirectiveType::ChildSrc, effectiveType); |
| 437 DCHECK_NE(ContentSecurityPolicy::DefaultSrc, effectiveDirective); | 440 DCHECK_NE(ContentSecurityPolicy::DirectiveType::DefaultSrc, effectiveType); |
| 438 | 441 |
| 439 String prefix; | 442 String prefix; |
| 440 if (ContentSecurityPolicy::BaseURI == effectiveDirective) | 443 if (ContentSecurityPolicy::DirectiveType::BaseURI == effectiveType) |
| 441 prefix = "Refused to set the document's base URI to '"; | 444 prefix = "Refused to set the document's base URI to '"; |
| 442 else if (ContentSecurityPolicy::WorkerSrc == effectiveDirective) | 445 else if (ContentSecurityPolicy::DirectiveType::WorkerSrc == effectiveType) |
| 443 prefix = "Refused to create a worker from '"; | 446 prefix = "Refused to create a worker from '"; |
| 444 else if (ContentSecurityPolicy::ConnectSrc == effectiveDirective) | 447 else if (ContentSecurityPolicy::DirectiveType::ConnectSrc == effectiveType) |
| 445 prefix = "Refused to connect to '"; | 448 prefix = "Refused to connect to '"; |
| 446 else if (ContentSecurityPolicy::FontSrc == effectiveDirective) | 449 else if (ContentSecurityPolicy::DirectiveType::FontSrc == effectiveType) |
| 447 prefix = "Refused to load the font '"; | 450 prefix = "Refused to load the font '"; |
| 448 else if (ContentSecurityPolicy::FormAction == effectiveDirective) | 451 else if (ContentSecurityPolicy::DirectiveType::FormAction == effectiveType) |
| 449 prefix = "Refused to send form data to '"; | 452 prefix = "Refused to send form data to '"; |
| 450 else if (ContentSecurityPolicy::FrameSrc == effectiveDirective) | 453 else if (ContentSecurityPolicy::DirectiveType::FrameSrc == effectiveType) |
| 451 prefix = "Refused to frame '"; | 454 prefix = "Refused to frame '"; |
| 452 else if (ContentSecurityPolicy::ImgSrc == effectiveDirective) | 455 else if (ContentSecurityPolicy::DirectiveType::ImgSrc == effectiveType) |
| 453 prefix = "Refused to load the image '"; | 456 prefix = "Refused to load the image '"; |
| 454 else if (ContentSecurityPolicy::MediaSrc == effectiveDirective) | 457 else if (ContentSecurityPolicy::DirectiveType::MediaSrc == effectiveType) |
| 455 prefix = "Refused to load media from '"; | 458 prefix = "Refused to load media from '"; |
| 456 else if (ContentSecurityPolicy::ManifestSrc == effectiveDirective) | 459 else if (ContentSecurityPolicy::DirectiveType::ManifestSrc == effectiveType) |
| 457 prefix = "Refused to load manifest from '"; | 460 prefix = "Refused to load manifest from '"; |
| 458 else if (ContentSecurityPolicy::ObjectSrc == effectiveDirective) | 461 else if (ContentSecurityPolicy::DirectiveType::ObjectSrc == effectiveType) |
| 459 prefix = "Refused to load plugin data from '"; | 462 prefix = "Refused to load plugin data from '"; |
| 460 else if (ContentSecurityPolicy::ScriptSrc == effectiveDirective) | 463 else if (ContentSecurityPolicy::DirectiveType::ScriptSrc == effectiveType) |
| 461 prefix = "Refused to load the script '"; | 464 prefix = "Refused to load the script '"; |
| 462 else if (ContentSecurityPolicy::StyleSrc == effectiveDirective) | 465 else if (ContentSecurityPolicy::DirectiveType::StyleSrc == effectiveType) |
| 463 prefix = "Refused to load the stylesheet '"; | 466 prefix = "Refused to load the stylesheet '"; |
| 464 | 467 |
| 465 String suffix = String(); | 468 String suffix = String(); |
| 466 if (checkDynamic(directive)) | 469 if (checkDynamic(directive)) |
| 467 suffix = | 470 suffix = |
| 468 " 'strict-dynamic' is present, so host-based whitelisting is disabled."; | 471 " 'strict-dynamic' is present, so host-based whitelisting is disabled."; |
| 469 if (directive == m_defaultSrc) | 472 if (directive == m_defaultSrc) |
| 470 suffix = | 473 suffix = |
| 471 suffix + " Note that '" + effectiveDirective + | 474 suffix + " Note that '" + |
| 475 ContentSecurityPolicy::getDirectiveName(effectiveType) + |
| 472 "' was not explicitly set, so 'default-src' is used as a fallback."; | 476 "' was not explicitly set, so 'default-src' is used as a fallback."; |
| 473 | 477 |
| 474 reportViolation(directive->text(), effectiveDirective, | 478 reportViolation(directive->text(), effectiveType, |
