OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2011 Google Inc. All Rights Reserved. | 2 * Copyright (C) 2011 Google Inc. All Rights Reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 11 matching lines...) Expand all Loading... | |
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 * | 24 * |
25 */ | 25 */ |
26 | 26 |
27 #include "core/dom/SecurityContext.h" | 27 #include "core/dom/SecurityContext.h" |
28 | 28 |
29 #include "core/frame/csp/ContentSecurityPolicy.h" | 29 #include "core/frame/csp/ContentSecurityPolicy.h" |
30 #include "platform/RuntimeEnabledFeatures.h" | 30 #include "platform/RuntimeEnabledFeatures.h" |
31 #include "platform/weborigin/SecurityOrigin.h" | 31 #include "platform/weborigin/SecurityOrigin.h" |
32 #include "public/platform/Platform.h" | |
32 | 33 |
33 namespace blink { | 34 namespace blink { |
34 | 35 |
35 SecurityContext::SecurityContext() | 36 SecurityContext::SecurityContext() |
36 : m_sandboxFlags(SandboxNone), | 37 : m_sandboxFlags(SandboxNone), |
37 m_addressSpace(WebAddressSpacePublic), | 38 m_addressSpace(WebAddressSpacePublic), |
38 m_insecureRequestPolicy(kLeaveInsecureRequestsAlone) {} | 39 m_insecureRequestPolicy(kLeaveInsecureRequestsAlone) {} |
39 | 40 |
40 SecurityContext::~SecurityContext() {} | 41 SecurityContext::~SecurityContext() {} |
41 | 42 |
42 DEFINE_TRACE(SecurityContext) { | 43 DEFINE_TRACE(SecurityContext) { |
43 visitor->trace(m_contentSecurityPolicy); | 44 visitor->trace(m_contentSecurityPolicy); |
44 } | 45 } |
45 | 46 |
46 void SecurityContext::setSecurityOrigin( | 47 void SecurityContext::setSecurityOrigin( |
47 PassRefPtr<SecurityOrigin> securityOrigin) { | 48 PassRefPtr<SecurityOrigin> securityOrigin) { |
48 m_securityOrigin = securityOrigin; | 49 m_securityOrigin = securityOrigin; |
50 updateFeaturePolicyOrigin(); | |
49 } | 51 } |
50 | 52 |
51 void SecurityContext::setContentSecurityPolicy( | 53 void SecurityContext::setContentSecurityPolicy( |
52 ContentSecurityPolicy* contentSecurityPolicy) { | 54 ContentSecurityPolicy* contentSecurityPolicy) { |
53 m_contentSecurityPolicy = contentSecurityPolicy; | 55 m_contentSecurityPolicy = contentSecurityPolicy; |
54 } | 56 } |
55 | 57 |
56 void SecurityContext::enforceSandboxFlags(SandboxFlags mask) { | 58 void SecurityContext::enforceSandboxFlags(SandboxFlags mask) { |
57 applySandboxFlags(mask); | 59 applySandboxFlags(mask); |
58 } | 60 } |
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
92 | 94 |
93 DCHECK(!suborigin.name().isEmpty()); | 95 DCHECK(!suborigin.name().isEmpty()); |
94 DCHECK(RuntimeEnabledFeatures::suboriginsEnabled()); | 96 DCHECK(RuntimeEnabledFeatures::suboriginsEnabled()); |
95 DCHECK(m_securityOrigin.get()); | 97 DCHECK(m_securityOrigin.get()); |
96 DCHECK(!m_securityOrigin->hasSuborigin() || | 98 DCHECK(!m_securityOrigin->hasSuborigin() || |
97 m_securityOrigin->suborigin()->name() == suborigin.name()); | 99 m_securityOrigin->suborigin()->name() == suborigin.name()); |
98 m_securityOrigin->addSuborigin(suborigin); | 100 m_securityOrigin->addSuborigin(suborigin); |
99 didUpdateSecurityOrigin(); | 101 didUpdateSecurityOrigin(); |
100 } | 102 } |
101 | 103 |
102 void SecurityContext::setFeaturePolicyFromHeader( | 104 void SecurityContext::initializeFeaturePolicy( |
103 const WebParsedFeaturePolicyHeader& parsedHeader, | 105 const WebParsedFeaturePolicyHeader& parsedHeader, |
104 FeaturePolicy* parentFeaturePolicy) { | 106 const WebFeaturePolicy* parentFeaturePolicy) { |
105 DCHECK(!m_featurePolicy); | 107 DCHECK(!m_featurePolicy); |
106 // TODO(iclelland): Use the frame owner properties here to pass the frame | 108 // TODO(iclelland): Use the frame owner properties here to pass the frame |
107 // policy, if it exists. | 109 // policy, if it exists. |
108 m_featurePolicy = FeaturePolicy::createFromParentPolicy( | 110 WebParsedFeaturePolicyHeader containerPolicy; |
109 parentFeaturePolicy, nullptr, m_securityOrigin); | 111 WebSecurityOrigin origin = WebSecurityOrigin(m_securityOrigin); |
110 m_featurePolicy->setHeaderPolicy(parsedHeader); | 112 m_featurePolicy.reset(Platform::current()->createFeaturePolicy( |
113 parentFeaturePolicy, containerPolicy, parsedHeader, origin)); | |
114 } | |
115 | |
116 void SecurityContext::updateFeaturePolicyOrigin() { | |
117 if (!m_featurePolicy) | |
118 return; | |
119 m_featurePolicy.reset(Platform::current()->duplicateFeaturePolicyWithOrigin( | |
120 *m_featurePolicy, WebSecurityOrigin(m_securityOrigin))); | |
haraken
2017/03/04 07:36:01
Oh, if your intention is just to *update* (not dup
iclelland
2017/03/06 04:17:40
That is really the only modification being conside
| |
111 } | 121 } |
112 | 122 |
113 } // namespace blink | 123 } // namespace blink |
OLD | NEW |