OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 1666 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1677 return DirectiveType::kUpgradeInsecureRequests; | 1677 return DirectiveType::kUpgradeInsecureRequests; |
1678 if (name == "worker-src") | 1678 if (name == "worker-src") |
1679 return DirectiveType::kWorkerSrc; | 1679 return DirectiveType::kWorkerSrc; |
1680 | 1680 |
1681 return DirectiveType::kUndefined; | 1681 return DirectiveType::kUndefined; |
1682 } | 1682 } |
1683 | 1683 |
1684 bool ContentSecurityPolicy::Subsumes(const ContentSecurityPolicy& other) const { | 1684 bool ContentSecurityPolicy::Subsumes(const ContentSecurityPolicy& other) const { |
1685 if (!policies_.size() || !other.policies_.size()) | 1685 if (!policies_.size() || !other.policies_.size()) |
1686 return !policies_.size(); | 1686 return !policies_.size(); |
1687 // Embedding-CSP must specify only one policy. | 1687 // Required-CSP must specify only one policy. |
1688 if (policies_.size() != 1) | 1688 if (policies_.size() != 1) |
1689 return false; | 1689 return false; |
1690 | 1690 |
1691 CSPDirectiveListVector other_vector; | 1691 CSPDirectiveListVector other_vector; |
1692 for (const auto& policy : other.policies_) { | 1692 for (const auto& policy : other.policies_) { |
1693 if (!policy->IsReportOnly()) | 1693 if (!policy->IsReportOnly()) |
1694 other_vector.push_back(policy); | 1694 other_vector.push_back(policy); |
1695 } | 1695 } |
1696 | 1696 |
1697 return policies_[0]->Subsumes(other_vector); | 1697 return policies_[0]->Subsumes(other_vector); |
1698 } | 1698 } |
1699 | 1699 |
1700 bool ContentSecurityPolicy::ShouldBypassContentSecurityPolicy( | 1700 bool ContentSecurityPolicy::ShouldBypassContentSecurityPolicy( |
1701 const KURL& url, | 1701 const KURL& url, |
1702 SchemeRegistry::PolicyAreas area) { | 1702 SchemeRegistry::PolicyAreas area) { |
1703 if (SecurityOrigin::ShouldUseInnerURL(url)) { | 1703 if (SecurityOrigin::ShouldUseInnerURL(url)) { |
1704 return SchemeRegistry::SchemeShouldBypassContentSecurityPolicy( | 1704 return SchemeRegistry::SchemeShouldBypassContentSecurityPolicy( |
1705 SecurityOrigin::ExtractInnerURL(url).Protocol(), area); | 1705 SecurityOrigin::ExtractInnerURL(url).Protocol(), area); |
1706 } else { | 1706 } else { |
1707 return SchemeRegistry::SchemeShouldBypassContentSecurityPolicy( | 1707 return SchemeRegistry::SchemeShouldBypassContentSecurityPolicy( |
1708 url.Protocol(), area); | 1708 url.Protocol(), area); |
1709 } | 1709 } |
1710 } | 1710 } |
1711 | 1711 |
1712 } // namespace blink | 1712 } // namespace blink |
OLD | NEW |