| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CSPDirectiveList_h | 5 #ifndef CSPDirectiveList_h |
| 6 #define CSPDirectiveList_h | 6 #define CSPDirectiveList_h |
| 7 | 7 |
| 8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
| 9 #include "core/frame/csp/MediaListDirective.h" | 9 #include "core/frame/csp/MediaListDirective.h" |
| 10 #include "core/frame/csp/SourceListDirective.h" | 10 #include "core/frame/csp/SourceListDirective.h" |
| (...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 76 const String& pluginTypesText() const; | 76 const String& pluginTypesText() const; |
| 77 | 77 |
| 78 private: | 78 private: |
| 79 CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, Co
ntentSecurityPolicyHeaderSource); | 79 CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, Co
ntentSecurityPolicyHeaderSource); |
| 80 | 80 |
| 81 bool parseDirective(const UChar* begin, const UChar* end, String& name, Stri
ng& value); | 81 bool parseDirective(const UChar* begin, const UChar* end, String& name, Stri
ng& value); |
| 82 void parseReportURI(const String& name, const String& value); | 82 void parseReportURI(const String& name, const String& value); |
| 83 void parsePluginTypes(const String& name, const String& value); | 83 void parsePluginTypes(const String& name, const String& value); |
| 84 void parseReflectedXSS(const String& name, const String& value); | 84 void parseReflectedXSS(const String& name, const String& value); |
| 85 void parseReferrer(const String& name, const String& value); | 85 void parseReferrer(const String& name, const String& value); |
| 86 String parseSuboriginName(const String& policy); |
| 86 void addDirective(const String& name, const String& value); | 87 void addDirective(const String& name, const String& value); |
| 87 void applySandboxPolicy(const String& name, const String& sandboxPolicy); | 88 void applySandboxPolicy(const String& name, const String& sandboxPolicy); |
| 89 void applySuboriginPolicy(const String& name, const String& suboriginPolicy)
; |
| 88 void enforceStrictMixedContentChecking(const String& name, const String& val
ue); | 90 void enforceStrictMixedContentChecking(const String& name, const String& val
ue); |
| 89 void enableInsecureRequestsUpgrade(const String& name, const String& value); | 91 void enableInsecureRequestsUpgrade(const String& name, const String& value); |
| 90 | 92 |
| 91 template <class CSPDirectiveType> | 93 template <class CSPDirectiveType> |
| 92 void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDire
ctiveType>&); | 94 void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDire
ctiveType>&); |
| 93 | 95 |
| 94 SourceListDirective* operativeDirective(SourceListDirective*) const; | 96 SourceListDirective* operativeDirective(SourceListDirective*) const; |
| 95 SourceListDirective* operativeDirective(SourceListDirective*, SourceListDire
ctive* override) const; | 97 SourceListDirective* operativeDirective(SourceListDirective*, SourceListDire
ctive* override) const; |
| 96 void reportViolation(const String& directiveText, const String& effectiveDir
ective, const String& consoleMessage, const KURL& blockedURL) const; | 98 void reportViolation(const String& directiveText, const String& effectiveDir
ective, const String& consoleMessage, const KURL& blockedURL) const; |
| 97 void reportViolationWithFrame(const String& directiveText, const String& eff
ectiveDirective, const String& consoleMessage, const KURL& blockedURL, LocalFram
e*) const; | 99 void reportViolationWithFrame(const String& directiveText, const String& eff
ectiveDirective, const String& consoleMessage, const KURL& blockedURL, LocalFram
e*) const; |
| (...skipping 19 matching lines...) Expand all Loading... |
| 117 | 119 |
| 118 bool denyIfEnforcingPolicy() const { return m_reportOnly; } | 120 bool denyIfEnforcingPolicy() const { return m_reportOnly; } |
| 119 | 121 |
| 120 ContentSecurityPolicy* m_policy; | 122 ContentSecurityPolicy* m_policy; |
| 121 | 123 |
| 122 String m_header; | 124 String m_header; |
| 123 ContentSecurityPolicyHeaderType m_headerType; | 125 ContentSecurityPolicyHeaderType m_headerType; |
| 124 ContentSecurityPolicyHeaderSource m_headerSource; | 126 ContentSecurityPolicyHeaderSource m_headerSource; |
| 125 | 127 |
| 126 bool m_reportOnly; | 128 bool m_reportOnly; |
| 127 bool m_haveSandboxPolicy; | 129 bool m_hasSandboxPolicy; |
| 130 bool m_hasSuboriginPolicy; |
| 128 ReflectedXSSDisposition m_reflectedXSSDisposition; | 131 ReflectedXSSDisposition m_reflectedXSSDisposition; |
| 129 | 132 |
| 130 bool m_didSetReferrerPolicy; | 133 bool m_didSetReferrerPolicy; |
| 131 ReferrerPolicy m_referrerPolicy; | 134 ReferrerPolicy m_referrerPolicy; |
| 132 | 135 |
| 133 bool m_strictMixedContentCheckingEnforced; | 136 bool m_strictMixedContentCheckingEnforced; |
| 134 | 137 |
| 135 bool m_upgradeInsecureRequests; | 138 bool m_upgradeInsecureRequests; |
| 136 | 139 |
| 137 OwnPtr<MediaListDirective> m_pluginTypes; | 140 OwnPtr<MediaListDirective> m_pluginTypes; |
| (...skipping 14 matching lines...) Expand all Loading... |
| 152 | 155 |
| 153 Vector<String> m_reportEndpoints; | 156 Vector<String> m_reportEndpoints; |
| 154 | 157 |
| 155 String m_evalDisabledErrorMessage; | 158 String m_evalDisabledErrorMessage; |
| 156 }; | 159 }; |
| 157 | 160 |
| 158 | 161 |
| 159 } // namespace | 162 } // namespace |
| 160 | 163 |
| 161 #endif | 164 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 27073003:
CSP Suborigins
Base URL: https://chromium.googlesource.com/chromium/blink.git@master