OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef EXTENSIONS_COMMON_CSP_VALIDATOR_H_ | 5 #ifndef EXTENSIONS_COMMON_CSP_VALIDATOR_H_ |
6 #define EXTENSIONS_COMMON_CSP_VALIDATOR_H_ | 6 #define EXTENSIONS_COMMON_CSP_VALIDATOR_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "extensions/common/manifest.h" | 10 #include "extensions/common/manifest.h" |
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
44 // | 44 // |
45 // |options| is a bitmask of Options. | 45 // |options| is a bitmask of Options. |
46 // | 46 // |
47 // If |warnings| is not NULL, any validation errors are appended to |warnings|. | 47 // If |warnings| is not NULL, any validation errors are appended to |warnings|. |
48 // Returns the sanitized policy. | 48 // Returns the sanitized policy. |
49 std::string SanitizeContentSecurityPolicy( | 49 std::string SanitizeContentSecurityPolicy( |
50 const std::string& policy, | 50 const std::string& policy, |
51 int options, | 51 int options, |
52 std::vector<InstallWarning>* warnings); | 52 std::vector<InstallWarning>* warnings); |
53 | 53 |
| 54 // Given the Content Security Policy of an app sandbox page, returns the |
| 55 // effective CSP for that sandbox page. |
| 56 // |
| 57 // The effective policy restricts the page from loading external web content |
| 58 // (frames and scripts) within the page. This is done through adding 'self' |
| 59 // directive source to relevant CSP directive names. |
| 60 // |
| 61 // If |warnings| is not nullptr, any validation errors are appended to |
| 62 // |warnings|. |
| 63 std::string GetEffectiveSandoxedPageCSP(const std::string& policy, |
| 64 std::vector<InstallWarning>* warnings); |
| 65 |
54 // Checks whether the given |policy| enforces a unique origin sandbox as | 66 // Checks whether the given |policy| enforces a unique origin sandbox as |
55 // defined by http://www.whatwg.org/specs/web-apps/current-work/multipage/ | 67 // defined by http://www.whatwg.org/specs/web-apps/current-work/multipage/ |
56 // the-iframe-element.html#attr-iframe-sandbox. The policy must have the | 68 // the-iframe-element.html#attr-iframe-sandbox. The policy must have the |
57 // "sandbox" directive, and the sandbox tokens must not include | 69 // "sandbox" directive, and the sandbox tokens must not include |
58 // "allow-same-origin". Additional restrictions may be imposed depending on | 70 // "allow-same-origin". Additional restrictions may be imposed depending on |
59 // |type|. | 71 // |type|. |
60 bool ContentSecurityPolicyIsSandboxed( | 72 bool ContentSecurityPolicyIsSandboxed( |
61 const std::string& policy, Manifest::Type type); | 73 const std::string& policy, Manifest::Type type); |
62 | 74 |
63 } // namespace csp_validator | 75 } // namespace csp_validator |
64 | 76 |
65 } // namespace extensions | 77 } // namespace extensions |
66 | 78 |
67 #endif // EXTENSIONS_COMMON_CSP_VALIDATOR_H_ | 79 #endif // EXTENSIONS_COMMON_CSP_VALIDATOR_H_ |
OLD | NEW |