OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef SourceListDirective_h | 5 #ifndef SourceListDirective_h |
6 #define SourceListDirective_h | 6 #define SourceListDirective_h |
7 | 7 |
8 #include "core/CoreExport.h" | 8 #include "core/CoreExport.h" |
9 #include "core/frame/csp/CSPDirective.h" | 9 #include "core/frame/csp/CSPDirective.h" |
10 #include "core/frame/csp/CSPSource.h" | 10 #include "core/frame/csp/CSPSource.h" |
(...skipping 28 matching lines...) Expand all Loading... |
39 ResourceRequest::RedirectStatus::NoRedirect) const; | 39 ResourceRequest::RedirectStatus::NoRedirect) const; |
40 bool allowInline() const; | 40 bool allowInline() const; |
41 bool allowEval() const; | 41 bool allowEval() const; |
42 bool allowDynamic() const; | 42 bool allowDynamic() const; |
43 bool allowNonce(const String& nonce) const; | 43 bool allowNonce(const String& nonce) const; |
44 bool allowHash(const CSPHashValue&) const; | 44 bool allowHash(const CSPHashValue&) const; |
45 bool allowHashedAttributes() const; | 45 bool allowHashedAttributes() const; |
46 bool isNone() const; | 46 bool isNone() const; |
47 bool isHashOrNoncePresent() const; | 47 bool isHashOrNoncePresent() const; |
48 uint8_t hashAlgorithmsUsed() const; | 48 uint8_t hashAlgorithmsUsed() const; |
49 bool allowAllInline(); | 49 bool allowAllInline() const; |
50 | 50 |
51 // The algorothm is described more extensively here: | 51 // The algorothm is described more extensively here: |
52 // https://w3c.github.io/webappsec-csp/embedded/#subsume-source-list | 52 // https://w3c.github.io/webappsec-csp/embedded/#subsume-source-list |
53 bool subsumes(HeapVector<Member<SourceListDirective>>); | 53 bool subsumes(const HeapVector<Member<SourceListDirective>>&) const; |
54 | 54 |
55 private: | 55 private: |
56 FRIEND_TEST_ALL_PREFIXES(SourceListDirectiveTest, GetIntersectCSPSources); | 56 FRIEND_TEST_ALL_PREFIXES(SourceListDirectiveTest, GetIntersectCSPSources); |
57 FRIEND_TEST_ALL_PREFIXES(SourceListDirectiveTest, | 57 FRIEND_TEST_ALL_PREFIXES(SourceListDirectiveTest, |
58 GetIntersectCSPSourcesSchemes); | 58 GetIntersectCSPSourcesSchemes); |
59 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, GetSourceVector); | 59 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, GetSourceVector); |
60 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, OperativeDirectiveGivenType); | 60 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, OperativeDirectiveGivenType); |
61 | 61 |
62 bool parseSource(const UChar* begin, | 62 bool parseSource(const UChar* begin, |
63 const UChar* end, | 63 const UChar* end, |
(...skipping 27 matching lines...) Expand all Loading... |
91 void addSourceUnsafeHashedAttributes(); | 91 void addSourceUnsafeHashedAttributes(); |
92 void addSourceNonce(const String& nonce); | 92 void addSourceNonce(const String& nonce); |
93 void addSourceHash(const ContentSecurityPolicyHashAlgorithm&, | 93 void addSourceHash(const ContentSecurityPolicyHashAlgorithm&, |
94 const DigestValue& hash); | 94 const DigestValue& hash); |
95 | 95 |
96 static void addSourceToMap(HeapHashMap<String, Member<CSPSource>>&, | 96 static void addSourceToMap(HeapHashMap<String, Member<CSPSource>>&, |
97 CSPSource*); | 97 CSPSource*); |
98 | 98 |
99 bool hasSourceMatchInList(const KURL&, ResourceRequest::RedirectStatus) const; | 99 bool hasSourceMatchInList(const KURL&, ResourceRequest::RedirectStatus) const; |
100 HeapVector<Member<CSPSource>> getIntersectCSPSources( | 100 HeapVector<Member<CSPSource>> getIntersectCSPSources( |
101 HeapVector<Member<CSPSource>> other); | 101 const HeapVector<Member<CSPSource>>& other) const; |
102 HeapHashMap<String, Member<CSPSource>> getIntersectSchemesOnly( | 102 HeapHashMap<String, Member<CSPSource>> getIntersectSchemesOnly( |
103 HeapVector<Member<CSPSource>> other); | 103 const HeapVector<Member<CSPSource>>& other) const; |
104 | 104 |
105 Member<ContentSecurityPolicy> m_policy; | 105 Member<ContentSecurityPolicy> m_policy; |
106 HeapVector<Member<CSPSource>> m_list; | 106 HeapVector<Member<CSPSource>> m_list; |
107 String m_directiveName; | 107 String m_directiveName; |
108 bool m_allowSelf; | 108 bool m_allowSelf; |
109 bool m_allowStar; | 109 bool m_allowStar; |
110 bool m_allowInline; | 110 bool m_allowInline; |
111 bool m_allowEval; | 111 bool m_allowEval; |
112 bool m_allowDynamic; | 112 bool m_allowDynamic; |
113 bool m_allowHashedAttributes; | 113 bool m_allowHashedAttributes; |
114 HashSet<String> m_nonces; | 114 HashSet<String> m_nonces; |
115 HashSet<CSPHashValue> m_hashes; | 115 HashSet<CSPHashValue> m_hashes; |
116 uint8_t m_hashAlgorithmsUsed; | 116 uint8_t m_hashAlgorithmsUsed; |
117 }; | 117 }; |
118 | 118 |
119 } // namespace blink | 119 } // namespace blink |
120 | 120 |
121 #endif | 121 #endif |
OLD | NEW |