OLD | NEW |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/common/content_security_policy/csp_context.h" | 5 #include "content/common/content_security_policy/csp_context.h" |
6 | 6 |
7 namespace content { | 7 namespace content { |
8 | 8 |
9 CSPContext::CSPContext() : has_self_(false) {} | 9 CSPContext::CSPContext() : has_self_(false) {} |
10 | 10 |
11 CSPContext::~CSPContext() {} | 11 CSPContext::~CSPContext() {} |
12 | 12 |
13 bool CSPContext::Allow(const std::vector<ContentSecurityPolicy>& policies, | 13 bool CSPContext::AllowContentSecurityPolicy(CSPDirective::Name directive_name, |
14 CSPDirective::Name directive_name, | 14 const GURL& url, |
15 const GURL& url, | 15 bool is_redirect) { |
16 bool is_redirect) { | |
17 if (SchemeShouldBypassCSP(url.scheme_piece())) | 16 if (SchemeShouldBypassCSP(url.scheme_piece())) |
18 return true; | 17 return true; |
19 | 18 |
20 for (const auto& policy : policies) { | 19 for (const auto& policy : policies_) { |
21 if (!ContentSecurityPolicy::Allow(policy, directive_name, url, this, | 20 if (!ContentSecurityPolicy::Allow(policy, directive_name, url, this, |
22 is_redirect)) | 21 is_redirect)) |
23 return false; | 22 return false; |
24 } | 23 } |
25 return true; | 24 return true; |
26 } | 25 } |
27 | 26 |
28 void CSPContext::SetSelf(const url::Origin origin) { | 27 void CSPContext::SetSelf(const url::Origin origin) { |
29 if (origin.unique()) { | 28 if (origin.unique()) { |
30 // TODO(arthursonzogni): Decide what to do with unique origins. | 29 // TODO(arthursonzogni): Decide what to do with unique origins. |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
67 bool CSPContext::SchemeShouldBypassCSP(const base::StringPiece& scheme) { | 66 bool CSPContext::SchemeShouldBypassCSP(const base::StringPiece& scheme) { |
68 return false; | 67 return false; |
69 } | 68 } |
70 | 69 |
71 bool CSPContext::SelfSchemeShouldBypassCSP() { | 70 bool CSPContext::SelfSchemeShouldBypassCSP() { |
72 if (!has_self_) | 71 if (!has_self_) |
73 return false; | 72 return false; |
74 return SchemeShouldBypassCSP(self_scheme_); | 73 return SchemeShouldBypassCSP(self_scheme_); |
75 } | 74 } |
76 | 75 |
77 void CSPContext::ReportViolation( | 76 void CSPContext::ReportContentSecurityPolicyViolation( |
78 const std::string& directive_text, | 77 const CSPViolationParams& violation_params) { |
79 const std::string& effective_directive, | |
80 const std::string& message, | |
81 const GURL& blocked_url, | |
82 const std::vector<std::string>& report_end_points, | |
83 const std::string& header, | |
84 blink::WebContentSecurityPolicyType disposition) { | |
85 return; | 78 return; |
86 } | 79 } |
87 | 80 |
| 81 CSPViolationParams::CSPViolationParams() = default; |
| 82 |
| 83 CSPViolationParams::CSPViolationParams( |
| 84 const std::string& directive, |
| 85 const std::string& effective_directive, |
| 86 const std::string& console_message, |
| 87 const GURL& blocked_url, |
| 88 const std::vector<std::string>& report_endpoints, |
| 89 const std::string& header, |
| 90 const blink::WebContentSecurityPolicyType& disposition, |
| 91 bool after_redirect) |
| 92 : directive(directive), |
| 93 effective_directive(effective_directive), |
| 94 console_message(console_message), |
| 95 blocked_url(blocked_url), |
| 96 report_endpoints(report_endpoints), |
| 97 header(header), |
| 98 disposition(disposition), |
| 99 after_redirect(after_redirect) {} |
| 100 |
| 101 CSPViolationParams::CSPViolationParams(const CSPViolationParams& other) = |
| 102 default; |
| 103 |
| 104 CSPViolationParams::~CSPViolationParams() {} |
| 105 |
88 } // namespace content | 106 } // namespace content |
OLD | NEW |