OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_BROWSER_FRAME_HOST_FRAME_TREE_NODE_H_ | 5 #ifndef CONTENT_BROWSER_FRAME_HOST_FRAME_TREE_NODE_H_ |
6 #define CONTENT_BROWSER_FRAME_HOST_FRAME_TREE_NODE_H_ | 6 #define CONTENT_BROWSER_FRAME_HOST_FRAME_TREE_NODE_H_ |
7 | 7 |
8 #include <stddef.h> | 8 #include <stddef.h> |
9 | 9 |
10 #include <memory> | 10 #include <memory> |
11 #include <string> | 11 #include <string> |
12 #include <vector> | 12 #include <vector> |
13 | 13 |
14 #include "base/macros.h" | 14 #include "base/macros.h" |
15 #include "base/memory/ref_counted.h" | 15 #include "base/memory/ref_counted.h" |
16 #include "content/browser/frame_host/frame_tree_node_blame_context.h" | 16 #include "content/browser/frame_host/frame_tree_node_blame_context.h" |
17 #include "content/browser/frame_host/render_frame_host_impl.h" | 17 #include "content/browser/frame_host/render_frame_host_impl.h" |
18 #include "content/browser/frame_host/render_frame_host_manager.h" | 18 #include "content/browser/frame_host/render_frame_host_manager.h" |
19 #include "content/common/content_export.h" | 19 #include "content/common/content_export.h" |
20 #include "content/common/content_security_policy/csp_policy.h" | 20 #include "content/common/content_security_policy/csp_context.h" |
21 #include "content/common/frame_owner_properties.h" | 21 #include "content/common/frame_owner_properties.h" |
22 #include "content/common/frame_replication_state.h" | 22 #include "content/common/frame_replication_state.h" |
23 #include "third_party/WebKit/public/platform/WebInsecureRequestPolicy.h" | 23 #include "third_party/WebKit/public/platform/WebInsecureRequestPolicy.h" |
24 #include "url/gurl.h" | 24 #include "url/gurl.h" |
25 #include "url/origin.h" | 25 #include "url/origin.h" |
26 | 26 |
27 namespace content { | 27 namespace content { |
28 | 28 |
29 class FrameTree; | 29 class FrameTree; |
30 class NavigationRequest; | 30 class NavigationRequest; |
(...skipping 140 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
171 // Add CSP header to replication state, notify proxies about the update and | 171 // Add CSP header to replication state, notify proxies about the update and |
172 // enforce it on the browser. | 172 // enforce it on the browser. |
173 void AddContentSecurityPolicy(const ContentSecurityPolicyHeader& header, | 173 void AddContentSecurityPolicy(const ContentSecurityPolicyHeader& header, |
174 const std::vector<CSPPolicy>& policies); | 174 const std::vector<CSPPolicy>& policies); |
175 | 175 |
176 // Discards previous CSP headers and notifies proxies about the update. | 176 // Discards previous CSP headers and notifies proxies about the update. |
177 // Typically invoked after committing navigation to a new document (since the | 177 // Typically invoked after committing navigation to a new document (since the |
178 // new document comes with a fresh set of CSP http headers). | 178 // new document comes with a fresh set of CSP http headers). |
179 void ResetContentSecurityPolicy(); | 179 void ResetContentSecurityPolicy(); |
180 | 180 |
| 181 const std::vector<CSPPolicy>& csp_policies() const { return csp_policies_; } |
| 182 |
| 183 // Return the Content-Security-Policy context associated to this frame. |
| 184 // Never null. |
| 185 CSPContext* csp_context() { return csp_context_.get(); } |
| 186 |
181 // Sets the current insecure request policy, and notifies proxies about the | 187 // Sets the current insecure request policy, and notifies proxies about the |
182 // update. | 188 // update. |
183 void SetInsecureRequestPolicy(blink::WebInsecureRequestPolicy policy); | 189 void SetInsecureRequestPolicy(blink::WebInsecureRequestPolicy policy); |
184 | 190 |
185 // Returns the currently active sandbox flags for this frame. This includes | 191 // Returns the currently active sandbox flags for this frame. This includes |
186 // flags inherited from parent frames and the currently active flags from the | 192 // flags inherited from parent frames and the currently active flags from the |
187 // <iframe> element hosting this frame. This does not include flags that | 193 // <iframe> element hosting this frame. This does not include flags that |
188 // have been updated in an <iframe> element but have not taken effect yet; | 194 // have been updated in an <iframe> element but have not taken effect yet; |
189 // use pending_sandbox_flags() for those. | 195 // use pending_sandbox_flags() for those. |
190 blink::WebSandboxFlags effective_sandbox_flags() const { | 196 blink::WebSandboxFlags effective_sandbox_flags() const { |
(...skipping 205 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
396 // List of objects observing this FrameTreeNode. | 402 // List of objects observing this FrameTreeNode. |
397 base::ObserverList<Observer> observers_; | 403 base::ObserverList<Observer> observers_; |
398 | 404 |
399 base::TimeTicks last_focus_time_; | 405 base::TimeTicks last_focus_time_; |
400 | 406 |
401 // A helper for tracing the snapshots of this FrameTreeNode and attributing | 407 // A helper for tracing the snapshots of this FrameTreeNode and attributing |
402 // browser process activities to this node (when possible). It is unrelated | 408 // browser process activities to this node (when possible). It is unrelated |
403 // to the core logic of FrameTreeNode. | 409 // to the core logic of FrameTreeNode. |
404 FrameTreeNodeBlameContext blame_context_; | 410 FrameTreeNodeBlameContext blame_context_; |
405 | 411 |
406 // A set of Content-Security-Policies to enforce on the browser-side. | 412 // A set of Content-Security-Policy policies to enforce on the browser-side. |
407 std::vector<CSPPolicy> csp_policies_; | 413 std::vector<CSPPolicy> csp_policies_; |
408 | 414 |
| 415 // Used to check if a frame is allowed to navigate to an URL according to a |
| 416 // set of content-security-policy policies. |
| 417 std::unique_ptr<CSPContext> csp_context_; |
| 418 |
409 DISALLOW_COPY_AND_ASSIGN(FrameTreeNode); | 419 DISALLOW_COPY_AND_ASSIGN(FrameTreeNode); |
410 }; | 420 }; |
411 | 421 |
412 } // namespace content | 422 } // namespace content |
413 | 423 |
414 #endif // CONTENT_BROWSER_FRAME_HOST_FRAME_TREE_NODE_H_ | 424 #endif // CONTENT_BROWSER_FRAME_HOST_FRAME_TREE_NODE_H_ |
OLD | NEW |