OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/CSPSource.h" | 5 #include "core/frame/csp/CSPSource.h" |
6 | 6 |
7 #include "core/frame/UseCounter.h" | 7 #include "core/frame/UseCounter.h" |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "platform/weborigin/KURL.h" | 9 #include "platform/weborigin/KURL.h" |
10 #include "platform/weborigin/KnownPorts.h" | 10 #include "platform/weborigin/KnownPorts.h" |
(...skipping 114 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
125 } | 125 } |
126 | 126 |
127 bool CSPSource::isSimilar(CSPSource* other) const { | 127 bool CSPSource::isSimilar(CSPSource* other) const { |
128 bool schemesMatch = | 128 bool schemesMatch = |
129 schemeMatches(other->m_scheme) || other->schemeMatches(m_scheme); | 129 schemeMatches(other->m_scheme) || other->schemeMatches(m_scheme); |
130 if (!schemesMatch || isSchemeOnly() || other->isSchemeOnly()) | 130 if (!schemesMatch || isSchemeOnly() || other->isSchemeOnly()) |
131 return schemesMatch; | 131 return schemesMatch; |
132 bool hostsMatch = (m_host == other->m_host) || hostMatches(other->m_host) || | 132 bool hostsMatch = (m_host == other->m_host) || hostMatches(other->m_host) || |
133 other->hostMatches(m_host); | 133 other->hostMatches(m_host); |
134 bool portsMatch = (other->m_portWildcard == HasWildcard) || | 134 bool portsMatch = (other->m_portWildcard == HasWildcard) || |
135 portMatches(other->m_port, other->m_scheme); | 135 portMatches(other->m_port, other->m_scheme) || |
| 136 other->portMatches(m_port, m_scheme); |
136 bool pathsMatch = pathMatches(other->m_path) || other->pathMatches(m_path); | 137 bool pathsMatch = pathMatches(other->m_path) || other->pathMatches(m_path); |
137 if (hostsMatch && portsMatch && pathsMatch) | 138 if (hostsMatch && portsMatch && pathsMatch) |
138 return true; | 139 return true; |
139 | 140 |
140 return false; | 141 return false; |
141 } | 142 } |
142 | 143 |
143 CSPSource* CSPSource::intersect(CSPSource* other) const { | 144 CSPSource* CSPSource::intersect(CSPSource* other) const { |
144 if (!isSimilar(other)) | 145 if (!isSimilar(other)) |
145 return nullptr; | 146 return nullptr; |
146 | 147 |
147 String scheme = other->schemeMatches(m_scheme) ? m_scheme : other->m_scheme; | 148 String scheme = other->schemeMatches(m_scheme) ? m_scheme : other->m_scheme; |
148 if (isSchemeOnly() || other->isSchemeOnly()) { | 149 if (isSchemeOnly() || other->isSchemeOnly()) { |
149 const CSPSource* stricter = isSchemeOnly() ? other : this; | 150 const CSPSource* stricter = isSchemeOnly() ? other : this; |
150 return new CSPSource(m_policy, scheme, stricter->m_host, stricter->m_port, | 151 return new CSPSource(m_policy, scheme, stricter->m_host, stricter->m_port, |
151 stricter->m_path, stricter->m_hostWildcard, | 152 stricter->m_path, stricter->m_hostWildcard, |
152 stricter->m_portWildcard); | 153 stricter->m_portWildcard); |
153 } | 154 } |
154 | 155 |
155 String host = m_hostWildcard == NoWildcard ? m_host : other->m_host; | 156 String host = m_hostWildcard == NoWildcard ? m_host : other->m_host; |
156 String path = other->pathMatches(m_path) ? m_path : other->m_path; | 157 String path = other->pathMatches(m_path) ? m_path : other->m_path; |
157 int port = (other->m_portWildcard == HasWildcard || !other->m_port) | 158 // Choose this port if the other port is empty, has wildcard or is a port for |
| 159 // a less secure scheme such as "http" whereas scheme of this is "https", in |
| 160 // which case the lengths would differ. |
| 161 int port = (other->m_portWildcard == HasWildcard || !other->m_port || |
| 162 m_scheme.length() > other->m_scheme.length()) |
158 ? m_port | 163 ? m_port |
159 : other->m_port; | 164 : other->m_port; |
160 WildcardDisposition hostWildcard = | 165 WildcardDisposition hostWildcard = |
161 (m_hostWildcard == HasWildcard) ? other->m_hostWildcard : m_hostWildcard; | 166 (m_hostWildcard == HasWildcard) ? other->m_hostWildcard : m_hostWildcard; |
162 WildcardDisposition portWildcard = | 167 WildcardDisposition portWildcard = |
163 (m_portWildcard == HasWildcard) ? other->m_portWildcard : m_portWildcard; | 168 (m_portWildcard == HasWildcard) ? other->m_portWildcard : m_portWildcard; |
164 return new CSPSource(m_policy, scheme, host, port, path, hostWildcard, | 169 return new CSPSource(m_policy, scheme, host, port, path, hostWildcard, |
165 portWildcard); | 170 portWildcard); |
166 } | 171 } |
167 | 172 |
(...skipping 21 matching lines...) Expand all Loading... |
189 return false; | 194 return false; |
190 } | 195 } |
191 return true; | 196 return true; |
192 } | 197 } |
193 | 198 |
194 DEFINE_TRACE(CSPSource) { | 199 DEFINE_TRACE(CSPSource) { |
195 visitor->trace(m_policy); | 200 visitor->trace(m_policy); |
196 } | 201 } |
197 | 202 |
198 } // namespace blink | 203 } // namespace blink |
OLD | NEW |