| 475 prefix + url.elidedString() + | 479 prefix + url.elidedString() + |
| 476 "' because it violates the following Content Security " | 480 "' because it violates the following Content Security " |
| 477 "Policy directive: \"" + | 481 "Policy directive: \"" + |
| 478 directive->text() + "\"." + suffix + "\n", | 482 directive->text() + "\"." + suffix + "\n", |
| 479 url, redirectStatus); | 483 url, redirectStatus); |
| 480 return denyIfEnforcingPolicy(); | 484 return denyIfEnforcingPolicy(); |
| 481 } | 485 } |
| 482 | 486 |
| 483 bool CSPDirectiveList::checkAncestorsAndReportViolation( | 487 bool CSPDirectiveList::checkAncestorsAndReportViolation( |
| 484 SourceListDirective* directive, | 488 SourceListDirective* directive, |
| 485 LocalFrame* frame, | 489 LocalFrame* frame, |
| 486 const KURL& url) const { | 490 const KURL& url) const { |
| 487 if (checkAncestors(directive, frame)) | 491 if (checkAncestors(directive, frame)) |
| 488 return true; | 492 return true; |
| 489 | 493 |
| 490 reportViolationWithFrame(directive->text(), "frame-ancestors", | 494 reportViolationWithFrame(directive->text(), |
| 495 ContentSecurityPolicy::DirectiveType::FrameAncestors, |
| 491 "Refused to display '" + url.elidedString() + | 496 "Refused to display '" + url.elidedString() + |
| 492 "' in a frame because an ancestor violates the " | 497 "' in a frame because an ancestor violates the " |
| 493 "following Content Security Policy directive: " | 498 "following Content Security Policy directive: " |
| 494 "\"" + | 499 "\"" + |
| 495 directive->text() + "\".", | 500 directive->text() + "\".", |
| 496 url, frame); | 501 url, frame); |
| 497 return denyIfEnforcingPolicy(); | 502 return denyIfEnforcingPolicy(); |
| 498 } | 503 } |
| 499 | 504 |
| 500 bool CSPDirectiveList::allowJavaScriptURLs( | 505 bool CSPDirectiveList::allowJavaScriptURLs( |
| (...skipping 105 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 606 ParserDisposition parserDisposition, | 611 ParserDisposition parserDisposition, |
| 607 ResourceRequest::RedirectStatus redirectStatus, | 612 ResourceRequest::RedirectStatus redirectStatus, |
| 608 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 613 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 609 if (isMatchingNoncePresent(operativeDirective(m_scriptSrc.get()), nonce)) | 614 if (isMatchingNoncePresent(operativeDirective(m_scriptSrc.get()), nonce)) |
| 610 return true; | 615 return true; |
| 611 if (parserDisposition == NotParserInserted && allowDynamic()) | 616 if (parserDisposition == NotParserInserted && allowDynamic()) |
| 612 return true; | 617 return true; |
| 613 return reportingStatus == ContentSecurityPolicy::SendReport | 618 return reportingStatus == ContentSecurityPolicy::SendReport |
| 614 ? checkSourceAndReportViolation( | 619 ? checkSourceAndReportViolation( |
| 615 operativeDirective(m_scriptSrc.get()), url, | 620 operativeDirective(m_scriptSrc.get()), url, |
| 616 ContentSecurityPolicy::ScriptSrc, redirectStatus) | 621 ContentSecurityPolicy::DirectiveType::ScriptSrc, |
| 622 redirectStatus) |
| 617 : checkSource(operativeDirective(m_scriptSrc.get()), url, | 623 : checkSource(operativeDirective(m_scriptSrc.get()), url, |
| 618 redirectStatus); | 624 redirectStatus); |
| 619 } | 625 } |
| 620 | 626 |
| 621 bool CSPDirectiveList::allowObjectFromSource( | 627 bool CSPDirectiveList::allowObjectFromSource( |
| 622 const KURL& url, | 628 const KURL& url, |
| 623 ResourceRequest::RedirectStatus redirectStatus, | 629 ResourceRequest::RedirectStatus redirectStatus, |
| 624 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 630 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 625 if (url.protocolIsAbout()) | 631 if (url.protocolIsAbout()) |
| 626 return true; | 632 return true; |
| 627 return reportingStatus == ContentSecurityPolicy::SendReport | 633 return reportingStatus == ContentSecurityPolicy::SendReport |
| 628 ? checkSourceAndReportViolation( | 634 ? checkSourceAndReportViolation( |
| 629 operativeDirective(m_objectSrc.get()), url, | 635 operativeDirective(m_objectSrc.get()), url, |
