| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include <sstream> |
| 6 |
| 7 #include "base/strings/string_util.h" |
| 8 #include "base/strings/utf_string_conversions.h" |
| 9 #include "content/common/content_security_policy/csp_context.h" |
| 10 #include "url/url_canon.h" |
| 11 #include "url/url_util.h" |
| 12 |
| 13 namespace content { |
| 14 |
| 15 namespace { |
| 16 |
| 17 bool DecodePath(const base::StringPiece& path, std::string* output) { |
| 18 url::RawCanonOutputT<base::char16> unescaped; |
| 19 url::DecodeURLEscapeSequences(path.data(), path.size(), &unescaped); |
| 20 return base::UTF16ToUTF8(unescaped.data(), unescaped.length(), output); |
| 21 } |
| 22 |
| 23 int DefaultPortForScheme(const std::string& scheme) { |
| 24 return url::DefaultPortForScheme(scheme.data(), scheme.size()); |
| 25 } |
| 26 |
| 27 bool SourceAllowScheme(const CSPSource& source, |
| 28 const GURL& url, |
| 29 CSPContext* context) { |
| 30 if (source.scheme.empty()) |
| 31 return context->ProtocolMatchesSelf(url); |
| 32 if (source.scheme == url::kHttpScheme) |
| 33 return url.SchemeIsHTTPOrHTTPS(); |
| 34 if (source.scheme == url::kWsScheme) |
| 35 return url.SchemeIsWSOrWSS(); |
| 36 return url.SchemeIs(source.scheme); |
| 37 } |
| 38 |
| 39 bool SourceAllowHost(const CSPSource& source, const GURL& url) { |
| 40 if (source.is_host_wildcard) { |
| 41 if (source.host.empty()) |
| 42 return true; |
| 43 // TODO(arthursonzogni): Chrome used to, incorrectly, match *.x.y to x.y. |
| 44 // The renderer version of this function count how many times it happens. |
| 45 // It might be useful to do it outside of blink too. |
| 46 // See third_party/WebKit/Source/core/frame/csp/CSPSource.cpp |
| 47 return base::EndsWith(url.host(), '.' + source.host, |
| 48 base::CompareCase::INSENSITIVE_ASCII); |
| 49 } else |
| 50 return url.host() == source.host; |
| 51 } |
| 52 |
| 53 bool SourceAllowPort(const CSPSource& source, const GURL& url) { |
| 54 int url_port = url.EffectiveIntPort(); |
| 55 |
| 56 if (source.is_port_wildcard) |
| 57 return true; |
| 58 |
| 59 if (source.port == url::PORT_UNSPECIFIED) |
| 60 return DefaultPortForScheme(url.scheme()) == url_port; |
| 61 |
| 62 if (source.port == url_port) |
| 63 return true; |
| 64 |
| 65 if (source.port == 80 && url_port == 443) |
| 66 return true; |
| 67 |
| 68 return false; |
| 69 } |
| 70 |
| 71 bool SourceAllowPath(const CSPSource& source, |
| 72 const GURL& url, |
| 73 bool is_redirect) { |
| 74 if (is_redirect) |
| 75 return true; |
| 76 |
| 77 if (source.path.empty() || url.path().empty()) |
| 78 return true; |
| 79 |
| 80 std::string url_path; |
| 81 if (!DecodePath(url.path(), &url_path)) { |
| 82 // TODO(arthursonzogni): try to figure out if that could happen and how to |
| 83 // handle it. |
| 84 return false; |
| 85 } |
| 86 |
| 87 // If the path represents a directory. |
| 88 if (base::EndsWith(source.path, "/", base::CompareCase::SENSITIVE)) |
| 89 return base::StartsWith(url_path, source.path, |
| 90 base::CompareCase::SENSITIVE); |
| 91 |
| 92 // The path represents a file. |
| 93 return source.path == url_path; |
| 94 } |
| 95 |
| 96 } // namespace |
| 97 |
| 98 CSPSource::CSPSource() |
| 99 : scheme(), |
| 100 host(), |
| 101 is_host_wildcard(false), |
| 102 port(url::PORT_UNSPECIFIED), |
| 103 is_port_wildcard(false), |
| 104 path() {} |
| 105 |
| 106 CSPSource::CSPSource(const std::string& scheme, |
| 107 const std::string& host, |
| 108 bool is_host_wildcard, |
| 109 int port, |
| 110 bool is_port_wildcard, |
| 111 const std::string& path) |
| 112 : scheme(scheme), |
| 113 host(host), |
| 114 is_host_wildcard(is_host_wildcard), |
| 115 port(port), |
| 116 is_port_wildcard(is_port_wildcard), |
| 117 path(path) { |
| 118 DCHECK(!HasPort() || HasHost()); // port => host |
| 119 DCHECK(!HasPath() || HasHost()); // path => host |
| 120 DCHECK(!is_port_wildcard || port == url::PORT_UNSPECIFIED); |
| 121 } |
| 122 |
| 123 CSPSource::CSPSource(const CSPSource& source) = default; |
| 124 CSPSource::~CSPSource() = default; |
| 125 |
| 126 // static |
| 127 bool CSPSource::Allow(const CSPSource& source, |
| 128 const GURL& url, |
| 129 CSPContext* context, |
| 130 bool is_redirect) { |
| 131 if (source.IsSchemeOnly()) |
| 132 return SourceAllowScheme(source, url, context); |
| 133 |
| 134 return SourceAllowScheme(source, url, context) && |
| 135 SourceAllowHost(source, url) && SourceAllowPort(source, url) && |
| 136 SourceAllowPath(source, url, is_redirect); |
| 137 } |
| 138 |
| 139 std::string CSPSource::ToString() const { |
| 140 // scheme |
| 141 if (IsSchemeOnly()) |
| 142 return scheme + ":"; |
| 143 |
| 144 std::stringstream text; |
| 145 if (!scheme.empty()) |
| 146 text << scheme << "://"; |
| 147 |
| 148 // host |
| 149 if (is_host_wildcard) { |
| 150 if (host.empty()) |
| 151 text << "*"; |
| 152 else |
| 153 text << "*." << host; |
| 154 } else { |
| 155 text << host; |
| 156 } |
| 157 |
| 158 // port |
| 159 if (is_port_wildcard) |
| 160 text << ":*"; |
| 161 if (port != url::PORT_UNSPECIFIED) |
| 162 text << ":" << port; |
| 163 |
| 164 // path |
| 165 text << path; |
| 166 |
| 167 return text.str(); |
| 168 } |
| 169 |
| 170 bool CSPSource::IsSchemeOnly() const { |
| 171 return !HasHost(); |
| 172 } |
| 173 |
| 174 bool CSPSource::HasPort() const { |
| 175 return port != url::PORT_UNSPECIFIED || is_port_wildcard; |
| 176 } |
| 177 |
| 178 bool CSPSource::HasHost() const { |
| 179 return !host.empty() || is_host_wildcard; |
| 180 } |
| 181 |
| 182 bool CSPSource::HasPath() const { |
| 183 return !path.empty(); |
| 184 } |
| 185 |
| 186 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2612793002:
Implement ContentSecurityPolicy on the browser-side. (Closed)
