Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(207)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/content_security_policy/csp_source_list.cc

Issue 2944373002: CSP: Remove wrong DCHECK in CSPSourceList (Closed)
Patch Set: Add test Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | content/common/content_security_policy/csp_source_list_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2017 The Chromium Authors. All rights reserved. 1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/common/content_security_policy/csp_context.h" 5 #include "content/common/content_security_policy/csp_context.h"
6 6
7 namespace content { 7 namespace content {
8 8
9 namespace { 9 namespace {
10 10
11 bool AllowFromSources(const GURL& url, 11 bool AllowFromSources(const GURL& url,
12 const std::vector<CSPSource>& sources, 12 const std::vector<CSPSource>& sources,
13 CSPContext* context, 13 CSPContext* context,
14 bool is_redirect) { 14 bool is_redirect) {
15 for (const CSPSource& source : sources) { 15 for (const CSPSource& source : sources) {
16 if (CSPSource::Allow(source, url, context, is_redirect)) 16 if (CSPSource::Allow(source, url, context, is_redirect))
17 return true; 17 return true;
18 } 18 }
19 return false; 19 return false;
20 } 20 }
21 21
22 }; // namespace 22 }; // namespace
23 23
24 CSPSourceList::CSPSourceList() 24 CSPSourceList::CSPSourceList()
25 : allow_self(false), allow_star(false), sources() {} 25 : allow_self(false), allow_star(false), sources() {}
26 26
27 CSPSourceList::CSPSourceList(bool allow_self, 27 CSPSourceList::CSPSourceList(bool allow_self,
28 bool allow_star, 28 bool allow_star,
29 std::vector<CSPSource> sources) 29 std::vector<CSPSource> sources)
30 : allow_self(allow_self), allow_star(allow_star), sources(sources) { 30 : allow_self(allow_self), allow_star(allow_star), sources(sources) {}
31 // When the '*' source is used, it must be the only one.
32 DCHECK(!allow_star || (!allow_self && sources.empty()));
33 }
34 31
35 CSPSourceList::CSPSourceList(const CSPSourceList&) = default; 32 CSPSourceList::CSPSourceList(const CSPSourceList&) = default;
36 CSPSourceList::~CSPSourceList() = default; 33 CSPSourceList::~CSPSourceList() = default;
37 34
38 // static 35 // static
39 bool CSPSourceList::Allow(const CSPSourceList& source_list, 36 bool CSPSourceList::Allow(const CSPSourceList& source_list,
40 const GURL& url, 37 const GURL& url,
41 CSPContext* context, 38 CSPContext* context,
42 bool is_redirect) { 39 bool is_redirect) {
43 // Wildcards match network schemes ('http', 'https', 'ftp', 'ws', 'wss'), and 40 // Wildcards match network schemes ('http', 'https', 'ftp', 'ws', 'wss'), and
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after
84 } 81 }
85 82
86 return text.str(); 83 return text.str();
87 } 84 }
88 85
89 bool CSPSourceList::IsNone() const { 86 bool CSPSourceList::IsNone() const {
90 return !allow_self && !allow_star && sources.empty(); 87 return !allow_self && !allow_star && sources.empty();
91 } 88 }
92 89
93 } // namespace content 90 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | content/common/content_security_policy/csp_source_list_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698