| 630 ContentSecurityPolicy::ObjectSrc, redirectStatus) | 636 ContentSecurityPolicy::DirectiveType::ObjectSrc, |
| 637 redirectStatus) |
| 631 : checkSource(operativeDirective(m_objectSrc.get()), url, | 638 : checkSource(operativeDirective(m_objectSrc.get()), url, |
| 632 redirectStatus); | 639 redirectStatus); |
| 633 } | 640 } |
| 634 | 641 |
| 635 bool CSPDirectiveList::allowFrameFromSource( | 642 bool CSPDirectiveList::allowFrameFromSource( |
| 636 const KURL& url, | 643 const KURL& url, |
| 637 ResourceRequest::RedirectStatus redirectStatus, | 644 ResourceRequest::RedirectStatus redirectStatus, |
| 638 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 645 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 639 if (url.protocolIsAbout()) | 646 if (url.protocolIsAbout()) |
| 640 return true; | 647 return true; |
| 641 | 648 |
| 642 // 'frame-src' overrides 'child-src', which overrides the default | 649 // 'frame-src' overrides 'child-src', which overrides the default |
| 643 // sources. So, we do this nested set of calls to 'operativeDirective()' to | 650 // sources. So, we do this nested set of calls to 'operativeDirective()' to |
| 644 // grab 'frame-src' if it exists, 'child-src' if it doesn't, and 'defaut-src' | 651 // grab 'frame-src' if it exists, 'child-src' if it doesn't, and 'defaut-src' |
| 645 // if neither are available. | 652 // if neither are available. |
| 646 SourceListDirective* whichDirective = operativeDirective( | 653 SourceListDirective* whichDirective = operativeDirective( |
| 647 m_frameSrc.get(), operativeDirective(m_childSrc.get())); | 654 m_frameSrc.get(), operativeDirective(m_childSrc.get())); |
| 648 | 655 |
| 649 return reportingStatus == ContentSecurityPolicy::SendReport | 656 return reportingStatus == ContentSecurityPolicy::SendReport |
| 650 ? checkSourceAndReportViolation(whichDirective, url, | 657 ? checkSourceAndReportViolation( |
| 651 ContentSecurityPolicy::FrameSrc, | 658 whichDirective, url, |
| 652 redirectStatus) | 659 ContentSecurityPolicy::DirectiveType::FrameSrc, |
| 660 redirectStatus) |
| 653 : checkSource(whichDirective, url, redirectStatus); | 661 : checkSource(whichDirective, url, redirectStatus); |
| 654 } | 662 } |
| 655 | 663 |
| 656 bool CSPDirectiveList::allowImageFromSource( | 664 bool CSPDirectiveList::allowImageFromSource( |
| 657 const KURL& url, | 665 const KURL& url, |
| 658 ResourceRequest::RedirectStatus redirectStatus, | 666 ResourceRequest::RedirectStatus redirectStatus, |
| 659 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 667 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 660 return reportingStatus == ContentSecurityPolicy::SendReport | 668 return reportingStatus == ContentSecurityPolicy::SendReport |
| 661 ? checkSourceAndReportViolation(operativeDirective(m_imgSrc.get()), | 669 ? checkSourceAndReportViolation( |
| 662 url, ContentSecurityPolicy::ImgSrc, | 670 operativeDirective(m_imgSrc.get()), url, |
| 663 redirectStatus) | 671 ContentSecurityPolicy::DirectiveType::ImgSrc, redirectStatus) |
| 664 : checkSource(operativeDirective(m_imgSrc.get()), url, | 672 : checkSource(operativeDirective(m_imgSrc.get()), url, |
| 665 redirectStatus); | 673 redirectStatus); |
| 666 } | 674 } |
| 667 | 675 |
| 668 bool CSPDirectiveList::allowStyleFromSource( | 676 bool CSPDirectiveList::allowStyleFromSource( |
| 669 const KURL& url, | 677 const KURL& url, |
| 670 const String& nonce, | 678 const String& nonce, |
| 671 ResourceRequest::RedirectStatus redirectStatus, | 679 ResourceRequest::RedirectStatus redirectStatus, |
| 672 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 680 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 673 if (isMatchingNoncePresent(operativeDirective(m_styleSrc.get()), nonce)) | 681 if (isMatchingNoncePresent(operativeDirective(m_styleSrc.get()), nonce)) |
| 674 return true; | 682 return true; |
| 675 return reportingStatus == ContentSecurityPolicy::SendReport | 683 return reportingStatus == ContentSecurityPolicy::SendReport |
| 676 ? checkSourceAndReportViolation( | 684 ? checkSourceAndReportViolation( |
| 677 operativeDirective(m_styleSrc.get()), url, | 685 operativeDirective(m_styleSrc.get()), url, |
