OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CSPDirectiveList_h | 5 #ifndef CSPDirectiveList_h |
6 #define CSPDirectiveList_h | 6 #define CSPDirectiveList_h |
7 | 7 |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "core/frame/csp/MediaListDirective.h" | 9 #include "core/frame/csp/MediaListDirective.h" |
10 #include "core/frame/csp/SourceListDirective.h" | 10 #include "core/frame/csp/SourceListDirective.h" |
11 #include "platform/heap/Handle.h" | 11 #include "platform/heap/Handle.h" |
12 #include "platform/loader/fetch/Resource.h" | 12 #include "platform/loader/fetch/Resource.h" |
13 #include "platform/network/ContentSecurityPolicyParsers.h" | 13 #include "platform/network/ContentSecurityPolicyParsers.h" |
14 #include "platform/network/HTTPParsers.h" | 14 #include "platform/network/HTTPParsers.h" |
15 #include "platform/network/ResourceRequest.h" | 15 #include "platform/network/ResourceRequest.h" |
16 #include "platform/weborigin/KURL.h" | 16 #include "platform/weborigin/KURL.h" |
17 #include "public/platform/WebContentSecurityPolicy.h" | |
17 #include "wtf/Vector.h" | 18 #include "wtf/Vector.h" |
18 #include "wtf/text/AtomicString.h" | 19 #include "wtf/text/AtomicString.h" |
19 #include "wtf/text/WTFString.h" | 20 #include "wtf/text/WTFString.h" |
20 | 21 |
21 namespace blink { | 22 namespace blink { |
22 | 23 |
23 class ContentSecurityPolicy; | 24 class ContentSecurityPolicy; |
24 | 25 |
25 typedef HeapVector<Member<SourceListDirective>> SourceListDirectiveVector; | 26 typedef HeapVector<Member<SourceListDirective>> SourceListDirectiveVector; |
26 | 27 |
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
155 // browsing context. | 156 // browsing context. |
156 bool hasPluginTypes() const { return !!m_pluginTypes; } | 157 bool hasPluginTypes() const { return !!m_pluginTypes; } |
157 const String& pluginTypesText() const; | 158 const String& pluginTypesText() const; |
158 | 159 |
159 bool shouldSendCSPHeader(Resource::Type) const; | 160 bool shouldSendCSPHeader(Resource::Type) const; |
160 | 161 |
161 // The algorithm is described here: | 162 // The algorithm is described here: |
162 // https://w3c.github.io/webappsec-csp/embedded/#subsume-policy | 163 // https://w3c.github.io/webappsec-csp/embedded/#subsume-policy |
163 bool subsumes(const CSPDirectiveListVector&); | 164 bool subsumes(const CSPDirectiveListVector&); |
164 | 165 |
166 WebContentSecurityPolicyPolicy expose() const; | |
Mike West
2017/02/13 14:10:51
Please add a comment here regarding the directives
arthursonzogni
2017/02/14 17:07:03
Yes, it is very important. Done.
I also added some
| |
167 | |
165 DECLARE_TRACE(); | 168 DECLARE_TRACE(); |
166 | 169 |
167 private: | 170 private: |
168 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, IsMatchingNoncePresent); | 171 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, IsMatchingNoncePresent); |
169 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, GetSourceVector); | 172 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, GetSourceVector); |
170 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, OperativeDirectiveGivenType); | 173 FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, OperativeDirectiveGivenType); |
171 | 174 |
172 enum RequireSRIForToken { None = 0, Script = 1 << 0, Style = 1 << 1 }; | 175 enum RequireSRIForToken { None = 0, Script = 1 << 0, Style = 1 << 1 }; |
173 | 176 |
174 CSPDirectiveList(ContentSecurityPolicy*, | 177 CSPDirectiveList(ContentSecurityPolicy*, |
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
317 uint8_t m_requireSRIFor; | 320 uint8_t m_requireSRIFor; |
318 | 321 |
319 Vector<String> m_reportEndpoints; | 322 Vector<String> m_reportEndpoints; |
320 | 323 |
321 String m_evalDisabledErrorMessage; | 324 String m_evalDisabledErrorMessage; |
322 }; | 325 }; |
323 | 326 |
324 } // namespace blink | 327 } // namespace blink |
325 | 328 |
326 #endif | 329 #endif |
OLD | NEW |