| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "core/frame/csp/ContentSecurityPolicy.h" | 5 #include "core/frame/csp/ContentSecurityPolicy.h" |
| 6 | 6 |
| 7 #include "core/dom/Document.h" | 7 #include "core/dom/Document.h" |
| 8 #include "core/frame/csp/CSPDirectiveList.h" | 8 #include "core/frame/csp/CSPDirectiveList.h" |
| 9 #include "core/html/HTMLScriptElement.h" | 9 #include "core/html/HTMLScriptElement.h" |
| 10 #include "core/loader/DocumentLoader.h" | 10 #include "core/loader/DocumentLoader.h" |
| (...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 123 csp->didReceiveHeader("img-src http://example.com", | 123 csp->didReceiveHeader("img-src http://example.com", |
| 124 ContentSecurityPolicyHeaderTypeReport, | 124 ContentSecurityPolicyHeaderTypeReport, |
| 125 ContentSecurityPolicyHeaderSourceHTTP); | 125 ContentSecurityPolicyHeaderSourceHTTP); |
| 126 | 126 |
| 127 KURL exampleUrl(KURL(), "http://example.com"); | 127 KURL exampleUrl(KURL(), "http://example.com"); |
| 128 KURL notExampleUrl(KURL(), "http://not-example.com"); | 128 KURL notExampleUrl(KURL(), "http://not-example.com"); |
| 129 | 129 |
| 130 ContentSecurityPolicy* csp2 = ContentSecurityPolicy::create(); | 130 ContentSecurityPolicy* csp2 = ContentSecurityPolicy::create(); |
| 131 csp2->copyStateFrom(csp.get()); | 131 csp2->copyStateFrom(csp.get()); |
| 132 EXPECT_FALSE(csp2->allowScriptFromSource( | 132 EXPECT_FALSE(csp2->allowScriptFromSource( |
| 133 exampleUrl, String(), ParserInserted, | 133 exampleUrl, String(), IntegrityMetadataSet(), ParserInserted, |
| 134 ResourceRequest::RedirectStatus::NoRedirect, | 134 ResourceRequest::RedirectStatus::NoRedirect, |
| 135 SecurityViolationReportingPolicy::SuppressReporting)); | 135 SecurityViolationReportingPolicy::SuppressReporting)); |
| 136 EXPECT_TRUE(csp2->allowPluginType( | 136 EXPECT_TRUE(csp2->allowPluginType( |
| 137 "application/x-type-1", "application/x-type-1", exampleUrl, | 137 "application/x-type-1", "application/x-type-1", exampleUrl, |
| 138 SecurityViolationReportingPolicy::SuppressReporting)); | 138 SecurityViolationReportingPolicy::SuppressReporting)); |
| 139 EXPECT_TRUE(csp2->allowImageFromSource( | 139 EXPECT_TRUE(csp2->allowImageFromSource( |
| 140 exampleUrl, ResourceRequest::RedirectStatus::NoRedirect, | 140 exampleUrl, ResourceRequest::RedirectStatus::NoRedirect, |
| 141 SecurityViolationReportingPolicy::SuppressReporting)); | 141 SecurityViolationReportingPolicy::SuppressReporting)); |
| 142 EXPECT_FALSE(csp2->allowImageFromSource( | 142 EXPECT_FALSE(csp2->allowImageFromSource( |
| 143 notExampleUrl, ResourceRequest::RedirectStatus::NoRedirect, | 143 notExampleUrl, ResourceRequest::RedirectStatus::NoRedirect, |
| (...skipping 10 matching lines...) Expand all Loading... |
| 154 csp->didReceiveHeader("img-src http://example.com", | 154 csp->didReceiveHeader("img-src http://example.com", |
| 155 ContentSecurityPolicyHeaderTypeEnforce, | 155 ContentSecurityPolicyHeaderTypeEnforce, |
| 156 ContentSecurityPolicyHeaderSourceHTTP); | 156 ContentSecurityPolicyHeaderSourceHTTP); |
| 157 | 157 |
| 158 KURL exampleUrl(KURL(), "http://example.com"); | 158 KURL exampleUrl(KURL(), "http://example.com"); |
| 159 KURL notExampleUrl(KURL(), "http://not-example.com"); | 159 KURL notExampleUrl(KURL(), "http://not-example.com"); |
| 160 | 160 |
| 161 ContentSecurityPolicy* csp2 = ContentSecurityPolicy::create(); | 161 ContentSecurityPolicy* csp2 = ContentSecurityPolicy::create(); |
| 162 csp2->copyPluginTypesFrom(csp.get()); | 162 csp2->copyPluginTypesFrom(csp.get()); |
