| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Google Inc. All Rights Reserved. | 2 * Copyright (C) 2011 Google Inc. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 50 class SecurityOrigin; | 50 class SecurityOrigin; |
| 51 class ContentSecurityPolicy; | 51 class ContentSecurityPolicy; |
| 52 | 52 |
| 53 class CORE_EXPORT SecurityContext : public GarbageCollectedMixin { | 53 class CORE_EXPORT SecurityContext : public GarbageCollectedMixin { |
| 54 WTF_MAKE_NONCOPYABLE(SecurityContext); | 54 WTF_MAKE_NONCOPYABLE(SecurityContext); |
| 55 | 55 |
| 56 public: | 56 public: |
| 57 DECLARE_VIRTUAL_TRACE(); | 57 DECLARE_VIRTUAL_TRACE(); |
| 58 | 58 |
| 59 using InsecureNavigationsSet = HashSet<unsigned, WTF::AlreadyHashed>; | 59 using InsecureNavigationsSet = HashSet<unsigned, WTF::AlreadyHashed>; |
| 60 static std::vector<unsigned> serializeInsecureNavigationSet( |
| 61 const InsecureNavigationsSet&); |
| 60 | 62 |
| 61 SecurityOrigin* getSecurityOrigin() const { return m_securityOrigin.get(); } | 63 SecurityOrigin* getSecurityOrigin() const { return m_securityOrigin.get(); } |
| 62 ContentSecurityPolicy* contentSecurityPolicy() const { | 64 ContentSecurityPolicy* contentSecurityPolicy() const { |
| 63 return m_contentSecurityPolicy.get(); | 65 return m_contentSecurityPolicy.get(); |
| 64 } | 66 } |
| 65 | 67 |
| 66 // Explicitly override the security origin for this security context. | 68 // Explicitly override the security origin for this security context. |
| 67 // Note: It is dangerous to change the security origin of a script context | 69 // Note: It is dangerous to change the security origin of a script context |
| 68 // that already contains content. | 70 // that already contains content. |
| 69 void setSecurityOrigin(PassRefPtr<SecurityOrigin>); | 71 void setSecurityOrigin(PassRefPtr<SecurityOrigin>); |
| 70 virtual void didUpdateSecurityOrigin() = 0; | 72 virtual void didUpdateSecurityOrigin() = 0; |
| 71 | 73 |
| 72 SandboxFlags getSandboxFlags() const { return m_sandboxFlags; } | 74 SandboxFlags getSandboxFlags() const { return m_sandboxFlags; } |
| 73 bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; } | 75 bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; } |
| 74 virtual void enforceSandboxFlags(SandboxFlags mask); | 76 virtual void enforceSandboxFlags(SandboxFlags mask); |
| 75 | 77 |
| 76 void setAddressSpace(WebAddressSpace space) { m_addressSpace = space; } | 78 void setAddressSpace(WebAddressSpace space) { m_addressSpace = space; } |
| 77 WebAddressSpace addressSpace() const { return m_addressSpace; } | 79 WebAddressSpace addressSpace() const { return m_addressSpace; } |
| 78 String addressSpaceForBindings() const; | 80 String addressSpaceForBindings() const; |
| 79 | 81 |
| 82 void setInsecureNavigationsSet(const std::vector<unsigned>& set) { |
| 83 m_insecureNavigationsToUpgrade.clear(); |
| 84 for (unsigned hash : set) |
| 85 m_insecureNavigationsToUpgrade.add(hash); |
| 86 } |
| 80 void addInsecureNavigationUpgrade(unsigned hashedHost) { | 87 void addInsecureNavigationUpgrade(unsigned hashedHost) { |
| 81 m_insecureNavigationsToUpgrade.add(hashedHost); | 88 m_insecureNavigationsToUpgrade.add(hashedHost); |
| 82 } | 89 } |
| 83 InsecureNavigationsSet* insecureNavigationsToUpgrade() { | 90 InsecureNavigationsSet* insecureNavigationsToUpgrade() { |
| 84 return &m_insecureNavigationsToUpgrade; | 91 return &m_insecureNavigationsToUpgrade; |
| 85 } | 92 } |
| 86 | 93 |
| 87 virtual void setInsecureRequestPolicy(WebInsecureRequestPolicy policy) { | 94 virtual void setInsecureRequestPolicy(WebInsecureRequestPolicy policy) { |
| 88 m_insecureRequestPolicy = policy; | 95 m_insecureRequestPolicy = policy; |
| 89 } | 96 } |
| (...skipping 26 matching lines...) Expand all Loading... |
| 116 SandboxFlags m_sandboxFlags; | 123 SandboxFlags m_sandboxFlags; |
| 117 | 124 |
| 118 WebAddressSpace m_addressSpace; | 125 WebAddressSpace m_addressSpace; |
| 119 WebInsecureRequestPolicy m_insecureRequestPolicy; | 126 WebInsecureRequestPolicy m_insecureRequestPolicy; |
| 120 InsecureNavigationsSet m_insecureNavigationsToUpgrade; | 127 InsecureNavigationsSet m_insecureNavigationsToUpgrade; |
| 121 }; | 128 }; |
| 122 | 129 |
| 123 } // namespace blink | 130 } // namespace blink |
| 124 | 131 |
| 125 #endif // SecurityContext_h | 132 #endif // SecurityContext_h |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2557063002:
Upgrade Insecure Requests: bugfixes, tests, and support for OOPIF.
