Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(282)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/content_security_policy/csp_context.cc

Issue 2756913002: Revert of PlzNavigate: Enforce 'frame-src' CSP on the browser. (Closed)
Patch Set: Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/common/content_security_policy/csp_context.h ('k') | content/common/content_security_policy/csp_context_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2017 The Chromium Authors. All rights reserved. 1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/common/content_security_policy/csp_context.h" 5 #include "content/common/content_security_policy/csp_context.h"
6 6
7 namespace content { 7 namespace content {
8 8
9 CSPContext::CSPContext() : has_self_(false) {} 9 CSPContext::CSPContext() : has_self_(false) {}
10 10
11 CSPContext::~CSPContext() {} 11 CSPContext::~CSPContext() {}
12 12
13 bool CSPContext::IsAllowedByCsp(CSPDirective::Name directive_name, 13 bool CSPContext::Allow(const std::vector<ContentSecurityPolicy>& policies,
14 const GURL& url, 14 CSPDirective::Name directive_name,
15 bool is_redirect) { 15 const GURL& url,
16 bool is_redirect) {
16 if (SchemeShouldBypassCSP(url.scheme_piece())) 17 if (SchemeShouldBypassCSP(url.scheme_piece()))
17 return true; 18 return true;
18 19
19 for (const auto& policy : policies_) { 20 for (const auto& policy : policies) {
20 if (!ContentSecurityPolicy::Allow(policy, directive_name, url, this, 21 if (!ContentSecurityPolicy::Allow(policy, directive_name, url, this,
21 is_redirect)) 22 is_redirect))
22 return false; 23 return false;
23 } 24 }
24 return true; 25 return true;
25 } 26 }
26 27
27 void CSPContext::SetSelf(const url::Origin origin) { 28 void CSPContext::SetSelf(const url::Origin origin) {
28 if (origin.unique()) { 29 if (origin.unique()) {
29 // TODO(arthursonzogni): Decide what to do with unique origins. 30 // TODO(arthursonzogni): Decide what to do with unique origins.
(...skipping 30 matching lines...) Expand all
60 } 61 }
61 62
62 void CSPContext::LogToConsole(const std::string& message) { 63 void CSPContext::LogToConsole(const std::string& message) {
63 return; 64 return;
64 } 65 }
65 66
66 bool CSPContext::SchemeShouldBypassCSP(const base::StringPiece& scheme) { 67 bool CSPContext::SchemeShouldBypassCSP(const base::StringPiece& scheme) {
67 return false; 68 return false;
68 } 69 }
69 70
70 bool CSPContext::SelfSchemeShouldBypassCsp() { 71 bool CSPContext::SelfSchemeShouldBypassCSP() {
71 if (!has_self_) 72 if (!has_self_)
72 return false; 73 return false;
73 return SchemeShouldBypassCSP(self_scheme_); 74 return SchemeShouldBypassCSP(self_scheme_);
74 } 75 }
75 76
76 void CSPContext::ReportContentSecurityPolicyViolation( 77 void CSPContext::ReportViolation(
77 const CSPViolationParams& violation_params) { 78 const std::string& directive_text,
79 const std::string& effective_directive,
80 const std::string& message,
81 const GURL& blocked_url,
82 const std::vector<std::string>& report_end_points,
83 const std::string& header,
84 blink::WebContentSecurityPolicyType disposition) {
78 return; 85 return;
79 } 86 }
80 87
81 CSPViolationParams::CSPViolationParams() = default;
82
83 CSPViolationParams::CSPViolationParams(
84 const std::string& directive,
85 const std::string& effective_directive,
86 const std::string& console_message,
87 const GURL& blocked_url,
88 const std::vector<std::string>& report_endpoints,
89 const std::string& header,
90 const blink::WebContentSecurityPolicyType& disposition,
91 bool after_redirect)
92 : directive(directive),
93 effective_directive(effective_directive),
94 console_message(console_message),
95 blocked_url(blocked_url),
96 report_endpoints(report_endpoints),
97 header(header),
98 disposition(disposition),
99 after_redirect(after_redirect) {}
100
101 CSPViolationParams::CSPViolationParams(const CSPViolationParams& other) =
102 default;
103
104 CSPViolationParams::~CSPViolationParams() {}
105
106 } // namespace content 88 } // namespace content
OLDNEW
« no previous file with comments | « content/common/content_security_policy/csp_context.h ('k') | content/common/content_security_policy/csp_context_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698