| 163 EXPECT_TRUE(csp2->allowScriptFromSource( | 163 EXPECT_TRUE(csp2->allowScriptFromSource( |
| 164 exampleUrl, String(), ParserInserted, | 164 exampleUrl, String(), IntegrityMetadataSet(), ParserInserted, |
| 165 ResourceRequest::RedirectStatus::NoRedirect, | 165 ResourceRequest::RedirectStatus::NoRedirect, |
| 166 SecurityViolationReportingPolicy::SuppressReporting)); | 166 SecurityViolationReportingPolicy::SuppressReporting)); |
| 167 EXPECT_TRUE(csp2->allowPluginType( | 167 EXPECT_TRUE(csp2->allowPluginType( |
| 168 "application/x-type-1", "application/x-type-1", exampleUrl, | 168 "application/x-type-1", "application/x-type-1", exampleUrl, |
| 169 SecurityViolationReportingPolicy::SuppressReporting)); | 169 SecurityViolationReportingPolicy::SuppressReporting)); |
| 170 EXPECT_TRUE(csp2->allowImageFromSource( | 170 EXPECT_TRUE(csp2->allowImageFromSource( |
| 171 exampleUrl, ResourceRequest::RedirectStatus::NoRedirect, | 171 exampleUrl, ResourceRequest::RedirectStatus::NoRedirect, |
| 172 SecurityViolationReportingPolicy::SuppressReporting)); | 172 SecurityViolationReportingPolicy::SuppressReporting)); |
| 173 EXPECT_TRUE(csp2->allowImageFromSource( | 173 EXPECT_TRUE(csp2->allowImageFromSource( |
| 174 notExampleUrl, ResourceRequest::RedirectStatus::NoRedirect, | 174 notExampleUrl, ResourceRequest::RedirectStatus::NoRedirect, |
| (...skipping 480 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 655 | 655 |
| 656 unsigned expectedReports = test.allowed ? 0u : 1u; | 656 unsigned expectedReports = test.allowed ? 0u : 1u; |
| 657 | 657 |
| 658 // Single enforce-mode policy should match `test.expected`: | 658 // Single enforce-mode policy should match `test.expected`: |
| 659 Persistent<ContentSecurityPolicy> policy = ContentSecurityPolicy::create(); | 659 Persistent<ContentSecurityPolicy> policy = ContentSecurityPolicy::create(); |
| 660 policy->bindToExecutionContext(document.get()); | 660 policy->bindToExecutionContext(document.get()); |
| 661 policy->didReceiveHeader(test.policy, | 661 policy->didReceiveHeader(test.policy, |
| 662 ContentSecurityPolicyHeaderTypeEnforce, | 662 ContentSecurityPolicyHeaderTypeEnforce, |
| 663 ContentSecurityPolicyHeaderSourceHTTP); | 663 ContentSecurityPolicyHeaderSourceHTTP); |
| 664 EXPECT_EQ(test.allowed, policy->allowScriptFromSource( | 664 EXPECT_EQ(test.allowed, policy->allowScriptFromSource( |
| 665 resource, String(test.nonce), ParserInserted)); | 665 resource, String(test.nonce), |
| 666 IntegrityMetadataSet(), ParserInserted)); |
| 666 // If this is expected to generate a violation, we should have sent a | 667 // If this is expected to generate a violation, we should have sent a |
| 667 // report. | 668 // report. |
| 668 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 669 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
| 669 | 670 |
| 670 // Single report-mode policy should always be `true`: | 671 // Single report-mode policy should always be `true`: |
| 671 policy = ContentSecurityPolicy::create(); | 672 policy = ContentSecurityPolicy::create(); |
| 672 policy->bindToExecutionContext(document.get()); | 673 policy->bindToExecutionContext(document.get()); |
| 673 policy->didReceiveHeader(test.policy, ContentSecurityPolicyHeaderTypeReport, | 674 policy->didReceiveHeader(test.policy, ContentSecurityPolicyHeaderTypeReport, |
| 674 ContentSecurityPolicyHeaderSourceHTTP); | 675 ContentSecurityPolicyHeaderSourceHTTP); |
| 675 EXPECT_TRUE(policy->allowScriptFromSource(resource, String(test.nonce), | 676 EXPECT_TRUE(policy->allowScriptFromSource( |