| 678 ContentSecurityPolicy::StyleSrc, redirectStatus) | 686 ContentSecurityPolicy::DirectiveType::StyleSrc, |
| 687 redirectStatus) |
| 679 : checkSource(operativeDirective(m_styleSrc.get()), url, | 688 : checkSource(operativeDirective(m_styleSrc.get()), url, |
| 680 redirectStatus); | 689 redirectStatus); |
| 681 } | 690 } |
| 682 | 691 |
| 683 bool CSPDirectiveList::allowFontFromSource( | 692 bool CSPDirectiveList::allowFontFromSource( |
| 684 const KURL& url, | 693 const KURL& url, |
| 685 ResourceRequest::RedirectStatus redirectStatus, | 694 ResourceRequest::RedirectStatus redirectStatus, |
| 686 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 695 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 687 return reportingStatus == ContentSecurityPolicy::SendReport | 696 return reportingStatus == ContentSecurityPolicy::SendReport |
| 688 ? checkSourceAndReportViolation( | 697 ? checkSourceAndReportViolation( |
| 689 operativeDirective(m_fontSrc.get()), url, | 698 operativeDirective(m_fontSrc.get()), url, |
| 690 ContentSecurityPolicy::FontSrc, redirectStatus) | 699 ContentSecurityPolicy::DirectiveType::FontSrc, |
| 700 redirectStatus) |
| 691 : checkSource(operativeDirective(m_fontSrc.get()), url, | 701 : checkSource(operativeDirective(m_fontSrc.get()), url, |
| 692 redirectStatus); | 702 redirectStatus); |
| 693 } | 703 } |
| 694 | 704 |
| 695 bool CSPDirectiveList::allowMediaFromSource( | 705 bool CSPDirectiveList::allowMediaFromSource( |
| 696 const KURL& url, | 706 const KURL& url, |
| 697 ResourceRequest::RedirectStatus redirectStatus, | 707 ResourceRequest::RedirectStatus redirectStatus, |
| 698 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 708 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 699 return reportingStatus == ContentSecurityPolicy::SendReport | 709 return reportingStatus == ContentSecurityPolicy::SendReport |
| 700 ? checkSourceAndReportViolation( | 710 ? checkSourceAndReportViolation( |
| 701 operativeDirective(m_mediaSrc.get()), url, | 711 operativeDirective(m_mediaSrc.get()), url, |
| 702 ContentSecurityPolicy::MediaSrc, redirectStatus) | 712 ContentSecurityPolicy::DirectiveType::MediaSrc, |
| 713 redirectStatus) |
| 703 : checkSource(operativeDirective(m_mediaSrc.get()), url, | 714 : checkSource(operativeDirective(m_mediaSrc.get()), url, |
| 704 redirectStatus); | 715 redirectStatus); |
| 705 } | 716 } |
| 706 | 717 |
| 707 bool CSPDirectiveList::allowManifestFromSource( | 718 bool CSPDirectiveList::allowManifestFromSource( |
| 708 const KURL& url, | 719 const KURL& url, |
| 709 ResourceRequest::RedirectStatus redirectStatus, | 720 ResourceRequest::RedirectStatus redirectStatus, |
| 710 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 721 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 711 return reportingStatus == ContentSecurityPolicy::SendReport | 722 return reportingStatus == ContentSecurityPolicy::SendReport |
| 712 ? checkSourceAndReportViolation( | 723 ? checkSourceAndReportViolation( |
| 713 operativeDirective(m_manifestSrc.get()), url, | 724 operativeDirective(m_manifestSrc.get()), url, |
| 714 ContentSecurityPolicy::ManifestSrc, redirectStatus) | 725 ContentSecurityPolicy::DirectiveType::ManifestSrc, |
| 726 redirectStatus) |
| 715 : checkSource(operativeDirective(m_manifestSrc.get()), url, | 727 : checkSource(operativeDirective(m_manifestSrc.get()), url, |
| 716 redirectStatus); | 728 redirectStatus); |
| 717 } | 729 } |
| 718 | 730 |
| 719 bool CSPDirectiveList::allowConnectToSource( | 731 bool CSPDirectiveList::allowConnectToSource( |
| 720 const KURL& url, | 732 const KURL& url, |
| 721 ResourceRequest::RedirectStatus redirectStatus, | 733 ResourceRequest::RedirectStatus redirectStatus, |
| 722 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 734 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 723 return reportingStatus == ContentSecurityPolicy::SendReport | 735 return reportingStatus == ContentSecurityPolicy::SendReport |
| 724 ? checkSourceAndReportViolation( | 736 ? checkSourceAndReportViolation( |
| 725 operativeDirective(m_connectSrc.get()), url, | 737 operativeDirective(m_connectSrc.get()), url, |
