OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CSPDirectiveList_h | 5 #ifndef CSPDirectiveList_h |
6 #define CSPDirectiveList_h | 6 #define CSPDirectiveList_h |
7 | 7 |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "core/frame/csp/MediaListDirective.h" | 9 #include "core/frame/csp/MediaListDirective.h" |
10 #include "core/frame/csp/SourceListDirective.h" | 10 #include "core/frame/csp/SourceListDirective.h" |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
71 SecurityViolationReportingPolicy, | 71 SecurityViolationReportingPolicy, |
72 ContentSecurityPolicy::ExceptionStatus = | 72 ContentSecurityPolicy::ExceptionStatus = |
73 ContentSecurityPolicy::WillNotThrowException) const; | 73 ContentSecurityPolicy::WillNotThrowException) const; |
74 bool allowPluginType(const String& type, | 74 bool allowPluginType(const String& type, |
75 const String& typeAttribute, | 75 const String& typeAttribute, |
76 const KURL&, | 76 const KURL&, |
77 SecurityViolationReportingPolicy) const; | 77 SecurityViolationReportingPolicy) const; |
78 | 78 |
79 bool allowScriptFromSource(const KURL&, | 79 bool allowScriptFromSource(const KURL&, |
80 const String& nonce, | 80 const String& nonce, |
| 81 const IntegrityMetadataSet& hashes, |
81 ParserDisposition, | 82 ParserDisposition, |
82 ResourceRequest::RedirectStatus, | 83 ResourceRequest::RedirectStatus, |
83 SecurityViolationReportingPolicy) const; | 84 SecurityViolationReportingPolicy) const; |
84 bool allowStyleFromSource(const KURL&, | 85 bool allowStyleFromSource(const KURL&, |
85 const String& nonce, | 86 const String& nonce, |
86 ResourceRequest::RedirectStatus, | 87 ResourceRequest::RedirectStatus, |
87 SecurityViolationReportingPolicy) const; | 88 SecurityViolationReportingPolicy) const; |
88 | 89 |
89 bool allowObjectFromSource(const KURL&, | 90 bool allowObjectFromSource(const KURL&, |
90 ResourceRequest::RedirectStatus, | 91 ResourceRequest::RedirectStatus, |
(...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
234 const String& directiveText, | 235 const String& directiveText, |
235 const ContentSecurityPolicy::DirectiveType&, | 236 const ContentSecurityPolicy::DirectiveType&, |
236 const String& message, | 237 const String& message, |
237 const KURL& blockedURL, | 238 const KURL& blockedURL, |
238 ScriptState*, | 239 ScriptState*, |
239 const ContentSecurityPolicy::ExceptionStatus) const; | 240 const ContentSecurityPolicy::ExceptionStatus) const; |
240 | 241 |
241 bool checkEval(SourceListDirective*) const; | 242 bool checkEval(SourceListDirective*) const; |
242 bool checkDynamic(SourceListDirective*) const; | 243 bool checkDynamic(SourceListDirective*) const; |
243 bool isMatchingNoncePresent(SourceListDirective*, const String&) const; | 244 bool isMatchingNoncePresent(SourceListDirective*, const String&) const; |
| 245 bool areAllMatchingHashesPresent(SourceListDirective*, |
| 246 const IntegrityMetadataSet&) const; |
244 bool checkHash(SourceListDirective*, const CSPHashValue&) const; | 247 bool checkHash(SourceListDirective*, const CSPHashValue&) const; |
245 bool checkHashedAttributes(SourceListDirective*) const; | 248 bool checkHashedAttributes(SourceListDirective*) const; |
246 bool checkSource(SourceListDirective*, | 249 bool checkSource(SourceListDirective*, |
247 const KURL&, | 250 const KURL&, |
248 ResourceRequest::RedirectStatus) const; | 251 ResourceRequest::RedirectStatus) const; |
249 bool checkMediaType(MediaListDirective*, | 252 bool checkMediaType(MediaListDirective*, |
250 const String& type, | 253 const String& type, |
251 const String& typeAttribute) const; | 254 const String& typeAttribute) const; |
252 bool checkAncestors(SourceListDirective*, LocalFrame*) const; | 255 bool checkAncestors(SourceListDirective*, LocalFrame*) const; |
253 bool checkRequestWithoutIntegrity(WebURLRequest::RequestContext) const; | 256 bool checkRequestWithoutIntegrity(WebURLRequest::RequestContext) const; |
(...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
334 uint8_t m_requireSRIFor; | 337 uint8_t m_requireSRIFor; |
335 | 338 |
336 Vector<String> m_reportEndpoints; | 339 Vector<String> m_reportEndpoints; |
337 | 340 |
338 String m_evalDisabledErrorMessage; | 341 String m_evalDisabledErrorMessage; |
339 }; | 342 }; |
340 | 343 |
341 } // namespace blink | 344 } // namespace blink |
342 | 345 |
343 #endif | 346 #endif |
OLD | NEW |