| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <sstream> | 5 #include <sstream> |
| 6 #include "base/strings/string_split.h" | 6 #include "base/strings/string_split.h" |
| 7 #include "base/strings/string_util.h" | 7 #include "base/strings/string_util.h" |
| 8 #include "content/common/content_security_policy/csp_context.h" | 8 #include "content/common/content_security_policy/csp_context.h" |
| 9 | 9 |
| 10 namespace content { | 10 namespace content { |
| (...skipping 24 matching lines...) Expand all Loading... |
| 35 // TODO(arthursonzogni): the url length should be limited to 1024 char. Find | 35 // TODO(arthursonzogni): the url length should be limited to 1024 char. Find |
| 36 // a function that will not break the utf8 encoding while eliding the string. | 36 // a function that will not break the utf8 encoding while eliding the string. |
| 37 return url.spec(); | 37 return url.spec(); |
| 38 } | 38 } |
| 39 | 39 |
| 40 void ReportViolation(CSPContext* context, | 40 void ReportViolation(CSPContext* context, |
| 41 const ContentSecurityPolicy& policy, | 41 const ContentSecurityPolicy& policy, |
| 42 const CSPDirective& directive, | 42 const CSPDirective& directive, |
| 43 const CSPDirective::Name directive_name, | 43 const CSPDirective::Name directive_name, |
| 44 const GURL& url, | 44 const GURL& url, |
| 45 bool is_redirect) { | 45 bool is_redirect, |
| 46 const SourceLocation& source_location) { |
| 46 // We should never have a violation against `child-src` or `default-src` | 47 // We should never have a violation against `child-src` or `default-src` |
| 47 // directly; the effective directive should always be one of the explicit | 48 // directly; the effective directive should always be one of the explicit |
| 48 // fetch directives. | 49 // fetch directives. |
| 49 DCHECK_NE(directive_name, CSPDirective::DefaultSrc); | 50 DCHECK_NE(directive_name, CSPDirective::DefaultSrc); |
| 50 DCHECK_NE(directive_name, CSPDirective::ChildSrc); | 51 DCHECK_NE(directive_name, CSPDirective::ChildSrc); |
| 51 | 52 |
| 52 std::stringstream message; | 53 std::stringstream message; |
| 53 | 54 |
| 54 if (policy.header.type == blink::WebContentSecurityPolicyTypeReport) | 55 if (policy.header.type == blink::WebContentSecurityPolicyTypeReport) |
| 55 message << "[Report Only] "; | 56 message << "[Report Only] "; |
| 56 | 57 |
| 57 if (directive_name == CSPDirective::FormAction) | 58 if (directive_name == CSPDirective::FormAction) |
| 58 message << "Refused to send form data to '"; | 59 message << "Refused to send form data to '"; |
| 59 else if (directive_name == CSPDirective::FrameSrc) | 60 else if (directive_name == CSPDirective::FrameSrc) |
| 60 message << "Refused to frame '"; | 61 message << "Refused to frame '"; |
| 61 | 62 |
| 62 message << ElideURLForReportViolation(url) | 63 message << ElideURLForReportViolation(url) |
| 63 << "' because it violates the following Content Security Policy " | 64 << "' because it violates the following Content Security Policy " |
| 64 "directive: \"" | 65 "directive: \"" |
| 65 << directive.ToString() << "\"."; | 66 << directive.ToString() << "\"."; |
| 66 | 67 |
| 67 if (directive.name != directive_name) | 68 if (directive.name != directive_name) |
| 68 message << " Note that '" << CSPDirective::NameToString(directive_name) | 69 message << " Note that '" << CSPDirective::NameToString(directive_name) |
| 69 << "' was not explicitly set, so '" | 70 << "' was not explicitly set, so '" |
| 70 << CSPDirective::NameToString(directive.name) | 71 << CSPDirective::NameToString(directive.name) |
| 71 << "' is used as a fallback."; | 72 << "' is used as a fallback."; |
| 72 | 73 |
| 73 message << "\n"; | 74 message << "\n"; |
| 74 | 75 |
| 75 context->LogToConsole(message.str()); | |
| 76 | |
| 77 context->ReportContentSecurityPolicyViolation(CSPViolationParams( | 76 context->ReportContentSecurityPolicyViolation(CSPViolationParams( |
| 78 CSPDirective::NameToString(directive.name), | 77 CSPDirective::NameToString(directive.name), |
| 79 CSPDirective::NameToString(directive_name), message.str(), url, | 78 CSPDirective::NameToString(directive_name), message.str(), url, |
| 80 policy.report_endpoints, policy.header.header_value, policy.header.type, | 79 policy.report_endpoints, policy.header.header_value, policy.header.type, |
| 81 is_redirect)); | 80 is_redirect, source_location)); |
| 82 } | 81 } |
| 83 | 82 |
| 84 bool AllowDirective(CSPContext* context, | 83 bool AllowDirective(CSPContext* context, |
| 85 const ContentSecurityPolicy& policy, | 84 const ContentSecurityPolicy& policy, |
| 86 const CSPDirective& directive, | 85 const CSPDirective& directive, |
