content/renderer/content_security_policy_util.cc - Issue 2612793002: Implement ContentSecurityPolicy on the browser-side.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/renderer/content_security_policy_util.cc

Issue 2612793002: Implement ContentSecurityPolicy on the browser-side. (Closed)

Patch Set: Add the TODO and bug ids that was forgotten. Created 3 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: content/renderer/content_security_policy_util.cc

diff --git a/content/renderer/content_security_policy_util.cc b/content/renderer/content_security_policy_util.cc

new file mode 100644

index 0000000000000000000000000000000000000000..7ba2900b3a88fcd8b6083e011c747af5a45b57f5

--- /dev/null

+++ b/content/renderer/content_security_policy_util.cc

@@ -0,0 +1,57 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#include "content/renderer/content_security_policy_util.h"

+#include "third_party/WebKit/public/platform/WebContentSecurityPolicyStruct.h"

+namespace content {

+CSPSource BuildCSPSource(

+ const blink::WebContentSecurityPolicySourceExpression& source) {

+ return CSPSource(

+ source.scheme.utf8(), // scheme

+ source.host.utf8(), // host

+ source.isHostWildcard == blink::WebWildcardDispositionHasWildcard,

+ source.port == 0 ? url::PORT_UNSPECIFIED : source.port, // port

+ source.isPortWildcard == blink::WebWildcardDispositionHasWildcard,

+ source.path.utf8()); // path

+CSPSourceList BuildCSPSourceList(

+ const blink::WebContentSecurityPolicySourceList& source_list) {

+ std::vector<CSPSource> sources;

+ for (const auto& source : source_list.sources) {

+ sources.push_back(BuildCSPSource(source));

+ }

+ return CSPSourceList(source_list.allowSelf, // allow_self

+ source_list.allowStar, // allow_star

+ sources); // source_list

+CSPDirective BuildCSPDirective(

+ const blink::WebContentSecurityPolicyDirective& directive) {

+ return CSPDirective(

+ CSPDirective::StringToName(directive.name.utf8()), // name

+ BuildCSPSourceList(directive.sourceList)); // source_list

+ContentSecurityPolicy BuildContentSecurityPolicy(

+ const blink::WebContentSecurityPolicyPolicy& policy) {

+ std::vector<CSPDirective> directives;

+ for (const auto& directive : policy.directives)

+ directives.push_back(BuildCSPDirective(directive));

+ std::vector<std::string> report_endpoints;

+ for (const blink::WebString& endpoint : policy.reportEndpoints)

+ report_endpoints.push_back(endpoint.utf8());

+ return ContentSecurityPolicy(policy.disposition, // disposition

+ policy.source, // source

+ directives, // directives

+ report_endpoints, // report_endpoints

+ policy.header.utf8()); // header

+} // namespace content

« no previous file with comments | « content/renderer/content_security_policy_util.h ('k') | content/renderer/render_frame_impl.h » ('j') | no next file with comments »