OLD | NEW |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_DIRECTIVE_ | 5 #ifndef CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_DIRECTIVE_ |
6 #define CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_DIRECTIVE_ | 6 #define CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_DIRECTIVE_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 #include "content/common/content_export.h" | 9 #include "content/common/content_export.h" |
10 #include "content/common/content_security_policy/csp_source_list.h" | 10 #include "content/common/content_security_policy/csp_source_list.h" |
11 | 11 |
12 namespace content { | 12 namespace content { |
13 | 13 |
14 // CSPDirective contains a set of allowed sources for a given Content Security | 14 // CSPDirective contains a set of allowed sources for a given Content Security |
15 // Policy directive. | 15 // Policy directive. |
16 // | 16 // |
17 // For example, the Content Security Policy `default-src img.cdn.com | 17 // For example, the Content Security Policy `default-src img.cdn.com |
18 // example.com` would produce a CSPDirective object whose 'name' is | 18 // example.com` would produce a CSPDirective object whose 'name' is |
19 // 'DefaultSrc', and whose 'source_list' contains two CSPSourceExpressions | 19 // 'DefaultSrc', and whose 'source_list' contains two CSPSourceExpressions |
20 // representing 'img.cdn.com' and 'example.com' respectively. | 20 // representing 'img.cdn.com' and 'example.com' respectively. |
21 // | 21 // |
22 // https://w3c.github.io/webappsec-csp/#framework-directives | 22 // https://w3c.github.io/webappsec-csp/#framework-directives |
23 struct CONTENT_EXPORT CSPDirective { | 23 struct CONTENT_EXPORT CSPDirective { |
24 enum Name { | 24 enum Name { |
25 DefaultSrc, | 25 DefaultSrc, |
26 ChildSrc, | 26 ChildSrc, |
27 FrameSrc, | 27 FrameSrc, |
28 FormAction, | 28 FormAction, |
| 29 UpgradeInsecureRequests, |
29 | 30 |
30 Unknown, | 31 Unknown, |
31 NameLast = Unknown, | 32 NameLast = Unknown, |
32 }; | 33 }; |
33 | 34 |
34 static std::string NameToString(Name name); | 35 static std::string NameToString(Name name); |
35 static Name StringToName(const std::string& name); | 36 static Name StringToName(const std::string& name); |
36 | 37 |
37 CSPDirective(); | 38 CSPDirective(); |
38 CSPDirective(Name name, const CSPSourceList& source_list); | 39 CSPDirective(Name name, const CSPSourceList& source_list); |
39 CSPDirective(const CSPDirective&); | 40 CSPDirective(const CSPDirective&); |
40 | 41 |
41 Name name; | 42 Name name; |
42 CSPSourceList source_list; | 43 CSPSourceList source_list; |
43 | 44 |
44 std::string ToString() const; | 45 std::string ToString() const; |
45 }; | 46 }; |
46 | 47 |
47 } // namespace content | 48 } // namespace content |
48 #endif // CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_DIRECTIVE_ | 49 #endif // CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_DIRECTIVE_ |
OLD | NEW |