OLD | NEW |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/common/content_security_policy/csp_context.h" | 5 #include "content/common/content_security_policy/csp_context.h" |
6 | 6 |
7 namespace content { | 7 namespace content { |
8 | 8 |
9 namespace { | 9 namespace { |
10 | 10 |
11 const GURL ExtractInnerURL(const GURL& url) { | 11 const GURL ExtractInnerURL(const GURL& url) { |
12 if (const GURL* inner_url = url.inner_url()) | 12 if (const GURL* inner_url = url.inner_url()) |
13 return *inner_url; | 13 return *inner_url; |
14 else | 14 else |
15 // TODO(arthursonzogni): revisit this once GURL::inner_url support blob-URL. | 15 // TODO(arthursonzogni): revisit this once GURL::inner_url support blob-URL. |
16 return GURL(url.path()); | 16 return GURL(url.path()); |
17 } | 17 } |
18 | 18 |
19 const GURL GetEffectiveURL(CSPContext* context, const GURL& url) { | 19 const GURL GetEffectiveURL(CSPContext* context, const GURL& url) { |
20 // Due to backwards-compatibility concerns, we allow 'self' to match blob and | 20 // Due to backwards-compatibility concerns, we allow 'self' to match blob and |
21 // filesystem inner URLs if we are in a context that bypasses | 21 // filesystem inner URLs if we are in a context that bypasses |
22 // ContentSecurityPolicy in the main world. | 22 // ContentSecurityPolicy in the main world. |
23 if (context->SelfSchemeShouldBypassCSP()) { | 23 if (context->SelfSchemeShouldBypassCsp()) { |
24 if (url.SchemeIsFileSystem() || url.SchemeIsBlob()) | 24 if (url.SchemeIsFileSystem() || url.SchemeIsBlob()) |
25 return ExtractInnerURL(url); | 25 return ExtractInnerURL(url); |
26 } | 26 } |
27 return url; | 27 return url; |
28 } | 28 } |
29 | 29 |
30 bool AllowFromSources(const GURL& url, | 30 bool AllowFromSources(const GURL& url, |
31 const std::vector<CSPSource>& sources, | 31 const std::vector<CSPSource>& sources, |
32 CSPContext* context, | 32 CSPContext* context, |
33 bool is_redirect) { | 33 bool is_redirect) { |
(...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
100 } | 100 } |
101 | 101 |
102 return text.str(); | 102 return text.str(); |
103 } | 103 } |
104 | 104 |
105 bool CSPSourceList::IsNone() const { | 105 bool CSPSourceList::IsNone() const { |
106 return !allow_self && !allow_star && sources.empty(); | 106 return !allow_self && !allow_star && sources.empty(); |
107 } | 107 } |
108 | 108 |
109 } // namespace content | 109 } // namespace content |
OLD | NEW |