OLD | NEW |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/common/content_security_policy/csp_context.h" | 5 #include "content/common/content_security_policy/csp_context.h" |
6 | 6 |
7 namespace content { | 7 namespace content { |
8 | 8 |
9 namespace { | 9 namespace { |
10 | 10 |
11 bool AllowFromSources(const GURL& url, | 11 bool AllowFromSources(const GURL& url, |
12 const std::vector<CSPSource>& sources, | 12 const std::vector<CSPSource>& sources, |
13 CSPContext* context, | 13 CSPContext* context, |
14 bool is_redirect) { | 14 bool is_redirect) { |
15 for (const CSPSource& source : sources) { | 15 for (const CSPSource& source : sources) { |
16 if (CSPSource::Allow(source, url, context, is_redirect)) | 16 if (CSPSource::Allow(source, url, context, is_redirect)) |
17 return true; | 17 return true; |
18 } | 18 } |
19 return false; | 19 return false; |
20 } | 20 } |
21 | 21 |
22 }; // namespace | 22 }; // namespace |
23 | 23 |
24 CSPSourceList::CSPSourceList() | 24 CSPSourceList::CSPSourceList() |
25 : allow_self(false), allow_star(false), sources() {} | 25 : allow_self(false), allow_star(false), sources() {} |
26 | 26 |
27 CSPSourceList::CSPSourceList(bool allow_self, | 27 CSPSourceList::CSPSourceList(bool allow_self, |
28 bool allow_star, | 28 bool allow_star, |
29 std::vector<CSPSource> sources) | 29 std::vector<CSPSource> sources) |
30 : allow_self(allow_self), allow_star(allow_star), sources(sources) { | 30 : allow_self(allow_self), allow_star(allow_star), sources(sources) {} |
31 // When the '*' source is used, it must be the only one. | |
32 DCHECK(!allow_star || (!allow_self && sources.empty())); | |
33 } | |
34 | 31 |
35 CSPSourceList::CSPSourceList(const CSPSourceList&) = default; | 32 CSPSourceList::CSPSourceList(const CSPSourceList&) = default; |
36 CSPSourceList::~CSPSourceList() = default; | 33 CSPSourceList::~CSPSourceList() = default; |
37 | 34 |
38 // static | 35 // static |
39 bool CSPSourceList::Allow(const CSPSourceList& source_list, | 36 bool CSPSourceList::Allow(const CSPSourceList& source_list, |
40 const GURL& url, | 37 const GURL& url, |
41 CSPContext* context, | 38 CSPContext* context, |
42 bool is_redirect) { | 39 bool is_redirect) { |
43 // Wildcards match network schemes ('http', 'https', 'ftp', 'ws', 'wss'), and | 40 // Wildcards match network schemes ('http', 'https', 'ftp', 'ws', 'wss'), and |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
84 } | 81 } |
85 | 82 |
86 return text.str(); | 83 return text.str(); |
87 } | 84 } |
88 | 85 |
89 bool CSPSourceList::IsNone() const { | 86 bool CSPSourceList::IsNone() const { |
90 return !allow_self && !allow_star && sources.empty(); | 87 return !allow_self && !allow_star && sources.empty(); |
91 } | 88 } |
92 | 89 |
93 } // namespace content | 90 } // namespace content |
OLD | NEW |