Source/core/frame/csp/CSPDirectiveList.h - Issue 27073003: CSP Suborigins - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(951)

My Issues | Starred Open | Closed | All

Unified Diff: Source/core/frame/csp/CSPDirectiveList.h

Issue 27073003: CSP Suborigins Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: Address many of mkwst's comments Created 5 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« LayoutTests/http/tests/security/suborigins/suborigin-blocked-notifications.php ('K') | « Source/core/fetch/CrossOriginAccessControl.cpp ('k') | Source/core/frame/csp/CSPDirectiveList.cpp » ('j') | Source/platform/weborigin/SecurityOriginTest.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: Source/core/frame/csp/CSPDirectiveList.h

diff --git a/Source/core/frame/csp/CSPDirectiveList.h b/Source/core/frame/csp/CSPDirectiveList.h

index 8fbb0e7a3aac2b969eb98bd6ae9cd59fff1c593d..28036424799d00a7ad466561e5e8d2204be9f8b2 100644

--- a/Source/core/frame/csp/CSPDirectiveList.h

+++ b/Source/core/frame/csp/CSPDirectiveList.h

@@ -83,8 +83,10 @@ private:

void parsePluginTypes(const String& name, const String& value);

void parseReflectedXSS(const String& name, const String& value);

void parseReferrer(const String& name, const String& value);

+ String parseSuboriginName(const String& policy);

void addDirective(const String& name, const String& value);

void applySandboxPolicy(const String& name, const String& sandboxPolicy);

+ void applySuboriginPolicy(const String& name, const String& suboriginPolicy);

void enforceStrictMixedContentChecking(const String& name, const String& value);

void enableInsecureRequestsUpgrade(const String& name, const String& value);

@@ -124,7 +126,8 @@ private:

ContentSecurityPolicyHeaderSource m_headerSource;

bool m_reportOnly;

- bool m_haveSandboxPolicy;

+ bool m_hasSandboxPolicy;

+ bool m_hasSuboriginPolicy;

ReflectedXSSDisposition m_reflectedXSSDisposition;

bool m_didSetReferrerPolicy;

« LayoutTests/http/tests/security/suborigins/suborigin-blocked-notifications.php ('K') | « Source/core/fetch/CrossOriginAccessControl.cpp ('k') | Source/core/frame/csp/CSPDirectiveList.cpp » ('j') | Source/platform/weborigin/SecurityOriginTest.cpp » ('J')

Powered by Google App Engine

This is Rietveld 408576698