Part 3.8: Is policy list subsumed under subsuming policy?

third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "core/frame/csp/SourceListDirective.h"
 
 #include "core/frame/csp/CSPSource.h"
 #include "core/frame/csp/ContentSecurityPolicy.h"
 #include "platform/network/ContentSecurityPolicyParsers.h"
 #include "platform/weborigin/KURL.h"
@@ skipping 581 matching lines @@
   if (type != ContentSecurityPolicy::DirectiveType::DefaultSrc &&
       type != ContentSecurityPolicy::DirectiveType::StyleSrc &&
       type != ContentSecurityPolicy::DirectiveType::ScriptSrc) {
     return false;
   }
   return m_allowInline && !isHashOrNoncePresent() &&
          (type != ContentSecurityPolicy::DirectiveType::ScriptSrc ||
           !m_allowDynamic);
 }
 
+HeapVector<Member<CSPSource>> SourceListDirective::getSources(
+    Member<CSPSource> self) const {
+  HeapVector<Member<CSPSource>> sources = m_list;
+  if (m_allowStar) {
+    sources.append(new CSPSource(m_policy, "ftp", String(), 0, String(),
+                                 CSPSource::NoWildcard, CSPSource::NoWildcard));
+    sources.append(new CSPSource(m_policy, "ws", String(), 0, String(),
+                                 CSPSource::NoWildcard, CSPSource::NoWildcard));
+    sources.append(new CSPSource(m_policy, "http", String(), 0, String(),
+                                 CSPSource::NoWildcard, CSPSource::NoWildcard));
+    if (self) {
+      sources.append(new CSPSource(m_policy, self->getScheme(), String(), 0,
+                                   String(), CSPSource::NoWildcard,
+                                   CSPSource::NoWildcard));
+    }
+  } else if (m_allowSelf && self) {
+    sources.append(self);
+  }
+
+  return sources;
+}
+
 bool SourceListDirective::subsumes(
     const HeapVector<Member<SourceListDirective>>& other) const {
-  // TODO(amalika): Handle here special keywords.

[amalika, 2016/12/07 13:20:53]

Time to remove this :)

[Mike West, 2016/12/07 15:16:22]

Yay \o/

   if (!other.size() || other[0]->isNone())
     return other.size();
 
-  HeapVector<Member<CSPSource>> normalizedA = m_list;
-  if (m_allowSelf && other[0]->m_policy->getSelfSource())
-    normalizedA.append(other[0]->m_policy->getSelfSource());
-
-  HeapVector<Member<CSPSource>> normalizedB = other[0]->m_list;
-  if (other[0]->m_allowSelf && other[0]->m_policy->getSelfSource())
-    normalizedB.append(other[0]->m_policy->getSelfSource());
-
   bool allowInlineOther = other[0]->m_allowInline;
   bool allowEvalOther = other[0]->m_allowEval;
   bool allowDynamicOther = other[0]->m_allowDynamic;
   bool allowHashedAttributesOther = other[0]->m_allowHashedAttributes;
   bool isHashOrNoncePresentOther = other[0]->isHashOrNoncePresent();
   HashSet<String> noncesB = other[0]->m_nonces;
   HashSet<CSPHashValue> hashesB = other[0]->m_hashes;
 
+  HeapVector<Member<CSPSource>> normalizedB =
+      other[0]->getSources(other[0]->m_policy->getSelfSource());
   for (size_t i = 1; i < other.size(); i++) {
     allowInlineOther = allowInlineOther && other[i]->m_allowInline;
     allowEvalOther = allowEvalOther && other[i]->m_allowEval;
     allowDynamicOther = allowDynamicOther && other[i]->m_allowDynamic;
     allowHashedAttributesOther =
         allowHashedAttributesOther && other[i]->m_allowHashedAttributes;
     isHashOrNoncePresentOther =
         isHashOrNoncePresentOther && other[i]->isHashOrNoncePresent();
     noncesB = other[i]->getIntersectNonces(noncesB);
     hashesB = other[i]->getIntersectHashes(hashesB);
@@ skipping 25 matching lines @@
     // does allow, so the result is `false`.
     if (!m_allowDynamic)
       return false;
     // All keyword source expressions have been considered so only CSPSource
     // subsumption is left. However, `strict-dynamic` ignores all CSPSources so
     // for subsumption to be true either `other` must allow `strict-dynamic` or
     // have no allowed CSPSources.
     return allowDynamicOther || !normalizedB.size();
   }
 
+  HeapVector<Member<CSPSource>> normalizedA =
+      getSources(other[0]->m_policy->getSelfSource());

[Mike West, 2016/12/07 15:16:22]

Can you add a note explaining why you're using `other[0]`'s policy's self to
resolve the required policy's self?

   return CSPSource::firstSubsumesSecond(normalizedA, normalizedB);
 }
 
 bool SourceListDirective::subsumesNoncesAndHashes(
     const HashSet<String>& nonces,
     const HashSet<CSPHashValue> hashes) const {
   for (const auto& nonce : nonces) {
     if (!m_nonces.contains(nonce))
       return false;
   }
@@ skipping 64 matching lines @@
   HeapVector<Member<CSPSource>> normalized;
   // Add all normalized scheme source expressions.
   for (const auto& it : schemesMap) {
     // We do not add secure versions if insecure schemes are present.
     if ((it.key != "https" || !schemesMap.contains("http")) &&
         (it.key != "wss" || !schemesMap.contains("ws"))) {
       normalized.append(it.value);
     }
   }
 
-  HeapVector<Member<CSPSource>> thisVector = m_list;
-  if (m_allowSelf && m_policy->getSelfSource())
-    thisVector.append(m_policy->getSelfSource());
+  HeapVector<Member<CSPSource>> thisVector =
+      getSources(m_policy->getSelfSource());
   for (const auto& sourceA : thisVector) {
     if (schemesMap.contains(sourceA->getScheme()))
       continue;
 
     CSPSource* match(nullptr);
     for (const auto& sourceB : other) {
       // No need to add a host source expression if it is subsumed by the
       // matching scheme source expression.
       if (schemesMap.contains(sourceB->getScheme()))
         continue;
@@ skipping 17 matching lines @@
   return normalized;
 }
 
 DEFINE_TRACE(SourceListDirective) {
   visitor->trace(m_policy);
   visitor->trace(m_list);
   CSPDirective::trace(visitor);
 }
 
 }  // namespace blink