Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(165)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/frame/csp/CSPDirectiveList.h

Issue 27073003: CSP Suborigins Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Rebase Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« Source/core/fetch/CrossOriginAccessControl.cpp ('K') | « Source/core/fetch/CrossOriginAccessControl.cpp ('k') | Source/core/frame/csp/CSPDirectiveList.cpp » ('j') | Source/core/frame/csp/CSPDirectiveList.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CSPDirectiveList_h 5 #ifndef CSPDirectiveList_h
6 #define CSPDirectiveList_h 6 #define CSPDirectiveList_h
7 7
8 #include "core/frame/csp/ContentSecurityPolicy.h" 8 #include "core/frame/csp/ContentSecurityPolicy.h"
9 #include "core/frame/csp/MediaListDirective.h" 9 #include "core/frame/csp/MediaListDirective.h"
10 #include "core/frame/csp/SourceListDirective.h" 10 #include "core/frame/csp/SourceListDirective.h"
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
66 private: 66 private:
67 CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, Co ntentSecurityPolicyHeaderSource); 67 CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, Co ntentSecurityPolicyHeaderSource);
68 68
69 bool parseDirective(const UChar* begin, const UChar* end, String& name, Stri ng& value); 69 bool parseDirective(const UChar* begin, const UChar* end, String& name, Stri ng& value);
70 void parseReportURI(const String& name, const String& value); 70 void parseReportURI(const String& name, const String& value);
71 void parsePluginTypes(const String& name, const String& value); 71 void parsePluginTypes(const String& name, const String& value);
72 void parseReflectedXSS(const String& name, const String& value); 72 void parseReflectedXSS(const String& name, const String& value);
73 void parseReferrer(const String& name, const String& value); 73 void parseReferrer(const String& name, const String& value);
74 void addDirective(const String& name, const String& value); 74 void addDirective(const String& name, const String& value);
75 void applySandboxPolicy(const String& name, const String& sandboxPolicy); 75 void applySandboxPolicy(const String& name, const String& sandboxPolicy);
76 void applySuboriginPolicy(const String& name, const String& suboriginPolicy) ;
76 77
77 template <class CSPDirectiveType> 78 template <class CSPDirectiveType>
78 void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDire ctiveType>&); 79 void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDire ctiveType>&);
79 80
80 SourceListDirective* operativeDirective(SourceListDirective*) const; 81 SourceListDirective* operativeDirective(SourceListDirective*) const;
81 SourceListDirective* operativeDirective(SourceListDirective*, SourceListDire ctive* override) const; 82 SourceListDirective* operativeDirective(SourceListDirective*, SourceListDire ctive* override) const;
82 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL) const; 83 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL) const;
83 void reportViolationWithLocation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const String& contextURL, const WTF::OrdinalNumber& contextLine) const; 84 void reportViolationWithLocation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
84 void reportViolationWithState(const String& directiveText, const String& eff ectiveDirective, const String& consoleMessage, const KURL& blockedURL, ScriptSta te*) const; 85 void reportViolationWithState(const String& directiveText, const String& eff ectiveDirective, const String& consoleMessage, const KURL& blockedURL, ScriptSta te*) const;
85 86
(...skipping 17 matching lines...) Expand all
103 bool denyIfEnforcingPolicy() const { return m_reportOnly; } 104 bool denyIfEnforcingPolicy() const { return m_reportOnly; }
104 105
105 ContentSecurityPolicy* m_policy; 106 ContentSecurityPolicy* m_policy;
106 107
107 String m_header; 108 String m_header;
108 ContentSecurityPolicyHeaderType m_headerType; 109 ContentSecurityPolicyHeaderType m_headerType;
109 ContentSecurityPolicyHeaderSource m_headerSource; 110 ContentSecurityPolicyHeaderSource m_headerSource;
110 111
111 bool m_reportOnly; 112 bool m_reportOnly;
112 bool m_haveSandboxPolicy; 113 bool m_haveSandboxPolicy;
114 bool m_haveSuboriginPolicy;
113 ReflectedXSSDisposition m_reflectedXSSDisposition; 115 ReflectedXSSDisposition m_reflectedXSSDisposition;
114 116
115 bool m_didSetReferrerPolicy; 117 bool m_didSetReferrerPolicy;
116 ReferrerPolicy m_referrerPolicy; 118 ReferrerPolicy m_referrerPolicy;
117 119
118 OwnPtr<MediaListDirective> m_pluginTypes; 120 OwnPtr<MediaListDirective> m_pluginTypes;
119 OwnPtr<SourceListDirective> m_baseURI; 121 OwnPtr<SourceListDirective> m_baseURI;
120 OwnPtr<SourceListDirective> m_childSrc; 122 OwnPtr<SourceListDirective> m_childSrc;
121 OwnPtr<SourceListDirective> m_connectSrc; 123 OwnPtr<SourceListDirective> m_connectSrc;
122 OwnPtr<SourceListDirective> m_defaultSrc; 124 OwnPtr<SourceListDirective> m_defaultSrc;
123 OwnPtr<SourceListDirective> m_fontSrc; 125 OwnPtr<SourceListDirective> m_fontSrc;
124 OwnPtr<SourceListDirective> m_formAction; 126 OwnPtr<SourceListDirective> m_formAction;
125 OwnPtr<SourceListDirective> m_frameAncestors; 127 OwnPtr<SourceListDirective> m_frameAncestors;
126 OwnPtr<SourceListDirective> m_frameSrc; 128 OwnPtr<SourceListDirective> m_frameSrc;
127 OwnPtr<SourceListDirective> m_imgSrc; 129 OwnPtr<SourceListDirective> m_imgSrc;
128 OwnPtr<SourceListDirective> m_mediaSrc; 130 OwnPtr<SourceListDirective> m_mediaSrc;
129 OwnPtr<SourceListDirective> m_objectSrc; 131 OwnPtr<SourceListDirective> m_objectSrc;
130 OwnPtr<SourceListDirective> m_scriptSrc; 132 OwnPtr<SourceListDirective> m_scriptSrc;
131 OwnPtr<SourceListDirective> m_styleSrc; 133 OwnPtr<SourceListDirective> m_styleSrc;
132 134
133 Vector<KURL> m_reportURIs; 135 Vector<KURL> m_reportURIs;
134 136
135 String m_evalDisabledErrorMessage; 137 String m_evalDisabledErrorMessage;
136 }; 138 };
137 139
138 140
139 } // namespace 141 } // namespace
140 142
141 #endif 143 #endif
OLDNEW
« Source/core/fetch/CrossOriginAccessControl.cpp ('K') | « Source/core/fetch/CrossOriginAccessControl.cpp ('k') | Source/core/frame/csp/CSPDirectiveList.cpp » ('j') | Source/core/frame/csp/CSPDirectiveList.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698