Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(368)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/core/frame/csp/CSPSource.cpp

Issue 2708873002: Stop CSP from matching independent scheme/port upgrades (Closed)
Patch Set: Refactoring port/scheme matching logic to have an easier time with auto-upgrading Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« third_party/WebKit/Source/core/frame/csp/CSPSource.h ('K') | « third_party/WebKit/Source/core/frame/csp/CSPSource.h ('k') | third_party/WebKit/Source/core/frame/csp/CSPSourceTest.cpp » ('j') | third_party/WebKit/Source/core/frame/csp/CSPSourceTest.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/core/frame/csp/CSPSource.cpp
diff --git a/third_party/WebKit/Source/core/frame/csp/CSPSource.cpp b/third_party/WebKit/Source/core/frame/csp/CSPSource.cpp
index 511f666e5a6453515350a639059bed3149a7c318..ab79e2fdba3e0f2689eb164d8ad4b1abeda55e45 100644
--- a/third_party/WebKit/Source/core/frame/csp/CSPSource.cpp
+++ b/third_party/WebKit/Source/core/frame/csp/CSPSource.cpp
@@ -30,25 +30,48 @@ CSPSource::CSPSource(ContentSecurityPolicy* policy,
bool CSPSource::matches(const KURL& url,
ResourceRequest::RedirectStatus redirectStatus) const {
- bool schemesMatch = m_scheme.isEmpty() ? m_policy->protocolMatchesSelf(url)
- : schemeMatches(url.protocol());
+ SchemeMatchingResult schemesMatch = schemeMatches(url.protocol());
if (!schemesMatch)
return false;
if (isSchemeOnly())
return true;
bool pathsMatch = (redirectStatus == RedirectStatus::FollowedRedirect) ||
pathMatches(url.path());
- return hostMatches(url.host()) && portMatches(url.port(), url.protocol()) &&
- pathsMatch;
+ PortMatchingResult portsMatch = portMatches(url.port(), url.protocol());
+
+ // if either the scheme or the port would require an upgrade (e.g. from http
+ // to https) then check that both of them can upgrade to ensure that we don't
+ // run into situations where we only upgrade the port but not the scheme or
+ // viceversa
+ if ((requiresUpgrade(schemesMatch) || (requiresUpgrade(portsMatch))) &&
+ (!canUpgrade(schemesMatch) || !canUpgrade(portsMatch))) {
+ return false;
+ }
+
+ return hostMatches(url.host()) && portsMatch && pathsMatch;
}
-bool CSPSource::schemeMatches(const String& protocol) const {
+CSPSource::SchemeMatchingResult CSPSource::schemeMatches(
+ const String& protocol) const {
DCHECK_EQ(protocol, protocol.lower());
- if (m_scheme == "http")
- return protocol == "http" || protocol == "https";
- if (m_scheme == "ws")
- return protocol == "ws" || protocol == "wss";
- return protocol == m_scheme;
+ const String& scheme =
+ (m_scheme.isEmpty() ? m_policy->getSelfProtocol() : m_scheme);
+
+ if (scheme == protocol)
+ return SchemeMatchingExact;
+
+ if ((scheme == "http" && protocol == "https") ||
+ (scheme == "http" && protocol == "https-so") ||
+ (scheme == "ws" && protocol == "wss")) {
+ return SchemeMatchingUpgrade;
+ }
+
+ if ((scheme == "http" && protocol == "http-so") ||
+ (scheme == "https" && protocol == "https-so")) {
+ return SchemeMatchingExact;
+ }
+
+ return SchemeNotMatching;
}
bool CSPSource::hostMatches(const String& host) const {
@@ -92,24 +115,41 @@ bool CSPSource::pathMatches(const String& urlPath) const {
return path == m_path;
}
-bool CSPSource::portMatches(int port, const String& protocol) const {
+CSPSource::PortMatchingResult CSPSource::portMatches(
+ int port,
+ const String& protocol) const {
if (m_portWildcard == HasWildcard)
- return true;
+ return PortMatchingWildcard;
- if (port == m_port)
- return true;
+ if (port == m_port) {
+ if (port == 0)
+ return PortMatchingWildcard;
+ return PortMatchingExact;
+ }
+
+ bool isSchemeHttp; // needed for detecting an upgrade when the port is 0
+ isSchemeHttp = m_scheme.isEmpty() ? m_policy->protocolEqualsSelf("http")
+ : equalIgnoringCase("http", m_scheme);
- if (m_port == 80 &&
+ if ((m_port == 80 || (m_port == 0 && isSchemeHttp)) &&
(port == 443 || (port == 0 && defaultPortForProtocol(protocol) == 443)))
- return true;
+ return PortMatchingUpgrade;
- if (!port)
- return isDefaultPortForProtocol(m_port, protocol);
+ if (!port) {
+ if (isDefaultPortForProtocol(m_port, protocol))
+ return PortMatchingExact;
- if (!m_port)
- return isDefaultPortForProtocol(port, protocol);
+ return PortNotMatching;
+ }
- return false;
+ if (!m_port) {
+ if (isDefaultPortForProtocol(port, protocol))
+ return PortMatchingExact;
+
+ return PortNotMatching;
+ }
+
+ return PortNotMatching;
}
bool CSPSource::subsumes(CSPSource* other) const {
« third_party/WebKit/Source/core/frame/csp/CSPSource.h ('K') | « third_party/WebKit/Source/core/frame/csp/CSPSource.h ('k') | third_party/WebKit/Source/core/frame/csp/CSPSourceTest.cpp » ('j') | third_party/WebKit/Source/core/frame/csp/CSPSourceTest.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698