CSP Suborigins

Source/core/frame/csp/CSPDirectiveList.cpp

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "config.h"
 #include "core/frame/csp/CSPDirectiveList.h"
 
 #include "core/frame/LocalFrame.h"
 #include "platform/ParsingUtilities.h"
 #include "platform/weborigin/KURL.h"
 #include "wtf/text/WTFString.h"
 
 namespace WebCore {
 
 CSPDirectiveList::CSPDirectiveList(ContentSecurityPolicy* policy, ContentSecurityPolicyHeaderType type, ContentSecurityPolicyHeaderSource source)
     : m_policy(policy)
     , m_headerType(type)
     , m_headerSource(source)
     , m_reportOnly(false)
     , m_haveSandboxPolicy(false)
+    , m_haveSuboriginPolicy(false)
     , m_reflectedXSSDisposition(ReflectedXSSUnset)
     , m_didSetReferrerPolicy(false)
     , m_referrerPolicy(ReferrerPolicyDefault)
 {
     m_reportOnly = type == ContentSecurityPolicyHeaderTypeReport;
 }
 
 PassOwnPtr<CSPDirectiveList> CSPDirectiveList::create(ContentSecurityPolicy* policy, const UChar* begin, const UChar* end, ContentSecurityPolicyHeaderType type, ContentSecurityPolicyHeaderSource source)
 {
     OwnPtr<CSPDirectiveList> directives = adoptPtr(new CSPDirectiveList(policy, type, source));
@@ skipping 486 matching lines @@
         m_policy->reportDuplicateDirective(name);
         return;
     }
     m_haveSandboxPolicy = true;
     String invalidTokens;
     m_policy->enforceSandboxFlags(parseSandboxPolicy(sandboxPolicy, invalidTokens));
     if (!invalidTokens.isNull())
         m_policy->reportInvalidSandboxFlags(invalidTokens);
 }
 
+void CSPDirectiveList::applySuboriginPolicy(const String& name, const String& suboriginPolicy)
+{
+    if (m_haveSuboriginPolicy) {
+        m_policy->reportDuplicateDirective(name);
+        return;
+    }
+    m_haveSuboriginPolicy = true;
+    String invalidTokens;
+    m_policy->enforceSuborigin(parseSuboriginName(suboriginPolicy, invalidTokens));

[abarth-chromium, 2014/07/31 04:56:47]

parseSuboriginName <-- This function should be with the rest of the CSP parsing
functions, not off in a separate file.

Can parseSuboriginName fail?  If it fails, should we not enforceSuborigin?

[jww, 2014/10/21 23:51:06]

Done.
Yes, it can fail, and correct, it doesn't enforce the suborigin in that case.
It's not clear in this code, because they way this is done is by passing a null
suborigin, which implies a lack of suborigin, and thus isn't enforced. I'm
changing this in the new version to make this clearer, though.

+    if (!invalidTokens.isNull())
+        m_policy->reportInvalidSuboriginFlags(invalidTokens);
+}
+
 void CSPDirectiveList::parseReflectedXSS(const String& name, const String& value)
 {
     if (m_reflectedXSSDisposition != ReflectedXSSUnset) {
         m_policy->reportDuplicateDirective(name);
         m_reflectedXSSDisposition = ReflectedXSSInvalid;
         return;
     }
 
     if (value.isEmpty()) {
         m_reflectedXSSDisposition = ReflectedXSSInvalid;
@@ skipping 124 matching lines @@
         else if (equalIgnoringCase(name, ContentSecurityPolicy::ChildSrc))
             setCSPDirective<SourceListDirective>(name, value, m_childSrc);
         else if (equalIgnoringCase(name, ContentSecurityPolicy::FormAction))
             setCSPDirective<SourceListDirective>(name, value, m_formAction);
         else if (equalIgnoringCase(name, ContentSecurityPolicy::PluginTypes))
             setCSPDirective<MediaListDirective>(name, value, m_pluginTypes);
         else if (equalIgnoringCase(name, ContentSecurityPolicy::ReflectedXSS))
             parseReflectedXSS(name, value);
         else if (equalIgnoringCase(name, ContentSecurityPolicy::Referrer))
             parseReferrer(name, value);
+        else if (equalIgnoringCase(name, ContentSecurityPolicy::Suborigin))
+            applySuboriginPolicy(name, value);
         else
             m_policy->reportUnsupportedDirective(name);
     } else {
         m_policy->reportUnsupportedDirective(name);
     }
 }
 
 
 } // namespace WebCore