OLD | NEW |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_COMMON_FEATURE_POLICY_FEATURE_POLICY_H_ | 5 #ifndef CONTENT_COMMON_FEATURE_POLICY_FEATURE_POLICY_H_ |
6 #define CONTENT_COMMON_FEATURE_POLICY_FEATURE_POLICY_H_ | 6 #define CONTENT_COMMON_FEATURE_POLICY_FEATURE_POLICY_H_ |
7 | 7 |
8 #include <map> | 8 #include <map> |
9 #include <memory> | 9 #include <memory> |
10 #include <string> | 10 #include <string> |
(...skipping 13 matching lines...) Expand all Loading... |
24 // feature; see the specification for details). | 24 // feature; see the specification for details). |
25 // | 25 // |
26 // Policies can be defined in the HTTP header stream, with the |Feature-Policy| | 26 // Policies can be defined in the HTTP header stream, with the |Feature-Policy| |
27 // HTTP header, or can be set by the |allow| attributes on the iframe element | 27 // HTTP header, or can be set by the |allow| attributes on the iframe element |
28 // which embeds the document. | 28 // which embeds the document. |
29 // | 29 // |
30 // See https://wicg.github.io/FeaturePolicy/ | 30 // See https://wicg.github.io/FeaturePolicy/ |
31 // | 31 // |
32 // Key concepts: | 32 // Key concepts: |
33 // | 33 // |
34 // Features | |
35 // -------- | |
36 // Features which can be controlled by policy are defined by instances of the | |
37 // FeaturePolicy::Feature struct. The features are referenced by the | |
38 // |WebFeaturePolicyFeature| enum, declared in |WebFeaturePolicy.h|. | |
39 // | |
40 // Whitelists | 34 // Whitelists |
41 // ---------- | 35 // ---------- |
42 // Whitelists are collections of origins, although two special terms can be used | 36 // Whitelists are collections of origins, although two special terms can be used |
43 // when declaring them: | 37 // when declaring them: |
44 // "self" refers to the orgin of the frame which is declaring the policy. | 38 // "self" refers to the orgin of the frame which is declaring the policy. |
45 // "*" refers to all origins; any origin will match a whitelist which contains | 39 // "*" refers to all origins; any origin will match a whitelist which contains |
46 // it. | 40 // it. |
47 // | 41 // |
48 // Declarations | 42 // Declarations |
49 // ------------ | 43 // ------------ |
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
83 // determined by the feature's default policy. (Again, see the comments in | 77 // determined by the feature's default policy. (Again, see the comments in |
84 // FeaturePolicy::DefaultPolicy for details) | 78 // FeaturePolicy::DefaultPolicy for details) |
85 | 79 |
86 // This struct holds feature policy whitelist data that needs to be replicated | 80 // This struct holds feature policy whitelist data that needs to be replicated |
87 // between a RenderFrame and any of its associated RenderFrameProxies. A list of | 81 // between a RenderFrame and any of its associated RenderFrameProxies. A list of |
88 // these form a ParsedFeaturePolicyHeader. | 82 // these form a ParsedFeaturePolicyHeader. |
89 // NOTE: These types are used for replication frame state between processes. | 83 // NOTE: These types are used for replication frame state between processes. |
90 // They exist only because we can't transfer WebVectors directly over IPC. | 84 // They exist only because we can't transfer WebVectors directly over IPC. |
91 struct CONTENT_EXPORT ParsedFeaturePolicyDeclaration { | 85 struct CONTENT_EXPORT ParsedFeaturePolicyDeclaration { |
92 ParsedFeaturePolicyDeclaration(); | 86 ParsedFeaturePolicyDeclaration(); |
93 ParsedFeaturePolicyDeclaration(std::string feature_name, | 87 ParsedFeaturePolicyDeclaration(blink::WebFeaturePolicyFeature feature, |
94 bool matches_all_origins, | 88 bool matches_all_origins, |
95 std::vector<url::Origin> origins); | 89 std::vector<url::Origin> origins); |
96 ParsedFeaturePolicyDeclaration(const ParsedFeaturePolicyDeclaration& rhs); | 90 ParsedFeaturePolicyDeclaration(const ParsedFeaturePolicyDeclaration& rhs); |