| 87 CSPDirective::Name directive_name, | 86 CSPDirective::Name directive_name, |
| 88 const GURL& url, | 87 const GURL& url, |
| 89 bool is_redirect) { | 88 bool is_redirect, |
| 89 const SourceLocation& source_location) { |
| 90 if (CSPSourceList::Allow(directive.source_list, url, context, is_redirect)) | 90 if (CSPSourceList::Allow(directive.source_list, url, context, is_redirect)) |
| 91 return true; | 91 return true; |
| 92 | 92 |
| 93 ReportViolation(context, policy, directive, directive_name, url, is_redirect); | 93 ReportViolation(context, policy, directive, directive_name, url, is_redirect, |
| 94 source_location); |
| 94 return false; | 95 return false; |
| 95 } | 96 } |
| 96 | 97 |
| 97 } // namespace | 98 } // namespace |
| 98 | 99 |
| 99 ContentSecurityPolicy::ContentSecurityPolicy() | 100 ContentSecurityPolicy::ContentSecurityPolicy() |
| 100 : header(std::string(), | 101 : header(std::string(), |
| 101 blink::WebContentSecurityPolicyTypeEnforce, | 102 blink::WebContentSecurityPolicyTypeEnforce, |
| 102 blink::WebContentSecurityPolicySourceHTTP) {} | 103 blink::WebContentSecurityPolicySourceHTTP) {} |
| 103 | 104 |
| 104 ContentSecurityPolicy::ContentSecurityPolicy( | 105 ContentSecurityPolicy::ContentSecurityPolicy( |
| 105 const ContentSecurityPolicyHeader& header, | 106 const ContentSecurityPolicyHeader& header, |
| 106 const std::vector<CSPDirective>& directives, | 107 const std::vector<CSPDirective>& directives, |
| 107 const std::vector<std::string>& report_endpoints) | 108 const std::vector<std::string>& report_endpoints) |
| 108 : header(header), | 109 : header(header), |
| 109 directives(directives), | 110 directives(directives), |
| 110 report_endpoints(report_endpoints) {} | 111 report_endpoints(report_endpoints) {} |
| 111 | 112 |
| 112 ContentSecurityPolicy::ContentSecurityPolicy(const ContentSecurityPolicy&) = | 113 ContentSecurityPolicy::ContentSecurityPolicy(const ContentSecurityPolicy&) = |
| 113 default; | 114 default; |
| 114 ContentSecurityPolicy::~ContentSecurityPolicy() = default; | 115 ContentSecurityPolicy::~ContentSecurityPolicy() = default; |
| 115 | 116 |
| 116 // static | 117 // static |
| 117 bool ContentSecurityPolicy::Allow(const ContentSecurityPolicy& policy, | 118 bool ContentSecurityPolicy::Allow(const ContentSecurityPolicy& policy, |
| 118 CSPDirective::Name directive_name, | 119 CSPDirective::Name directive_name, |
| 119 const GURL& url, | 120 const GURL& url, |
| 121 bool is_redirect, |
| 120 CSPContext* context, | 122 CSPContext* context, |
| 121 bool is_redirect) { | 123 const SourceLocation& source_location) { |
| 122 CSPDirective::Name current_directive_name = directive_name; | 124 CSPDirective::Name current_directive_name = directive_name; |
| 123 do { | 125 do { |
| 124 for (const CSPDirective& directive : policy.directives) { | 126 for (const CSPDirective& directive : policy.directives) { |
| 125 if (directive.name == current_directive_name) { | 127 if (directive.name == current_directive_name) { |
| 126 bool allowed = AllowDirective(context, policy, directive, | 128 bool allowed = |
| 127 directive_name, url, is_redirect); | 129 AllowDirective(context, policy, directive, directive_name, url, |
| 130 is_redirect, source_location); |
| 128 return allowed || | 131 return allowed || |
| 129 policy.header.type == blink::WebContentSecurityPolicyTypeReport; | 132 policy.header.type == blink::WebContentSecurityPolicyTypeReport; |
| 130 } | 133 } |
| 131 } | 134 } |
| 132 current_directive_name = CSPFallback(current_directive_name); | 135 current_directive_name = CSPFallback(current_directive_name); |
| 133 } while (current_directive_name != CSPDirective::Unknown); | 136 } while (current_directive_name != CSPDirective::Unknown); |
| 134 return true; | 137 return true; |
| 135 } | 138 } |
| 136 | 139 |
| 137 std::string ContentSecurityPolicy::ToString() const { | 140 std::string ContentSecurityPolicy::ToString() const { |
| (...skipping 12 matching lines...) Expand all Loading... |
| 150 is_first_policy = false; | 153 is_first_policy = false; |
| 151 text << "report-uri"; | 154 text << "report-uri"; |
| 152 for (const std::string& endpoint : report_endpoints) | 155 for (const std::string& endpoint : report_endpoints) |
| 153 text << " " << endpoint; | 156 text << " " << endpoint; |
| 154 } | 157 } |
| 155 | 158 |
| 156 return text.str(); | 159 return text.str(); |
| 157 } | 160 } |
| 158 | 161 |
| 159 } // namespace content | 162 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2761153003:
PlzNavigate & CSP. Use the SourceLocation in violation reports. (Closed)