| 726 ContentSecurityPolicy::ConnectSrc, redirectStatus) | 738 ContentSecurityPolicy::DirectiveType::ConnectSrc, |
| 739 redirectStatus) |
| 727 : checkSource(operativeDirective(m_connectSrc.get()), url, | 740 : checkSource(operativeDirective(m_connectSrc.get()), url, |
| 728 redirectStatus); | 741 redirectStatus); |
| 729 } | 742 } |
| 730 | 743 |
| 731 bool CSPDirectiveList::allowFormAction( | 744 bool CSPDirectiveList::allowFormAction( |
| 732 const KURL& url, | 745 const KURL& url, |
| 733 ResourceRequest::RedirectStatus redirectStatus, | 746 ResourceRequest::RedirectStatus redirectStatus, |
| 734 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 747 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 735 return reportingStatus == ContentSecurityPolicy::SendReport | 748 return reportingStatus == ContentSecurityPolicy::SendReport |
| 736 ? checkSourceAndReportViolation(m_formAction.get(), url, | 749 ? checkSourceAndReportViolation( |
| 737 ContentSecurityPolicy::FormAction, | 750 m_formAction.get(), url, |
| 738 redirectStatus) | 751 ContentSecurityPolicy::DirectiveType::FormAction, |
| 752 redirectStatus) |
| 739 : checkSource(m_formAction.get(), url, redirectStatus); | 753 : checkSource(m_formAction.get(), url, redirectStatus); |
| 740 } | 754 } |
| 741 | 755 |
| 742 bool CSPDirectiveList::allowBaseURI( | 756 bool CSPDirectiveList::allowBaseURI( |
| 743 const KURL& url, | 757 const KURL& url, |
| 744 ResourceRequest::RedirectStatus redirectStatus, | 758 ResourceRequest::RedirectStatus redirectStatus, |
| 745 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 759 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 746 return reportingStatus == ContentSecurityPolicy::SendReport | 760 return reportingStatus == ContentSecurityPolicy::SendReport |
| 747 ? checkSourceAndReportViolation(m_baseURI.get(), url, | 761 ? checkSourceAndReportViolation( |
| 748 ContentSecurityPolicy::BaseURI, | 762 m_baseURI.get(), url, |
| 749 redirectStatus) | 763 ContentSecurityPolicy::DirectiveType::BaseURI, |
| 764 redirectStatus) |
| 750 : checkSource(m_baseURI.get(), url, redirectStatus); | 765 : checkSource(m_baseURI.get(), url, redirectStatus); |
| 751 } | 766 } |
| 752 | 767 |
| 753 bool CSPDirectiveList::allowWorkerFromSource( | 768 bool CSPDirectiveList::allowWorkerFromSource( |
| 754 const KURL& url, | 769 const KURL& url, |
| 755 ResourceRequest::RedirectStatus redirectStatus, | 770 ResourceRequest::RedirectStatus redirectStatus, |
| 756 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 771 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 757 // 'worker-src' overrides 'child-src', which overrides the default | 772 // 'worker-src' overrides 'child-src', which overrides the default |
| 758 // sources. So, we do this nested set of calls to 'operativeDirective()' to | 773 // sources. So, we do this nested set of calls to 'operativeDirective()' to |
| 759 // grab 'worker-src' if it exists, 'child-src' if it doesn't, and 'defaut-src' | 774 // grab 'worker-src' if it exists, 'child-src' if it doesn't, and 'defaut-src' |
| 760 // if neither are available. | 775 // if neither are available. |
| 761 SourceListDirective* whichDirective = operativeDirective( | 776 SourceListDirective* whichDirective = operativeDirective( |
| 762 m_workerSrc.get(), operativeDirective(m_childSrc.get())); | 777 m_workerSrc.get(), operativeDirective(m_childSrc.get())); |
| 763 | 778 |
| 764 return reportingStatus == ContentSecurityPolicy::SendReport | 779 return reportingStatus == ContentSecurityPolicy::SendReport |
| 765 ? checkSourceAndReportViolation(whichDirective, url, | 780 ? checkSourceAndReportViolation( |
| 766 ContentSecurityPolicy::WorkerSrc, | 781 whichDirective, url, |
| 767 redirectStatus) | 782 ContentSecurityPolicy::DirectiveType::WorkerSrc, |
| 783 redirectStatus) |
| 768 : checkSource(whichDirective, url, redirectStatus); | 784 : checkSource(whichDirective, url, redirectStatus); |
| 769 } | 785 } |
| 770 | 786 |
| 771 bool CSPDirectiveList::allowAncestors( | 787 bool CSPDirectiveList::allowAncestors( |
| 772 LocalFrame* frame, | 788 LocalFrame* frame, |