| 676 ParserInserted)); | 677 resource, String(test.nonce), IntegrityMetadataSet(), ParserInserted)); |
| 677 // If this is expected to generate a violation, we should have sent a | 678 // If this is expected to generate a violation, we should have sent a |
| 678 // report, even though we don't deny access in `allowScriptFromSource`: | 679 // report, even though we don't deny access in `allowScriptFromSource`: |
| 679 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 680 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
| 680 } | 681 } |
| 681 } | 682 } |
| 682 | 683 |
| 683 TEST_F(ContentSecurityPolicyTest, NonceInline) { | 684 TEST_F(ContentSecurityPolicyTest, NonceInline) { |
| 684 struct TestCase { | 685 struct TestCase { |
| 685 const char* policy; | 686 const char* policy; |
| 686 const char* nonce; | 687 const char* nonce; |
| (...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 808 // Enforce / Report | 809 // Enforce / Report |
| 809 Persistent<ContentSecurityPolicy> policy = ContentSecurityPolicy::create(); | 810 Persistent<ContentSecurityPolicy> policy = ContentSecurityPolicy::create(); |
| 810 policy->bindToExecutionContext(document.get()); | 811 policy->bindToExecutionContext(document.get()); |
| 811 policy->didReceiveHeader(test.policy1, | 812 policy->didReceiveHeader(test.policy1, |
| 812 ContentSecurityPolicyHeaderTypeEnforce, | 813 ContentSecurityPolicyHeaderTypeEnforce, |
| 813 ContentSecurityPolicyHeaderSourceHTTP); | 814 ContentSecurityPolicyHeaderSourceHTTP); |
| 814 policy->didReceiveHeader(test.policy2, | 815 policy->didReceiveHeader(test.policy2, |
| 815 ContentSecurityPolicyHeaderTypeReport, | 816 ContentSecurityPolicyHeaderTypeReport, |
| 816 ContentSecurityPolicyHeaderSourceHTTP); | 817 ContentSecurityPolicyHeaderSourceHTTP); |
| 817 EXPECT_EQ(test.allowed1, policy->allowScriptFromSource( | 818 EXPECT_EQ(test.allowed1, policy->allowScriptFromSource( |
| 818 resource, String(test.nonce), ParserInserted)); | 819 resource, String(test.nonce), |
| 820 IntegrityMetadataSet(), ParserInserted)); |
| 819 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 821 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
| 820 | 822 |
| 821 // Report / Enforce | 823 // Report / Enforce |
| 822 policy = ContentSecurityPolicy::create(); | 824 policy = ContentSecurityPolicy::create(); |
| 823 policy->bindToExecutionContext(document.get()); | 825 policy->bindToExecutionContext(document.get()); |
| 824 policy->didReceiveHeader(test.policy1, | 826 policy->didReceiveHeader(test.policy1, |
| 825 ContentSecurityPolicyHeaderTypeReport, | 827 ContentSecurityPolicyHeaderTypeReport, |
| 826 ContentSecurityPolicyHeaderSourceHTTP); | 828 ContentSecurityPolicyHeaderSourceHTTP); |
| 827 policy->didReceiveHeader(test.policy2, | 829 policy->didReceiveHeader(test.policy2, |
| 828 ContentSecurityPolicyHeaderTypeEnforce, | 830 ContentSecurityPolicyHeaderTypeEnforce, |
| 829 ContentSecurityPolicyHeaderSourceHTTP); | 831 ContentSecurityPolicyHeaderSourceHTTP); |
| 830 EXPECT_EQ(test.allowed2, policy->allowScriptFromSource( | 832 EXPECT_EQ(test.allowed2, policy->allowScriptFromSource( |
| 831 resource, String(test.nonce), ParserInserted)); | 833 resource, String(test.nonce), |
| 834 IntegrityMetadataSet(), ParserInserted)); |
| 832 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 835 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
| 833 | 836 |
| 834 // Enforce / Enforce | 837 // Enforce / Enforce |
| 835 policy = ContentSecurityPolicy::create(); | 838 policy = ContentSecurityPolicy::create(); |
