Chromium Code Reviews Chromium Code Reviews
Issue 2612793002:
Implement ContentSecurityPolicy on the browser-side. (Closed)
| Index: content/common/content_security_policy/csp_context.cc |
| diff --git a/content/common/content_security_policy/csp_context.cc b/content/common/content_security_policy/csp_context.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..cea8f47a29f91713c62fc57e74f5ff451d897b5f |
| --- /dev/null |
| +++ b/content/common/content_security_policy/csp_context.cc |
| @@ -0,0 +1,90 @@ |
| +// Copyright 2017 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "content/common/content_security_policy/csp_context.h" |
| + |
| +namespace content { |
| + |
| +CSPContext::CSPContext() |
| + : has_self_(false), |
| + self_scheme_(""), |
|
nasko
2017/02/17 01:03:15
nit: No need to initialize it to empty string expl
arthursonzogni
2017/02/17 09:30:22
Done.
|
| + self_source_("", "", false, -1, false, "") {} |
|
nasko
2017/02/17 01:03:16
s/""/std::string()/, use url::PORT_UNSPECIFIED as
arthursonzogni
2017/02/17 09:30:22
I have a default constructor that already does the
|
| +CSPContext::~CSPContext() {} |
| + |
| +bool CSPContext::Allow(const std::vector<ContentSecurityPolicy>& policies, |
| + CSPDirective::Name directive_name, |
| + const GURL& url, |
| + bool is_redirect) { |
| + if (this->SchemeShouldBypassCSP(url.scheme_piece())) |
|
nasko
2017/02/17 01:03:16
nit: Chromium code avoids using "this->".
arthursonzogni
2017/02/17 09:30:22
Done.
|
| + return true; |
| + |
| + for (const auto& policy : policies) { |
| + if (!ContentSecurityPolicy::Allow(policy, directive_name, url, this, |
| + is_redirect)) |
| + return false; |
| + } |
| + return true; |
| +} |
| + |
| +void CSPContext::SetSelf(const url::Origin origin) { |
| + if (origin.unique()) { |
| + // TODO(arthursonzogni): Decide what to do with unique origins. |
| + has_self_ = false; |
| + return; |
| + } |
| + |
| + if (origin.scheme() == "file") { |
|
nasko
2017/02/17 01:03:17
nit: Please use symbolic constants, kFileScheme in
arthursonzogni
2017/02/17 09:30:22
Done.
|
| + has_self_ = true; |
| + self_scheme_ = "file"; |
| + self_source_ = |
| + CSPSource("file", "", false, url::PORT_UNSPECIFIED, false, ""); |
| + return; |
| + } |
| + |
| + has_self_ = true; |
| + self_scheme_ = origin.scheme(); |
| + self_source_ = CSPSource( |
| + origin.scheme(), origin.host(), false, |
| + origin.port() == 0 ? url::PORT_UNSPECIFIED : origin.port(), // port |
| + false, ""); |
| +} |
| + |
| +bool CSPContext::AllowSelf(const GURL& url) { |
| + return has_self_ && CSPSource::Allow(self_source_, url, this); |
| +} |
| + |
| +bool CSPContext::ProtocolMatchesSelf(const GURL& url) { |
| + if (!has_self_) |
| + return false; |
| + if (self_scheme_ == url::kHttpScheme) |
|
nasko
2017/02/17 01:03:17
What about httpS?
arthursonzogni
2017/02/17 09:30:22
I don't know what is the correct behavior, but at
|
| + return url.SchemeIsHTTPOrHTTPS() || url.SchemeIsSuborigin(); |
| + return url.SchemeIs(self_scheme_); |
| +} |
| + |
| +void CSPContext::LogToConsole(const std::string& message) { |
| + return; |
| +} |
| + |
| +bool CSPContext::SchemeShouldBypassCSP(const base::StringPiece& scheme) { |
| + return false; |
| +} |
| + |
| +bool CSPContext::SelfSchemeShouldBypassCSP() { |
| + if (!has_self_) |
| + return false; |
| + return SchemeShouldBypassCSP(self_scheme_); |
|
nasko
2017/02/17 01:03:16
This method isn't virtual, so it cannot be overrid
arthursonzogni
2017/02/17 09:30:22
SchemeShouldBypassCSP is virtual :)
|
| +} |
| + |
| +void CSPContext::ReportViolation( |
| + const std::string& directive_text, |
| + const std::string& effective_directive, |
| + const std::string& message, |
| + const GURL& blocked_url, |
| + const std::vector<std::string>& report_end_points, |
| + const std::string& header, |
| + blink::WebContentSecurityPolicyType disposition) { |
| + return; |
| +} |
| + |
| +} // namespace content |
