Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1330)

Unified Diff: content/renderer/content_security_policy_util.cc

Issue 2612793002: Implement ContentSecurityPolicy on the browser-side. (Closed)
Patch Set: Rename SchemeShouldBypass => SchemeShouldBypassCSP. Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: content/renderer/content_security_policy_util.cc
diff --git a/content/renderer/content_security_policy_util.cc b/content/renderer/content_security_policy_util.cc
new file mode 100644
index 0000000000000000000000000000000000000000..2f79fb79b8d0cba9ff29e2d824ffa092f031fcdb
--- /dev/null
+++ b/content/renderer/content_security_policy_util.cc
@@ -0,0 +1,55 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/renderer/content_security_policy_util.h"
+#include "third_party/WebKit/public/platform/WebContentSecurityPolicyStruct.h"
+
+namespace content {
+
+CSPSource BuildCSPSource(
+ const blink::WebContentSecurityPolicySourceExpression& source) {
+ return CSPSource(
+ source.scheme.utf8(), // scheme
+ source.host.utf8(), // host
+ source.isHostWildcard, // is_host_wildcard
+ source.port == 0 ? url::PORT_UNSPECIFIED : source.port, // port
+ source.isPortWildcard, // is_port_wildcard
+ source.path.utf8()); // path
+}
+
+CSPSourceList BuildCSPSourceList(
+ const blink::WebContentSecurityPolicySourceList& source_list) {
+ std::vector<CSPSource> sources;
+ for (const auto& source : source_list.sourceList) {
+ sources.push_back(BuildCSPSource(source));
+ }
+
+ return CSPSourceList(source_list.allowSelf, // allow_self
+ source_list.allowStar, // allow_star
+ sources); // source_list
+}
+
+CSPDirective BuildCSPDirective(
+ const blink::WebContentSecurityPolicyDirective& directive) {
+ return CSPDirective(
+ CSPDirective::StringToName(directive.name.utf8()), // name
+ BuildCSPSourceList(directive.sourceList)); // source_list
+}
+
+CSPPolicy BuildCSPPolicy(const blink::WebContentSecurityPolicyPolicy& policy) {
+ std::vector<CSPDirective> directives;
+ for (const auto& directive : policy.directives)
+ directives.push_back(BuildCSPDirective(directive));
+
+ std::vector<std::string> report_endpoints;
+ for (const blink::WebString& endpoint : policy.reportEndpoints)
+ report_endpoints.push_back(endpoint.utf8());
+
+ return CSPPolicy(policy.disposition, // disposition
+ policy.source, // source
+ directives, // directives
+ report_endpoints); // report_endpoints
+}
+
+} // namespace content

Powered by Google App Engine
This is Rietveld 408576698