Added validation of the policy specified in the 'csp' attribute

third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "core/frame/csp/CSPDirectiveList.h"
 
 #include "bindings/core/v8/SourceLocation.h"
 #include "core/dom/Document.h"
 #include "core/dom/SecurityContext.h"
 #include "core/dom/SpaceSplitString.h"
@@ skipping 939 matching lines @@
 
   if (begin == end)
     return;
 
   const UChar* position = begin;
   while (position < end) {
     const UChar* directive_begin = position;
     skipUntil<UChar>(position, end, ';');
 
     String name, value;
-    if (ParseDirective(directive_begin, position, name, value)) {
+    if (ParseDirective(directive_begin, position, name, value, policy_)) {
       DCHECK(!name.IsEmpty());
       AddDirective(name, value);
     }
 
     DCHECK(position == end || *position == ';');
     skipExactly<UChar>(position, end, ';');
   }
 }
 
+// static
+bool CSPDirectiveList::IsValid(const String& directive_list) {
+  Vector<UChar> characters;
+  directive_list.AppendTo(characters);
+  const UChar* begin = characters.data();
+  const UChar* end = begin + characters.size();
+
+  return IsValid(begin, end);
+}
+
+// static
+bool CSPDirectiveList::IsValid(const UChar* begin, const UChar* end) {
+  if (begin == end)
+    return false;
+
+  String name, value;
+  const UChar* position = begin;
+  while (position < end) {
+    const UChar* directive_begin = position;
+    skipUntil<UChar>(position, end, ';');
+
+    name = value = "";

[Mike West, 2017/05/23 19:21:36]

I don't think you actually need two strings. Something like

```
String unused;
...
if (!ParseDirective(directive_begin, position, unused, unused, nullptr))
```

should work.

[andypaicu, 2017/05/26 14:41:09]

I've modified this whole bit.

+    if (!ParseDirective(directive_begin, position, name, value, nullptr))

[Mike West, 2017/05/23 19:21:36]

This is doing to dump console messages that probably don't make sense. I'd
suggest adding something to ... oh. That's why you added the `nullptr`. I see.
Hrm. I think I'd prefer that to be an enum. You can reuse the existing
`SecurityViolationReportingPolicy` enum if you like, but that seems better to me
than passing in a policy at the other callsites.

Oh. Hrm. Nevermind. You made it static. So that doesn't work. Hrm.

Ok. I guess it's not _too_ magical. :/ Can you add a comment to the .h file so
that potential callers understand when reports are generated?

[andypaicu, 2017/05/26 14:41:09]

I've modified this whole bit.

+      return false;
+
+    if (ContentSecurityPolicy::GetDirectiveType(name) ==
+        ContentSecurityPolicy::DirectiveType::kUndefined)

[Mike West, 2017/05/23 19:21:36]

Style nit: {} after multi-line conditionals.

[andypaicu, 2017/05/26 14:41:09]

I've modified this whole bit.

+      return false;
+
+    DCHECK(position == end || *position == ';');
+    skipExactly<UChar>(position, end, ';');
+  }
+
+  return true;
+}
+
 // directive         = *WSP [ directive-name [ WSP directive-value ] ]
 // directive-name    = 1*( ALPHA / DIGIT / "-" )
 // directive-value   = *( WSP / <VCHAR except ";"> )
-//
+
+// static
 bool CSPDirectiveList::ParseDirective(const UChar* begin,
                                       const UChar* end,
                                       String& name,
-                                      String& value) {
+                                      String& value,
+                                      ContentSecurityPolicy* policy) {
   DCHECK(name.IsEmpty());
   DCHECK(value.IsEmpty());
 
   const UChar* position = begin;
   skipWhile<UChar, IsASCIISpace>(position, end);
 
   // Empty directive (e.g. ";;;"). Exit early.
   if (position == end)
     return false;
 
   const UChar* name_begin = position;
   skipWhile<UChar, IsCSPDirectiveNameCharacter>(position, end);
 
   // The directive-name must be non-empty.
   if (name_begin == position) {
     skipWhile<UChar, IsNotASCIISpace>(position, end);
-    policy_->ReportUnsupportedDirective(
-        String(name_begin, position - name_begin));
+    if (policy) {
+      policy->ReportUnsupportedDirective(
+          String(name_begin, position - name_begin));
+    }
     return false;
   }
 
   name = String(name_begin, position - name_begin);
 
   if (position == end)
     return true;
 
   if (!skipExactly<UChar, IsASCIISpace>(position, end)) {
     skipWhile<UChar, IsNotASCIISpace>(position, end);
-    policy_->ReportUnsupportedDirective(
-        String(name_begin, position - name_begin));
+    if (policy) {
+      policy->ReportUnsupportedDirective(
+          String(name_begin, position - name_begin));
+    }
     return false;
   }
 
   skipWhile<UChar, IsASCIISpace>(position, end);
 
   const UChar* value_begin = position;
   skipWhile<UChar, IsCSPDirectiveValueCharacter>(position, end);
 
   if (position != end) {
-    policy_->ReportInvalidDirectiveValueCharacter(
-        name, String(value_begin, end - value_begin));
+    if (policy) {
+      policy->ReportInvalidDirectiveValueCharacter(
+          name, String(value_begin, end - value_begin));
+    }
     return false;
   }
 
   // The directive-value may be empty.
   if (value_begin == position)
     return true;
 
   value = String(value_begin, position - value_begin);
   return true;
 }
@@ skipping 189 matching lines @@
     // TODO(mkwst) It seems unlikely that developers would use different
     // algorithms for scripts and styles. We may want to combine the
     // usesScriptHashAlgorithms() and usesStyleHashAlgorithms.
     policy_->UsesScriptHashAlgorithms(default_src_->HashAlgorithmsUsed());
     policy_->UsesStyleHashAlgorithms(default_src_->HashAlgorithmsUsed());
   } else if (type == ContentSecurityPolicy::DirectiveType::kScriptSrc) {
     SetCSPDirective<SourceListDirective>(name, value, script_src_);
     policy_->UsesScriptHashAlgorithms(script_src_->HashAlgorithmsUsed());
   } else if (type == ContentSecurityPolicy::DirectiveType::kObjectSrc) {
     SetCSPDirective<SourceListDirective>(name, value, object_src_);
-  } else if (type ==
-
-             ContentSecurityPolicy::DirectiveType::kFrameAncestors) {
+  } else if (type == ContentSecurityPolicy::DirectiveType::kFrameAncestors) {
     SetCSPDirective<SourceListDirective>(name, value, frame_ancestors_);
   } else if (type == ContentSecurityPolicy::DirectiveType::kFrameSrc) {
     SetCSPDirective<SourceListDirective>(name, value, frame_src_);
   } else if (type == ContentSecurityPolicy::DirectiveType::kImgSrc) {
     SetCSPDirective<SourceListDirective>(name, value, img_src_);
   } else if (type == ContentSecurityPolicy::DirectiveType::kStyleSrc) {
     SetCSPDirective<SourceListDirective>(name, value, style_src_);
     policy_->UsesStyleHashAlgorithms(style_src_->HashAlgorithmsUsed());
   } else if (type == ContentSecurityPolicy::DirectiveType::kFontSrc) {
     SetCSPDirective<SourceListDirective>(name, value, font_src_);
@@ skipping 177 matching lines @@
   visitor->Trace(img_src_);
   visitor->Trace(media_src_);
   visitor->Trace(manifest_src_);
   visitor->Trace(object_src_);
   visitor->Trace(script_src_);
   visitor->Trace(style_src_);
   visitor->Trace(worker_src_);
 }
 
 }  // namespace blink