| 773 const KURL& url, | 789 const KURL& url, |
| 774 ContentSecurityPolicy::ReportingStatus reportingStatus) const { | 790 ContentSecurityPolicy::ReportingStatus reportingStatus) const { |
| 775 return reportingStatus == ContentSecurityPolicy::SendReport | 791 return reportingStatus == ContentSecurityPolicy::SendReport |
| 776 ? checkAncestorsAndReportViolation(m_frameAncestors.get(), frame, | 792 ? checkAncestorsAndReportViolation(m_frameAncestors.get(), frame, |
| 777 url) | 793 url) |
| (...skipping 212 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 990 const String& value, | 1006 const String& value, |
| 991 Member<CSPDirectiveType>& directive) { | 1007 Member<CSPDirectiveType>& directive) { |
| 992 if (directive) { | 1008 if (directive) { |
| 993 m_policy->reportDuplicateDirective(name); | 1009 m_policy->reportDuplicateDirective(name); |
| 994 return; | 1010 return; |
| 995 } | 1011 } |
| 996 | 1012 |
| 997 // Remove frame-ancestors directives in meta policies, per | 1013 // Remove frame-ancestors directives in meta policies, per |
| 998 // https://www.w3.org/TR/CSP2/#delivery-html-meta-element. | 1014 // https://www.w3.org/TR/CSP2/#delivery-html-meta-element. |
| 999 if (m_headerSource == ContentSecurityPolicyHeaderSourceMeta && | 1015 if (m_headerSource == ContentSecurityPolicyHeaderSourceMeta && |
| 1000 name == ContentSecurityPolicy::FrameAncestors) { | 1016 ContentSecurityPolicy::getDirectiveType(name) == |
| 1017 ContentSecurityPolicy::DirectiveType::FrameAncestors) { |
| 1001 m_policy->reportInvalidDirectiveInMeta(name); | 1018 m_policy->reportInvalidDirectiveInMeta(name); |
| 1002 return; | 1019 return; |
| 1003 } | 1020 } |
| 1004 | 1021 |
| 1005 directive = new CSPDirectiveType(name, value, m_policy); | 1022 directive = new CSPDirectiveType(name, value, m_policy); |
| 1006 } | 1023 } |
| 1007 | 1024 |
| 1008 void CSPDirectiveList::applySandboxPolicy(const String& name, | 1025 void CSPDirectiveList::applySandboxPolicy(const String& name, |
| 1009 const String& sandboxPolicy) { | 1026 const String& sandboxPolicy) { |
| 1010 // Remove sandbox directives in meta policies, per | 1027 // Remove sandbox directives in meta policies, per |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1075 m_upgradeInsecureRequests = true; | 1092 m_upgradeInsecureRequests = true; |
| 1076 | 1093 |
| 1077 m_policy->upgradeInsecureRequests(); | 1094 m_policy->upgradeInsecureRequests(); |
| 1078 if (!value.isEmpty()) | 1095 if (!value.isEmpty()) |
| 1079 m_policy->reportValueForEmptyDirective(name, value); | 1096 m_policy->reportValueForEmptyDirective(name, value); |
| 1080 } | 1097 } |
| 1081 | 1098 |
| 1082 void CSPDirectiveList::addDirective(const String& name, const String& value) { | 1099 void CSPDirectiveList::addDirective(const String& name, const String& value) { |
| 1083 ASSERT(!name.isEmpty()); | 1100 ASSERT(!name.isEmpty()); |
| 1084 | 1101 |
| 1085 if (equalIgnoringCase(name, ContentSecurityPolicy::DefaultSrc)) { | 1102 ContentSecurityPolicy::DirectiveType type = |
| 1103 ContentSecurityPolicy::getDirectiveType(name); |
| 1104 if (type == ContentSecurityPolicy::DirectiveType::DefaultSrc) { |
| 1086 setCSPDirective<SourceListDirective>(name, value, m_defaultSrc); | 1105 setCSPDirective<SourceListDirective>(name, value, m_defaultSrc); |
| 1087 // TODO(mkwst) It seems unlikely that developers would use different | 1106 // TODO(mkwst) It seems unlikely that developers would use different |
| 1088 // algorithms for scripts and styles. We may want to combine the | 1107 // algorithms for scripts and styles. We may want to combine the |
| 1089 // usesScriptHashAlgorithms() and usesStyleHashAlgorithms. | 1108 // usesScriptHashAlgorithms() and usesStyleHashAlgorithms. |
| 1090 m_policy->usesScriptHashAlgorithms(m_defaultSrc->hashAlgorithmsUsed()); | 1109 m_policy->usesScriptHashAlgorithms(m_defaultSrc->hashAlgorithmsUsed()); |
| 1091 m_policy->usesStyleHashAlgorithms(m_defaultSrc->hashAlgorithmsUsed()); | 1110 m_policy->usesStyleHashAlgorithms(m_defaultSrc->hashAlgorithmsUsed()); |
| 1092 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ScriptSrc)) { | 1111 } else if (type == ContentSecurityPolicy::DirectiveType::ScriptSrc) { |
