third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp - Issue 2896833002: Added validation of the policy specified in the 'csp' attribute

Unified Diff: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

Issue 2896833002: Added validation of the policy specified in the 'csp' attribute (Closed)

Patch Set: Fixed incomplete validation. Added more tests inspired by existing source parsing tests. Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h ('K') | « third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h ('k') | third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp » ('j') | third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

index 529501b3539cd032b119e70c16308485b2786b98..acafa635ec532111a2d4c67e7ff401908b706620 100644

--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

@@ -148,14 +148,17 @@ static UseCounter::Feature GetUseCounterType(

return UseCounter::kNumberOfFeatures;

}

-ContentSecurityPolicy::ContentSecurityPolicy()

+ContentSecurityPolicy::ContentSecurityPolicy(

+ SecurityViolationReportingPolicy reporting_policy)

: execution_context_(nullptr),

override_inline_style_allowed_(false),

+ reporting_policy_(reporting_policy),

script_hash_algorithms_used_(kContentSecurityPolicyHashAlgorithmNone),

style_hash_algorithms_used_(kContentSecurityPolicyHashAlgorithmNone),

sandbox_mask_(0),

treat_as_public_address_(false),

- insecure_request_policy_(kLeaveInsecureRequestsAlone) {}

+ insecure_request_policy_(kLeaveInsecureRequestsAlone),

+ is_valid(true) {}

void ContentSecurityPolicy::BindToExecutionContext(

ExecutionContext* execution_context) {

@@ -1228,6 +1231,8 @@ void ContentSecurityPolicy::PostViolationReport(

const SecurityPolicyViolationEventInit& violation_data,

LocalFrame* context_frame,

const Vector<String>& report_endpoints) {

+ if (reporting_policy_ == SecurityViolationReportingPolicy::kSuppressReporting)

+ return;

// We need to be careful here when deciding what information to send to the

// report-uri. Currently, we send only the current document's URL and the

// directive that was violated. The document's URL is safe to send because

@@ -1509,11 +1514,17 @@ void ContentSecurityPolicy::ReportMissingReportURI(const String& policy) {

void ContentSecurityPolicy::LogToConsole(const String& message,

MessageLevel level) {

+ is_valid = false;

+ if (reporting_policy_ == SecurityViolationReportingPolicy::kSuppressReporting)

+ return;

LogToConsole(ConsoleMessage::Create(kSecurityMessageSource, level, message));

}

void ContentSecurityPolicy::LogToConsole(ConsoleMessage* console_message,

LocalFrame* frame) {

+ is_valid = false;

+ if (reporting_policy_ == SecurityViolationReportingPolicy::kSuppressReporting)

+ return;

if (frame)

frame->GetDocument()->AddConsoleMessage(console_message);

else if (execution_context_)

@@ -1569,7 +1580,9 @@ bool ContentSecurityPolicy::ShouldSendViolationReport(

const String& report) const {

// Collisions have no security impact, so we can save space by storing only

// the string's hash rather than the whole report.

- return !violation_reports_sent_.Contains(report.Impl()->GetHash());

+ return reporting_policy_ !=

+ SecurityViolationReportingPolicy::kSuppressReporting &&

+ !violation_reports_sent_.Contains(report.Impl()->GetHash());

}

void ContentSecurityPolicy::DidSendViolationReport(const String& report) {