| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_ | 5 #ifndef CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_ |
| 6 #define CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_ | 6 #define CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_ |
| 7 | 7 |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "content/common/content_export.h" | 10 #include "content/common/content_export.h" |
| (...skipping 22 matching lines...) Expand all Loading... |
| 33 // * triggering the "SecurityPolicyViolation" javascript event. | 33 // * triggering the "SecurityPolicyViolation" javascript event. |
| 34 // * sending a JSON report to any uri defined with the "report-uri" directive. | 34 // * sending a JSON report to any uri defined with the "report-uri" directive. |
| 35 // Returns true when the request can proceed, false otherwise. | 35 // Returns true when the request can proceed, false otherwise. |
| 36 bool IsAllowedByCsp(CSPDirective::Name directive_name, | 36 bool IsAllowedByCsp(CSPDirective::Name directive_name, |
| 37 const GURL& url, | 37 const GURL& url, |
| 38 bool is_redirect, | 38 bool is_redirect, |
| 39 const SourceLocation& source_location); | 39 const SourceLocation& source_location); |
| 40 | 40 |
| 41 void SetSelf(const url::Origin origin); | 41 void SetSelf(const url::Origin origin); |
| 42 bool AllowSelf(const GURL& url); | 42 bool AllowSelf(const GURL& url); |
| 43 bool ProtocolMatchesSelf(const GURL& url); | 43 bool ProtocolIsSelf(const GURL& url); |
| 44 const std::string& GetSelfScheme(); |
| 44 | 45 |
| 45 virtual void ReportContentSecurityPolicyViolation( | 46 virtual void ReportContentSecurityPolicyViolation( |
| 46 const CSPViolationParams& violation_params); | 47 const CSPViolationParams& violation_params); |
| 47 | 48 |
| 48 bool SelfSchemeShouldBypassCsp(); | 49 bool SelfSchemeShouldBypassCsp(); |
| 49 | 50 |
| 50 void ResetContentSecurityPolicies() { policies_.clear(); } | 51 void ResetContentSecurityPolicies() { policies_.clear(); } |
| 51 void AddContentSecurityPolicy(const ContentSecurityPolicy& policy) { | 52 void AddContentSecurityPolicy(const ContentSecurityPolicy& policy) { |
| 52 policies_.push_back(policy); | 53 policies_.push_back(policy); |
| 53 } | 54 } |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 105 | 106 |
| 106 // Whether or not the violation happens after a redirect. | 107 // Whether or not the violation happens after a redirect. |
| 107 bool after_redirect; | 108 bool after_redirect; |
| 108 | 109 |
| 109 // The source code location that triggered the blocked navigation. | 110 // The source code location that triggered the blocked navigation. |
| 110 SourceLocation source_location; | 111 SourceLocation source_location; |
| 111 }; | 112 }; |
| 112 | 113 |
| 113 } // namespace content | 114 } // namespace content |
| 114 #endif // CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_ | 115 #endif // CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2797183002:
CSP: Allow secure upgrade from an explicitly insecure expression. (Closed)
