OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/CSPDirectiveList.h" | 5 #include "core/frame/csp/CSPDirectiveList.h" |
6 | 6 |
7 #include "bindings/core/v8/SourceLocation.h" | 7 #include "bindings/core/v8/SourceLocation.h" |
8 #include "core/dom/Document.h" | 8 #include "core/dom/Document.h" |
9 #include "core/dom/SecurityContext.h" | 9 #include "core/dom/SecurityContext.h" |
10 #include "core/dom/SpaceSplitString.h" | 10 #include "core/dom/SpaceSplitString.h" |
(...skipping 1246 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1257 // Aggregate all serialized source lists of the returned CSP into a vector | 1257 // Aggregate all serialized source lists of the returned CSP into a vector |
1258 // based on a directive type, defaulting accordingly (for example, to | 1258 // based on a directive type, defaulting accordingly (for example, to |
1259 // `default-src`). | 1259 // `default-src`). |
1260 SourceListDirectiveVector returned = getSourceVector(directive, other); | 1260 SourceListDirectiveVector returned = getSourceVector(directive, other); |
1261 // TODO(amalika): Add checks for plugin-types, sandbox, disown-opener, | 1261 // TODO(amalika): Add checks for plugin-types, sandbox, disown-opener, |
1262 // navigation-to, worker-src. | 1262 // navigation-to, worker-src. |
1263 if (!required->subsumes(returned)) | 1263 if (!required->subsumes(returned)) |
1264 return false; | 1264 return false; |
1265 } | 1265 } |
1266 | 1266 |
1267 return true; | 1267 if (!hasPluginTypes()) |
1268 return true; | |
1269 | |
1270 HeapVector<Member<MediaListDirective>> pluginTypesOther; | |
1271 for (const auto& policy : other) { | |
1272 if (policy->hasPluginTypes()) | |
amalika
2016/12/13 14:42:08
Changing to hasPluginTypes()
| |
1273 pluginTypesOther.append(policy->m_pluginTypes); | |
1274 } | |
1275 | |
1276 return m_pluginTypes->subsumes(pluginTypesOther); | |
1268 } | 1277 } |
1269 | 1278 |
1270 DEFINE_TRACE(CSPDirectiveList) { | 1279 DEFINE_TRACE(CSPDirectiveList) { |
1271 visitor->trace(m_policy); | 1280 visitor->trace(m_policy); |
1272 visitor->trace(m_pluginTypes); | 1281 visitor->trace(m_pluginTypes); |
1273 visitor->trace(m_baseURI); | 1282 visitor->trace(m_baseURI); |
1274 visitor->trace(m_childSrc); | 1283 visitor->trace(m_childSrc); |
1275 visitor->trace(m_connectSrc); | 1284 visitor->trace(m_connectSrc); |
1276 visitor->trace(m_defaultSrc); | 1285 visitor->trace(m_defaultSrc); |
1277 visitor->trace(m_fontSrc); | 1286 visitor->trace(m_fontSrc); |
1278 visitor->trace(m_formAction); | 1287 visitor->trace(m_formAction); |
1279 visitor->trace(m_frameAncestors); | 1288 visitor->trace(m_frameAncestors); |
1280 visitor->trace(m_frameSrc); | 1289 visitor->trace(m_frameSrc); |
1281 visitor->trace(m_imgSrc); | 1290 visitor->trace(m_imgSrc); |
1282 visitor->trace(m_mediaSrc); | 1291 visitor->trace(m_mediaSrc); |
1283 visitor->trace(m_manifestSrc); | 1292 visitor->trace(m_manifestSrc); |
1284 visitor->trace(m_objectSrc); | 1293 visitor->trace(m_objectSrc); |
1285 visitor->trace(m_scriptSrc); | 1294 visitor->trace(m_scriptSrc); |
1286 visitor->trace(m_styleSrc); | 1295 visitor->trace(m_styleSrc); |
1287 visitor->trace(m_workerSrc); | 1296 visitor->trace(m_workerSrc); |
1288 } | 1297 } |
1289 | 1298 |
1290 } // namespace blink | 1299 } // namespace blink |
OLD | NEW |