| 836 policy->bindToExecutionContext(document.get()); | 839 policy->bindToExecutionContext(document.get()); |
| 837 policy->didReceiveHeader(test.policy1, | 840 policy->didReceiveHeader(test.policy1, |
| 838 ContentSecurityPolicyHeaderTypeEnforce, | 841 ContentSecurityPolicyHeaderTypeEnforce, |
| 839 ContentSecurityPolicyHeaderSourceHTTP); | 842 ContentSecurityPolicyHeaderSourceHTTP); |
| 840 policy->didReceiveHeader(test.policy2, | 843 policy->didReceiveHeader(test.policy2, |
| 841 ContentSecurityPolicyHeaderTypeEnforce, | 844 ContentSecurityPolicyHeaderTypeEnforce, |
| 842 ContentSecurityPolicyHeaderSourceHTTP); | 845 ContentSecurityPolicyHeaderSourceHTTP); |
| 843 EXPECT_EQ(test.allowed1 && test.allowed2, | 846 EXPECT_EQ( |
| 844 policy->allowScriptFromSource(resource, String(test.nonce), | 847 test.allowed1 && test.allowed2, |
| 845 ParserInserted)); | 848 policy->allowScriptFromSource(resource, String(test.nonce), |
| 849 IntegrityMetadataSet(), ParserInserted)); |
| 846 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 850 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
| 847 | 851 |
| 848 // Report / Report | 852 // Report / Report |
| 849 policy = ContentSecurityPolicy::create(); | 853 policy = ContentSecurityPolicy::create(); |
| 850 policy->bindToExecutionContext(document.get()); | 854 policy->bindToExecutionContext(document.get()); |
| 851 policy->didReceiveHeader(test.policy1, | 855 policy->didReceiveHeader(test.policy1, |
| 852 ContentSecurityPolicyHeaderTypeReport, | 856 ContentSecurityPolicyHeaderTypeReport, |
| 853 ContentSecurityPolicyHeaderSourceHTTP); | 857 ContentSecurityPolicyHeaderSourceHTTP); |
| 854 policy->didReceiveHeader(test.policy2, | 858 policy->didReceiveHeader(test.policy2, |
| 855 ContentSecurityPolicyHeaderTypeReport, | 859 ContentSecurityPolicyHeaderTypeReport, |
| 856 ContentSecurityPolicyHeaderSourceHTTP); | 860 ContentSecurityPolicyHeaderSourceHTTP); |
| 857 EXPECT_TRUE(policy->allowScriptFromSource(resource, String(test.nonce), | 861 EXPECT_TRUE(policy->allowScriptFromSource( |
| 858 ParserInserted)); | 862 resource, String(test.nonce), IntegrityMetadataSet(), ParserInserted)); |
| 859 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 863 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
| 860 } | 864 } |
| 861 } | 865 } |
| 862 | 866 |
| 863 TEST_F(ContentSecurityPolicyTest, ShouldEnforceEmbeddersPolicy) { | 867 TEST_F(ContentSecurityPolicyTest, ShouldEnforceEmbeddersPolicy) { |
| 864 struct TestCase { | 868 struct TestCase { |
| 865 const char* resourceURL; | 869 const char* resourceURL; |
| 866 const bool inherits; | 870 const bool inherits; |
| 867 } cases[] = { | 871 } cases[] = { |
| 868 // Same-origin | 872 // Same-origin |
| (...skipping 243 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1112 String(), IntegrityMetadataSet(), | 1116 String(), IntegrityMetadataSet(), |
| 1113 ParserInserted, | 1117 ParserInserted, |
| 1114 ResourceRequest::RedirectStatus::NoRedirect, | 1118 ResourceRequest::RedirectStatus::NoRedirect, |
| 1115 SecurityViolationReportingPolicy::SuppressReport
ing)); | 1119 SecurityViolationReportingPolicy::SuppressReport
ing)); |
| 1116 | 1120 |
| 1117 SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy( | 1121 SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy( |
| 1118 "https"); | 1122 "https"); |
| 1119 } | 1123 } |
| 1120 | 1124 |
| 1121 } // namespace blink | 1125 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2784753003:
CSP: Enable whitelisting of external JavaScript via hashes (Closed)
