Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(103)

Side by Side Diff: Source/core/frame/csp/ContentSecurityPolicy.h

Issue 348743006: Outline ContentSecurityPolicy::document() (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2011 Google, Inc. All rights reserved. 2 * Copyright (C) 2011 Google, Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution. 11 * documentation and/or other materials provided with the distribution.
12 * 12 *
13 * THIS SOFTWARE IS PROVIDED BY GOOGLE INC. ``AS IS'' AND ANY 13 * THIS SOFTWARE IS PROVIDED BY GOOGLE INC. ``AS IS'' AND ANY
14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR 16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY 20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */ 24 */
25 25
26 #ifndef ContentSecurityPolicy_h 26 #ifndef ContentSecurityPolicy_h
27 #define ContentSecurityPolicy_h 27 #define ContentSecurityPolicy_h
28 28
29 #include "bindings/v8/ScriptState.h" 29 #include "bindings/v8/ScriptState.h"
30 #include "core/dom/Document.h"
31 #include "core/dom/ExecutionContext.h" 30 #include "core/dom/ExecutionContext.h"
32 #include "platform/network/ContentSecurityPolicyParsers.h" 31 #include "platform/network/ContentSecurityPolicyParsers.h"
33 #include "platform/network/HTTPParsers.h" 32 #include "platform/network/HTTPParsers.h"
34 #include "platform/weborigin/ReferrerPolicy.h" 33 #include "platform/weborigin/ReferrerPolicy.h"
35 #include "wtf/HashSet.h" 34 #include "wtf/HashSet.h"
36 #include "wtf/PassOwnPtr.h" 35 #include "wtf/PassOwnPtr.h"
37 #include "wtf/PassRefPtr.h" 36 #include "wtf/PassRefPtr.h"
38 #include "wtf/RefCounted.h" 37 #include "wtf/RefCounted.h"
39 #include "wtf/Vector.h" 38 #include "wtf/Vector.h"
40 #include "wtf/text/StringHash.h" 39 #include "wtf/text/StringHash.h"
41 #include "wtf/text/TextPosition.h" 40 #include "wtf/text/TextPosition.h"
42 #include "wtf/text/WTFString.h" 41 #include "wtf/text/WTFString.h"
43 42
44 namespace WTF { 43 namespace WTF {
45 class OrdinalNumber; 44 class OrdinalNumber;
46 } 45 }
47 46
48 namespace WebCore { 47 namespace WebCore {
49 48
50 class ContentSecurityPolicyResponseHeaders; 49 class ContentSecurityPolicyResponseHeaders;
51 class CSPDirectiveList; 50 class CSPDirectiveList;
52 class DOMStringList; 51 class DOMStringList;
52 class Document;
53 class JSONObject; 53 class JSONObject;
54 class KURL; 54 class KURL;
55 class SecurityOrigin; 55 class SecurityOrigin;
56 56
57 typedef int SandboxFlags; 57 typedef int SandboxFlags;
58 typedef Vector<OwnPtr<CSPDirectiveList> > CSPDirectiveListVector; 58 typedef Vector<OwnPtr<CSPDirectiveList> > CSPDirectiveListVector;
59 59
60 class ContentSecurityPolicy : public RefCounted<ContentSecurityPolicy> { 60 class ContentSecurityPolicy : public RefCounted<ContentSecurityPolicy> {
61 WTF_MAKE_FAST_ALLOCATED; 61 WTF_MAKE_FAST_ALLOCATED;
62 public: 62 public:
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after
167 void enforceSandboxFlags(SandboxFlags) const; 167 void enforceSandboxFlags(SandboxFlags) const;
168 String evalDisabledErrorMessage() const; 168 String evalDisabledErrorMessage() const;
169 169
170 bool experimentalFeaturesEnabled() const; 170 bool experimentalFeaturesEnabled() const;
171 171
172 static bool shouldBypassMainWorld(ExecutionContext*); 172 static bool shouldBypassMainWorld(ExecutionContext*);
173 173
174 static bool isDirectiveName(const String&); 174 static bool isDirectiveName(const String&);
175 175
176 ExecutionContext* executionContext() const { return m_executionContext; } 176 ExecutionContext* executionContext() const { return m_executionContext; }
177 Document* document() const { return m_executionContext->isDocument() ? toDoc ument(m_executionContext) : 0; }
178 177
179 private: 178 private:
180 explicit ContentSecurityPolicy(ExecutionContext*); 179 explicit ContentSecurityPolicy(ExecutionContext*);
181 180
181 Document* document() const;
182
182 void logToConsole(const String& message) const; 183 void logToConsole(const String& message) const;
183 void addPolicyFromHeaderValue(const String&, ContentSecurityPolicyHeaderType , ContentSecurityPolicyHeaderSource); 184 void addPolicyFromHeaderValue(const String&, ContentSecurityPolicyHeaderType , ContentSecurityPolicyHeaderSource);
184 185
185 bool shouldSendViolationReport(const String&) const; 186 bool shouldSendViolationReport(const String&) const;
186 void didSendViolationReport(const String&); 187 void didSendViolationReport(const String&);
187 188
188 ExecutionContext* m_executionContext; 189 ExecutionContext* m_executionContext;
189 bool m_overrideInlineStyleAllowed; 190 bool m_overrideInlineStyleAllowed;
190 CSPDirectiveListVector m_policies; 191 CSPDirectiveListVector m_policies;
191 192
192 HashSet<unsigned, AlreadyHashed> m_violationReportsSent; 193 HashSet<unsigned, AlreadyHashed> m_violationReportsSent;
193 194
194 // We put the hash functions used on the policy object so that we only need 195 // We put the hash functions used on the policy object so that we only need
195 // to calculate a hash once and then distribute it to all of the directives 196 // to calculate a hash once and then distribute it to all of the directives
196 // for validation. 197 // for validation.
197 uint8_t m_scriptHashAlgorithmsUsed; 198 uint8_t m_scriptHashAlgorithmsUsed;
198 uint8_t m_styleHashAlgorithmsUsed; 199 uint8_t m_styleHashAlgorithmsUsed;
199 }; 200 };
200 201
201 } 202 }
202 203
203 #endif 204 #endif
OLDNEW
« no previous file with comments | « Source/core/frame/csp/CSPDirectiveList.cpp ('k') | Source/core/frame/csp/ContentSecurityPolicy.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698