97 ~ParsedFeaturePolicyDeclaration(); | 91 ~ParsedFeaturePolicyDeclaration(); |
98 | 92 |
99 std::string feature_name; | 93 blink::WebFeaturePolicyFeature feature; |
100 bool matches_all_origins; | 94 bool matches_all_origins; |
101 std::vector<url::Origin> origins; | 95 std::vector<url::Origin> origins; |
102 }; | 96 }; |
103 | 97 |
104 using ParsedFeaturePolicyHeader = std::vector<ParsedFeaturePolicyDeclaration>; | 98 using ParsedFeaturePolicyHeader = std::vector<ParsedFeaturePolicyDeclaration>; |
105 | 99 |
106 class CONTENT_EXPORT FeaturePolicy : public blink::WebFeaturePolicy { | 100 class CONTENT_EXPORT FeaturePolicy : public blink::WebFeaturePolicy { |
107 public: | 101 public: |
108 // Represents a collection of origins which make up a whitelist in a feature | 102 // Represents a collection of origins which make up a whitelist in a feature |
109 // policy. This collection may be set to match every origin (corresponding to | 103 // policy. This collection may be set to match every origin (corresponding to |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
141 // Equivalent to ["self"]. If this default policy is in effect for a frame, | 135 // Equivalent to ["self"]. If this default policy is in effect for a frame, |
142 // then the feature will be enabled for that frame, and any same-origin | 136 // then the feature will be enabled for that frame, and any same-origin |
143 // child frames, but not for any cross-origin child frames. | 137 // child frames, but not for any cross-origin child frames. |
144 EnableForSelf, | 138 EnableForSelf, |
145 | 139 |
146 // Equivalent to ["*"]. If in effect for a frame, then the feature is | 140 // Equivalent to ["*"]. If in effect for a frame, then the feature is |
147 // enabled for that frame and all of its children. | 141 // enabled for that frame and all of its children. |
148 EnableForAll | 142 EnableForAll |
149 }; | 143 }; |
150 | 144 |
151 // The FeaturePolicy::Feature struct is used to define all features under | 145 using FeatureList = std::map<blink::WebFeaturePolicyFeature, FeatureDefault>; |
152 // control of Feature Policy. There should only be one instance of this struct | |
153 // for any given feature (declared below). | |
154 struct Feature { | |
155 // The name of the feature, as it should appear in a policy string | |
156 const char* const feature_name; | |
157 | |
158 // Controls whether the feature should be available in the platform by | |
159 // default, in the absence of any declared policy. | |
160 FeatureDefault default_policy; | |
161 }; | |
162 | |
163 using FeatureList = | |
164 std::map<blink::WebFeaturePolicyFeature, const FeaturePolicy::Feature*>; | |
165 | 146 |
166 ~FeaturePolicy() override; | 147 ~FeaturePolicy() override; |
167 | 148 |
168 static std::unique_ptr<FeaturePolicy> CreateFromParentPolicy( | 149 static std::unique_ptr<FeaturePolicy> CreateFromParentPolicy( |
169 const FeaturePolicy* parent_policy, | 150 const FeaturePolicy* parent_policy, |
170 const ParsedFeaturePolicyHeader& container_policy, | 151 const ParsedFeaturePolicyHeader& container_policy, |
171 const url::Origin& origin); | 152 const url::Origin& origin); |
172 | 153 |
173 static std::unique_ptr<FeaturePolicy> CreateFromPolicyWithOrigin( | 154 static std::unique_ptr<FeaturePolicy> CreateFromPolicyWithOrigin( |
174 const FeaturePolicy& policy, | 155 const FeaturePolicy& policy, |
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
219 std::map<blink::WebFeaturePolicyFeature, bool> inherited_policies_; | 200 std::map<blink::WebFeaturePolicyFeature, bool> inherited_policies_; |
220 | 201 |
221 const FeatureList& feature_list_; | 202 const FeatureList& feature_list_; |
222 | 203 |
223 DISALLOW_COPY_AND_ASSIGN(FeaturePolicy); | 204 DISALLOW_COPY_AND_ASSIGN(FeaturePolicy); |
224 }; | 205 }; |
225 | 206 |
226 } // namespace content | 207 } // namespace content |
227 | 208 |
228 #endif // CONTENT_COMMON_FEATURE_POLICY_FEATURE_POLICY_H_ | 209 #endif // CONTENT_COMMON_FEATURE_POLICY_FEATURE_POLICY_H_ |
OLD | NEW |