Implement ContentSecurityPolicy on the browser-side.

content/common/content_security_policy/csp_source.h

Index: content/common/content_security_policy/csp_source.h
diff --git a/content/common/content_security_policy/csp_source.h b/content/common/content_security_policy/csp_source.h
new file mode 100644
index 0000000000000000000000000000000000000000..a1e82d498725d489cc5e7bacb135a42377e20e91
--- /dev/null
+++ b/content/common/content_security_policy/csp_source.h
@@ -0,0 +1,61 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_SOURCE_H_
+#define CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_SOURCE_H_
+
+#include <string>
+
+#include "content/common/content_export.h"
+#include "url/gurl.h"
+
+namespace content {
+
+class CSPContext;
+
+struct CONTENT_EXPORT CSPSource {

[Mike West, 2017/02/13 14:10:51]

If your struct has methods and private members, it's probably not a struct. :)

[arthursonzogni, 2017/02/14 17:07:03]

Yes, but I really want this struct to be a struct :)
I want to keep it simple and since it is transmitted through IPC, a struct is
preferable.
BTW, every methods are const.

What do you prefer?
1) I can move methods from private to public.
2) I can move methods out of the struct.
3) I can turn the struct into a class.

[Mike West, 2017/02/15 16:18:17]

I'll defer to //content/common OWNERS, I suppose, but it seems very strange to
hang all of this functionality on a struct.

Did you consider refactoring the matching functions into static utility methods?
That's still ugly, but at least the struct wouldn't have magical private
functionality.

+  CSPSource();
+  CSPSource(const std::string& scheme,
+            const std::string& host,
+            bool is_host_wildcard,
+            int port,
+            bool is_port_wildcard,
+            const std::string& path);
+  CSPSource(const CSPSource& source);
+  ~CSPSource();
+
+  // Scheme.
+  std::string scheme;
+
+  // Host.
+  std::string host;
+  bool is_host_wildcard;
+
+  // port.
+  int port;
+  bool is_port_wildcard;
+
+  // Path.
+  std::string path;
+
+  bool Allow(CSPContext* context,
+             const GURL& url,
+             bool is_redirect = false) const;
+
+  std::string ToString() const;
+
+ private:
+  bool IsSchemeOnly() const;
+  bool HasPort() const;
+  bool HasHost() const;
+  bool HasPath() const;
+
+  bool AllowScheme(const GURL& url, CSPContext* context) const;
+  bool AllowHost(const GURL& url) const;
+  bool AllowPort(const GURL& url) const;
+  bool AllowPath(const GURL& url, bool is_redirect) const;
+};
+
+}  // namespace content
+#endif  // CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_SOURCE_H_