Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(12)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/core/frame/csp/SourceListDirective.h

Issue 2536713002: Part 3.3: Is policy list subsumed under subsuming policy? (Closed)
Patch Set: Rebasing Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp » ('j') | third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SourceListDirective_h 5 #ifndef SourceListDirective_h
6 #define SourceListDirective_h 6 #define SourceListDirective_h
7 7
8 #include "core/CoreExport.h" 8 #include "core/CoreExport.h"
9 #include "core/frame/csp/CSPDirective.h" 9 #include "core/frame/csp/CSPDirective.h"
10 #include "core/frame/csp/CSPSource.h" 10 #include "core/frame/csp/CSPSource.h"
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after
46 bool isHashOrNoncePresent() const; 46 bool isHashOrNoncePresent() const;
47 uint8_t hashAlgorithmsUsed() const; 47 uint8_t hashAlgorithmsUsed() const;
48 // The algorothm is described more extensively here: 48 // The algorothm is described more extensively here:
49 // https://w3c.github.io/webappsec-csp/embedded/#subsume-source-list 49 // https://w3c.github.io/webappsec-csp/embedded/#subsume-source-list
50 bool subsumes(HeapVector<Member<SourceListDirective>>); 50 bool subsumes(HeapVector<Member<SourceListDirective>>);
51 51
52 private: 52 private:
53 FRIEND_TEST_ALL_PREFIXES(SourceListDirectiveTest, GetIntersectCSPSources); 53 FRIEND_TEST_ALL_PREFIXES(SourceListDirectiveTest, GetIntersectCSPSources);
54 FRIEND_TEST_ALL_PREFIXES(SourceListDirectiveTest, 54 FRIEND_TEST_ALL_PREFIXES(SourceListDirectiveTest,
55 GetIntersectCSPSourcesSchemes); 55 GetIntersectCSPSourcesSchemes);
56 FRIEND_TEST_ALL_PREFIXES(SourceListDirectiveTest, AllowAllInline);
56 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, GetSourceVector); 57 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, GetSourceVector);
57 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, OperativeDirectiveGivenType); 58 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, OperativeDirectiveGivenType);
58 59
59 bool parseSource(const UChar* begin, 60 bool parseSource(const UChar* begin,
60 const UChar* end, 61 const UChar* end,
61 String& scheme, 62 String& scheme,
62 String& host, 63 String& host,
63 int& port, 64 int& port,
64 String& path, 65 String& path,
65 CSPSource::WildcardDisposition&, 66 CSPSource::WildcardDisposition&,
(...skipping 24 matching lines...) Expand all
90 void addSourceHash(const ContentSecurityPolicyHashAlgorithm&, 91 void addSourceHash(const ContentSecurityPolicyHashAlgorithm&,
91 const DigestValue& hash); 92 const DigestValue& hash);
92 93
93 static void addSourceToMap(HashMap<String, CSPSource*>&, CSPSource*); 94 static void addSourceToMap(HashMap<String, CSPSource*>&, CSPSource*);
94 95
95 bool hasSourceMatchInList(const KURL&, ResourceRequest::RedirectStatus) const; 96 bool hasSourceMatchInList(const KURL&, ResourceRequest::RedirectStatus) const;
96 HeapVector<Member<CSPSource>> getIntersectCSPSources( 97 HeapVector<Member<CSPSource>> getIntersectCSPSources(
97 HeapVector<Member<CSPSource>> other); 98 HeapVector<Member<CSPSource>> other);
98 HashMap<String, CSPSource*> getIntersectSchemesOnly( 99 HashMap<String, CSPSource*> getIntersectSchemesOnly(
99 HeapVector<Member<CSPSource>> other); 100 HeapVector<Member<CSPSource>> other);
101 bool allowAllInline();
100 102
101 Member<ContentSecurityPolicy> m_policy; 103 Member<ContentSecurityPolicy> m_policy;
102 HeapVector<Member<CSPSource>> m_list; 104 HeapVector<Member<CSPSource>> m_list;
103 String m_directiveName; 105 String m_directiveName;
104 bool m_allowSelf; 106 bool m_allowSelf;
105 bool m_allowStar; 107 bool m_allowStar;
106 bool m_allowInline; 108 bool m_allowInline;
107 bool m_allowEval; 109 bool m_allowEval;
108 bool m_allowDynamic; 110 bool m_allowDynamic;
109 bool m_allowHashedAttributes; 111 bool m_allowHashedAttributes;
110 HashSet<String> m_nonces; 112 HashSet<String> m_nonces;
111 HashSet<CSPHashValue> m_hashes; 113 HashSet<CSPHashValue> m_hashes;
112 uint8_t m_hashAlgorithmsUsed; 114 uint8_t m_hashAlgorithmsUsed;
113 }; 115 };
114 116
115 } // namespace blink 117 } // namespace blink
116 118
117 #endif 119 #endif
OLDNEW
« no previous file with comments | « no previous file | third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp » ('j') | third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698