| 1093 setCSPDirective<SourceListDirective>(name, value, m_scriptSrc); | 1112 setCSPDirective<SourceListDirective>(name, value, m_scriptSrc); |
| 1094 m_policy->usesScriptHashAlgorithms(m_scriptSrc->hashAlgorithmsUsed()); | 1113 m_policy->usesScriptHashAlgorithms(m_scriptSrc->hashAlgorithmsUsed()); |
| 1095 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ObjectSrc)) { | 1114 } else if (type == ContentSecurityPolicy::DirectiveType::ObjectSrc) { |
| 1096 setCSPDirective<SourceListDirective>(name, value, m_objectSrc); | 1115 setCSPDirective<SourceListDirective>(name, value, m_objectSrc); |
| 1097 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FrameAncestors)) { | 1116 } else if (type == |
| 1117 |
| 1118 ContentSecurityPolicy::DirectiveType::FrameAncestors) { |
| 1098 setCSPDirective<SourceListDirective>(name, value, m_frameAncestors); | 1119 setCSPDirective<SourceListDirective>(name, value, m_frameAncestors); |
| 1099 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FrameSrc)) { | 1120 } else if (type == ContentSecurityPolicy::DirectiveType::FrameSrc) { |
| 1100 setCSPDirective<SourceListDirective>(name, value, m_frameSrc); | 1121 setCSPDirective<SourceListDirective>(name, value, m_frameSrc); |
| 1101 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ImgSrc)) { | 1122 } else if (type == ContentSecurityPolicy::DirectiveType::ImgSrc) { |
| 1102 setCSPDirective<SourceListDirective>(name, value, m_imgSrc); | 1123 setCSPDirective<SourceListDirective>(name, value, m_imgSrc); |
| 1103 } else if (equalIgnoringCase(name, ContentSecurityPolicy::StyleSrc)) { | 1124 } else if (type == ContentSecurityPolicy::DirectiveType::StyleSrc) { |
| 1104 setCSPDirective<SourceListDirective>(name, value, m_styleSrc); | 1125 setCSPDirective<SourceListDirective>(name, value, m_styleSrc); |
| 1105 m_policy->usesStyleHashAlgorithms(m_styleSrc->hashAlgorithmsUsed()); | 1126 m_policy->usesStyleHashAlgorithms(m_styleSrc->hashAlgorithmsUsed()); |
| 1106 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FontSrc)) { | 1127 } else if (type == ContentSecurityPolicy::DirectiveType::FontSrc) { |
| 1107 setCSPDirective<SourceListDirective>(name, value, m_fontSrc); | 1128 setCSPDirective<SourceListDirective>(name, value, m_fontSrc); |
| 1108 } else if (equalIgnoringCase(name, ContentSecurityPolicy::MediaSrc)) { | 1129 } else if (type == ContentSecurityPolicy::DirectiveType::MediaSrc) { |
| 1109 setCSPDirective<SourceListDirective>(name, value, m_mediaSrc); | 1130 setCSPDirective<SourceListDirective>(name, value, m_mediaSrc); |
| 1110 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ConnectSrc)) { | 1131 } else if (type == ContentSecurityPolicy::DirectiveType::ConnectSrc) { |
| 1111 setCSPDirective<SourceListDirective>(name, value, m_connectSrc); | 1132 setCSPDirective<SourceListDirective>(name, value, m_connectSrc); |
| 1112 } else if (equalIgnoringCase(name, ContentSecurityPolicy::Sandbox)) { | 1133 } else if (type == ContentSecurityPolicy::DirectiveType::Sandbox) { |
| 1113 applySandboxPolicy(name, value); | 1134 applySandboxPolicy(name, value); |
| 1114 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ReportURI)) { | 1135 } else if (type == ContentSecurityPolicy::DirectiveType::ReportURI) { |
| 1115 parseReportURI(name, value); | 1136 parseReportURI(name, value); |
| 1116 } else if (equalIgnoringCase(name, ContentSecurityPolicy::BaseURI)) { | 1137 } else if (type == ContentSecurityPolicy::DirectiveType::BaseURI) { |
| 1117 setCSPDirective<SourceListDirective>(name, value, m_baseURI); | 1138 setCSPDirective<SourceListDirective>(name, value, m_baseURI); |
| 1118 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ChildSrc)) { | 1139 } else if (type == ContentSecurityPolicy::DirectiveType::ChildSrc) { |
| 1119 setCSPDirective<SourceListDirective>(name, value, m_childSrc); | 1140 setCSPDirective<SourceListDirective>(name, value, m_childSrc); |
| 1120 } else if (equalIgnoringCase(name, ContentSecurityPolicy::WorkerSrc) && | 1141 } else if (type == ContentSecurityPolicy::DirectiveType::WorkerSrc && |
