Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(396)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp

Issue 2538623003: Part 3.4: Is policy list subsumed under subsuming policy? (Closed)
Patch Set: Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | third_party/WebKit/Source/core/frame/csp/SourceListDirectiveTest.cpp » ('j') | third_party/WebKit/Source/core/frame/csp/SourceListDirectiveTest.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp
diff --git a/third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp b/third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp
index 79cbfa20062664e1c59f98a8965f8009ef47324e..a007e9ee320eee6dc7430eb8dccde6e947838b08 100644
--- a/third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp
+++ b/third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp
@@ -607,12 +607,17 @@ bool SourceListDirective::subsumes(
normalizedB.append(other[0]->m_policy->getSelfSource());
bool allowInlineOther = other[0]->m_allowInline;
+ bool allowEvalOther = other[0]->m_allowEval;
bool allowDynamicOther = other[0]->m_allowDynamic;
+ bool allowHashedAttributesOther = other[0]->m_allowHashedAttributes;
bool isHashOrNoncePresentOther = other[0]->isHashOrNoncePresent();
for (size_t i = 1; i < other.size(); i++) {
allowInlineOther = allowInlineOther && other[i]->m_allowInline;
+ allowEvalOther = allowEvalOther && other[i]->m_allowEval;
allowDynamicOther = allowDynamicOther && other[i]->m_allowDynamic;
+ allowHashedAttributesOther =
+ allowHashedAttributesOther && other[i]->m_allowHashedAttributes;
isHashOrNoncePresentOther =
isHashOrNoncePresentOther && other[i]->isHashOrNoncePresent();
normalizedB = other[i]->getIntersectCSPSources(normalizedB);
@@ -620,12 +625,23 @@ bool SourceListDirective::subsumes(
const ContentSecurityPolicy::DirectiveType type =
ContentSecurityPolicy::getDirectiveType(m_directiveName);
- bool allowAllInlineOther =
- allowInlineOther && !isHashOrNoncePresentOther &&
- (type != ContentSecurityPolicy::DirectiveType::ScriptSrc ||
- !allowDynamicOther);
- if (!allowAllInline() && allowAllInlineOther)
- return false;
+ if (type == ContentSecurityPolicy::DirectiveType::ScriptSrc ||
+ type == ContentSecurityPolicy::DirectiveType::StyleSrc) {
+ if (type == ContentSecurityPolicy::DirectiveType::ScriptSrc &&
Mike West 2016/11/29 12:05:48 Default? Or is |type| the effective directive here
amalika 2016/11/29 13:37:45 Yes! It is only the operative directive. On CSPDir
+ !m_allowDynamic && !allowAllInline() && allowDynamicOther) {
+ return false;
+ }
+ if (!m_allowEval && allowEvalOther)
+ return false;
+ if (!m_allowHashedAttributes && allowHashedAttributesOther)
+ return false;
+ bool allowAllInlineOther =
+ allowInlineOther && !isHashOrNoncePresentOther &&
+ (type != ContentSecurityPolicy::DirectiveType::ScriptSrc ||
+ !allowDynamicOther);
+ if (!allowAllInline() && allowAllInlineOther)
+ return false;
+ }
return CSPSource::firstSubsumesSecond(normalizedA, normalizedB);
}
« no previous file with comments | « no previous file | third_party/WebKit/Source/core/frame/csp/SourceListDirectiveTest.cpp » ('j') | third_party/WebKit/Source/core/frame/csp/SourceListDirectiveTest.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698