OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_ | |
6 #define CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_ | |
7 | |
8 #include <vector> | |
9 | |
10 #include "content/common/content_export.h" | |
11 #include "content/common/content_security_policy/csp_policy.h" | |
12 #include "content/common/content_security_policy_header.h" | |
13 #include "url/gurl.h" | |
14 #include "url/origin.h" | |
15 | |
16 namespace content { | |
17 | |
18 // A CSPContext define every dependencies that have to be implemented to be | |
Mike West
2017/02/15 16:18:18
I don't really understand what this means. What de
arthursonzogni
2017/02/16 13:30:25
What dependencies?
The functionality defined here
| |
19 // able to check the Content-Security-Policy and report violations to the users. | |
20 class CONTENT_EXPORT CSPContext { | |
21 public: | |
22 CSPContext(); | |
23 virtual ~CSPContext(); | |
24 | |
25 bool Allow(const std::vector<CSPPolicy>& policies, | |
26 CSPDirective::Name directive_name, | |
27 const GURL& url, | |
28 bool is_redirect = false); | |
29 | |
30 void SetSelf(const url::Origin origin); | |
31 bool AllowSelf(const GURL& url); | |
32 bool ProtocolMatchesSelf(const GURL& url); | |
33 | |
34 virtual void LogToConsole(const std::string& message); | |
35 virtual void ReportViolation( | |
36 const std::string& directive_text, | |
37 const std::string& effective_directive, | |
38 const std::string& message, | |
39 const GURL& blocked_url, | |
40 const std::vector<std::string>& report_end_points, | |
41 const std::string& header, | |
42 blink::WebContentSecurityPolicyType disposition); | |
43 | |
44 bool SelfSchemeShouldBypassCSP(); | |
45 | |
46 private: | |
47 virtual bool SchemeShouldBypassCSP(const base::StringPiece& scheme); | |
48 | |
49 bool has_self_ = false; | |
50 std::string self_scheme_; | |
51 CSPSource self_source_; | |
52 | |
53 DISALLOW_COPY_AND_ASSIGN(CSPContext); | |
54 }; | |
55 | |
56 } // namespace content | |
57 #endif // CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_ | |
OLD | NEW |