Added validation of the policy specified in the 'csp' attribute

third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp

 /*
  * Copyright (C) 1999 Lars Knoll (knoll@kde.org)
  *           (C) 1999 Antti Koivisto (koivisto@kde.org)
  *           (C) 2000 Simon Hausmann (hausmann@kde.org)
  *           (C) 2001 Dirk Mueller (mueller@kde.org)
  * Copyright (C) 2004, 2006, 2008, 2009 Apple Inc. All rights reserved.
  * Copyright (C) 2009 Ericsson AB. All rights reserved.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Library General Public
  * License as published by the Free Software Foundation; either
  * version 2 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * Library General Public License for more details.
  *
  * You should have received a copy of the GNU Library General Public License
  * along with this library; see the file COPYING.LIB.  If not, write to
  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
  * Boston, MA 02110-1301, USA.
  */
 
 #include "core/html/HTMLIFrameElement.h"
 
 #include "core/CSSPropertyNames.h"
 #include "core/HTMLNames.h"
 #include "core/frame/UseCounter.h"
+#include "core/frame/csp/CSPDirectiveList.h"
 #include "core/html/HTMLDocument.h"
 #include "core/inspector/ConsoleMessage.h"
 #include "core/layout/LayoutIFrame.h"
 #include "platform/RuntimeEnabledFeatures.h"
 
 namespace blink {
 
 using namespace HTMLNames;
 
 inline HTMLIFrameElement::HTMLIFrameElement(Document& document)
@@ skipping 120 matching lines @@
     }
   } else if (name == allowpaymentrequestAttr) {
     bool old_allow_payment_request = allow_payment_request_;
     allow_payment_request_ = !value.IsNull();
     if (allow_payment_request_ != old_allow_payment_request) {
       FrameOwnerPropertiesChanged();
       UpdateContainerPolicy();
     }
   } else if (RuntimeEnabledFeatures::embedderCSPEnforcementEnabled() &&
              name == cspAttr) {
-    // TODO(amalika): add more robust validation of the value
-    if (!value.GetString().ContainsOnlyASCII()) {
+    if (!CSPDirectiveList::IsValid(

[Mike West, 2017/05/29 07:46:21]

If you have a method on `ContentSecurityPolicy` itself, why do you need to
expose/use the version on CSPDirectiveList?

+            value.GetString(),
+            ContentSecurityPolicyHeaderType::
+                kContentSecurityPolicyHeaderTypeEnforce,
+            ContentSecurityPolicyHeaderSource::
+                kContentSecurityPolicyHeaderSourceHTTP)) {
       csp_ = g_null_atom;
       GetDocument().AddConsoleMessage(ConsoleMessage::Create(
           kOtherMessageSource, kErrorMessageLevel,
-          "'csp' attribute contains non-ASCII characters: " + value));
+          "'csp' attribute is not a valid policy: " + value));
       return;
     }
     AtomicString old_csp = csp_;
     csp_ = value;
     if (csp_ != old_csp)
       FrameOwnerPropertiesChanged();
   } else if (RuntimeEnabledFeatures::featurePolicyEnabled() &&
              name == allowAttr) {
     allow_->DidUpdateAttributeValue(params.old_value, value);
     String invalid_tokens;
@@ skipping 47 matching lines @@
 
 void HTMLIFrameElement::AllowValueWasSet(const AtomicString& value) {
   setAttribute(allowAttr, value);
 }
 
 ReferrerPolicy HTMLIFrameElement::ReferrerPolicyAttribute() {
   return referrer_policy_;
 }
 
 }  // namespace blink