| 1121 m_policy->experimentalFeaturesEnabled()) { | 1142 m_policy->experimentalFeaturesEnabled()) { |
| 1122 setCSPDirective<SourceListDirective>(name, value, m_workerSrc); | 1143 setCSPDirective<SourceListDirective>(name, value, m_workerSrc); |
| 1123 } else if (equalIgnoringCase(name, ContentSecurityPolicy::FormAction)) { | 1144 } else if (type == ContentSecurityPolicy::DirectiveType::FormAction) { |
| 1124 setCSPDirective<SourceListDirective>(name, value, m_formAction); | 1145 setCSPDirective<SourceListDirective>(name, value, m_formAction); |
| 1125 } else if (equalIgnoringCase(name, ContentSecurityPolicy::PluginTypes)) { | 1146 } else if (type == ContentSecurityPolicy::DirectiveType::PluginTypes) { |
| 1126 setCSPDirective<MediaListDirective>(name, value, m_pluginTypes); | 1147 setCSPDirective<MediaListDirective>(name, value, m_pluginTypes); |
| 1127 } else if (equalIgnoringCase( | 1148 } else if (type == |
| 1128 name, ContentSecurityPolicy::UpgradeInsecureRequests)) { | 1149 ContentSecurityPolicy::DirectiveType::UpgradeInsecureRequests) { |
| 1129 enableInsecureRequestsUpgrade(name, value); | 1150 enableInsecureRequestsUpgrade(name, value); |
| 1130 } else if (equalIgnoringCase(name, | 1151 } else if (type == |
| 1131 ContentSecurityPolicy::BlockAllMixedContent)) { | 1152 ContentSecurityPolicy::DirectiveType::BlockAllMixedContent) { |
| 1132 enforceStrictMixedContentChecking(name, value); | 1153 enforceStrictMixedContentChecking(name, value); |
| 1133 } else if (equalIgnoringCase(name, ContentSecurityPolicy::ManifestSrc)) { | 1154 } else if (type == ContentSecurityPolicy::DirectiveType::ManifestSrc) { |
| 1134 setCSPDirective<SourceListDirective>(name, value, m_manifestSrc); | 1155 setCSPDirective<SourceListDirective>(name, value, m_manifestSrc); |
| 1135 } else if (equalIgnoringCase(name, | 1156 } else if (type == |
| 1136 ContentSecurityPolicy::TreatAsPublicAddress)) { | 1157 ContentSecurityPolicy::DirectiveType::TreatAsPublicAddress) { |
| 1137 treatAsPublicAddress(name, value); | 1158 treatAsPublicAddress(name, value); |
| 1138 } else if (equalIgnoringCase(name, ContentSecurityPolicy::RequireSRIFor) && | 1159 } else if (type == ContentSecurityPolicy::DirectiveType::RequireSRIFor && |
| 1139 m_policy->experimentalFeaturesEnabled()) { | 1160 m_policy->experimentalFeaturesEnabled()) { |
| 1140 parseRequireSRIFor(name, value); | 1161 parseRequireSRIFor(name, value); |
| 1141 } else { | 1162 } else { |
| 1142 m_policy->reportUnsupportedDirective(name); | 1163 m_policy->reportUnsupportedDirective(name); |
| 1143 } | 1164 } |
| 1144 } | 1165 } |
| 1145 | 1166 |
| 1146 DEFINE_TRACE(CSPDirectiveList) { | 1167 DEFINE_TRACE(CSPDirectiveList) { |
| 1147 visitor->trace(m_policy); | 1168 visitor->trace(m_policy); |
| 1148 visitor->trace(m_pluginTypes); | 1169 visitor->trace(m_pluginTypes); |
| 1149 visitor->trace(m_baseURI); | 1170 visitor->trace(m_baseURI); |
| 1150 visitor->trace(m_childSrc); | 1171 visitor->trace(m_childSrc); |
| 1151 visitor->trace(m_connectSrc); | 1172 visitor->trace(m_connectSrc); |
| 1152 visitor->trace(m_defaultSrc); | 1173 visitor->trace(m_defaultSrc); |
| 1153 visitor->trace(m_fontSrc); | 1174 visitor->trace(m_fontSrc); |
| 1154 visitor->trace(m_formAction); | 1175 visitor->trace(m_formAction); |
| 1155 visitor->trace(m_frameAncestors); | 1176 visitor->trace(m_frameAncestors); |
| 1156 visitor->trace(m_frameSrc); | 1177 visitor->trace(m_frameSrc); |
| 1157 visitor->trace(m_imgSrc); | 1178 visitor->trace(m_imgSrc); |
| 1158 visitor->trace(m_mediaSrc); | 1179 visitor->trace(m_mediaSrc); |
| 1159 visitor->trace(m_manifestSrc); | 1180 visitor->trace(m_manifestSrc); |
| 1160 visitor->trace(m_objectSrc); | 1181 visitor->trace(m_objectSrc); |
| 1161 visitor->trace(m_scriptSrc); | 1182 visitor->trace(m_scriptSrc); |
| 1162 visitor->trace(m_styleSrc); | 1183 visitor->trace(m_styleSrc); |
| 1163 visitor->trace(m_workerSrc); | 1184 visitor->trace(m_workerSrc); |
| 1164 } | 1185 } |
| 1165 | 1186 |
| 1166 } // namespace blink | 1187 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2532913002:
Unreverting Embedding-CSP: Refactoring directive strings into enum. (Closed)
