OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/site_isolation_policy.h" | 5 #include "content/child/site_isolation_policy.h" |
6 | 6 |
7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
9 #include "base/lazy_instance.h" | 9 #include "base/lazy_instance.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
60 | 60 |
61 data.remove_prefix(offset); | 61 data.remove_prefix(offset); |
62 size_t length = data.length(); | 62 size_t length = data.length(); |
63 | 63 |
64 for (size_t sig_index = 0; sig_index < arr_size; ++sig_index) { | 64 for (size_t sig_index = 0; sig_index < arr_size; ++sig_index) { |
65 const StringPiece& signature = signatures[sig_index]; | 65 const StringPiece& signature = signatures[sig_index]; |
66 size_t signature_length = signature.length(); | 66 size_t signature_length = signature.length(); |
67 if (length < signature_length) | 67 if (length < signature_length) |
68 continue; | 68 continue; |
69 | 69 |
70 if (base::LowerCaseEqualsASCII( | 70 if (LowerCaseEqualsASCII( |
71 data.begin(), data.begin() + signature_length, signature.data())) | 71 data.begin(), data.begin() + signature_length, signature.data())) |
72 return true; | 72 return true; |
73 } | 73 } |
74 return false; | 74 return false; |
75 } | 75 } |
76 | 76 |
77 void IncrementHistogramCount(const std::string& name) { | 77 void IncrementHistogramCount(const std::string& name) { |
78 // The default value of min, max, bucket_count are copied from histogram.h. | 78 // The default value of min, max, bucket_count are copied from histogram.h. |
79 base::HistogramBase* histogram_pointer = base::Histogram::FactoryGet( | 79 base::HistogramBase* histogram_pointer = base::Histogram::FactoryGet( |
80 name, 1, 100000, 50, base::HistogramBase::kUmaTargetedHistogramFlag); | 80 name, 1, 100000, 50, base::HistogramBase::kUmaTargetedHistogramFlag); |
(...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
191 std::string no_sniff; | 191 std::string no_sniff; |
192 info.headers->EnumerateHeader(NULL, "x-content-type-options", &no_sniff); | 192 info.headers->EnumerateHeader(NULL, "x-content-type-options", &no_sniff); |
193 | 193 |
194 linked_ptr<SiteIsolationResponseMetaData> resp_data( | 194 linked_ptr<SiteIsolationResponseMetaData> resp_data( |
195 new SiteIsolationResponseMetaData); | 195 new SiteIsolationResponseMetaData); |
196 resp_data->frame_origin = frame_origin.spec(); | 196 resp_data->frame_origin = frame_origin.spec(); |
197 resp_data->response_url = response_url; | 197 resp_data->response_url = response_url; |
198 resp_data->resource_type = resource_type; | 198 resp_data->resource_type = resource_type; |
199 resp_data->canonical_mime_type = canonical_mime_type; | 199 resp_data->canonical_mime_type = canonical_mime_type; |
200 resp_data->http_status_code = info.headers->response_code(); | 200 resp_data->http_status_code = info.headers->response_code(); |
201 resp_data->no_sniff = base::LowerCaseEqualsASCII(no_sniff, "nosniff"); | 201 resp_data->no_sniff = LowerCaseEqualsASCII(no_sniff, "nosniff"); |
202 | 202 |
203 return resp_data; | 203 return resp_data; |
204 } | 204 } |
205 | 205 |
206 bool SiteIsolationPolicy::ShouldBlockResponse( | 206 bool SiteIsolationPolicy::ShouldBlockResponse( |
207 linked_ptr<SiteIsolationResponseMetaData>& resp_data, | 207 linked_ptr<SiteIsolationResponseMetaData>& resp_data, |
208 const char* raw_data, | 208 const char* raw_data, |
209 int raw_length, | 209 int raw_length, |
210 std::string* alternative_data) { | 210 std::string* alternative_data) { |
211 if (!g_policy_enabled) | 211 if (!g_policy_enabled) |
(...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
299 alternative_data->insert(0, " "); | 299 alternative_data->insert(0, " "); |
300 LOG(ERROR) << resp_data->response_url | 300 LOG(ERROR) << resp_data->response_url |
301 << " is blocked as an illegal cross-site document from " | 301 << " is blocked as an illegal cross-site document from " |
302 << resp_data->frame_origin; | 302 << resp_data->frame_origin; |
303 } | 303 } |
304 return is_blocked; | 304 return is_blocked; |
305 } | 305 } |
306 | 306 |
307 SiteIsolationResponseMetaData::CanonicalMimeType | 307 SiteIsolationResponseMetaData::CanonicalMimeType |
308 SiteIsolationPolicy::GetCanonicalMimeType(const std::string& mime_type) { | 308 SiteIsolationPolicy::GetCanonicalMimeType(const std::string& mime_type) { |
309 if (base::LowerCaseEqualsASCII(mime_type, kTextHtml)) { | 309 if (LowerCaseEqualsASCII(mime_type, kTextHtml)) { |
310 return SiteIsolationResponseMetaData::HTML; | 310 return SiteIsolationResponseMetaData::HTML; |
311 } | 311 } |
312 | 312 |
313 if (base::LowerCaseEqualsASCII(mime_type, kTextPlain)) { | 313 if (LowerCaseEqualsASCII(mime_type, kTextPlain)) { |
314 return SiteIsolationResponseMetaData::Plain; | 314 return SiteIsolationResponseMetaData::Plain; |
315 } | 315 } |
316 | 316 |
317 if (base::LowerCaseEqualsASCII(mime_type, kAppJson) || | 317 if (LowerCaseEqualsASCII(mime_type, kAppJson) || |
318 base::LowerCaseEqualsASCII(mime_type, kTextJson) || | 318 LowerCaseEqualsASCII(mime_type, kTextJson) || |
319 base::LowerCaseEqualsASCII(mime_type, kTextXjson)) { | 319 LowerCaseEqualsASCII(mime_type, kTextXjson)) { |
320 return SiteIsolationResponseMetaData::JSON; | 320 return SiteIsolationResponseMetaData::JSON; |
321 } | 321 } |
322 | 322 |
323 if (base::LowerCaseEqualsASCII(mime_type, kTextXml) || | 323 if (LowerCaseEqualsASCII(mime_type, kTextXml) || |
324 base::LowerCaseEqualsASCII(mime_type, xAppRssXml) || | 324 LowerCaseEqualsASCII(mime_type, xAppRssXml) || |
325 base::LowerCaseEqualsASCII(mime_type, kAppXml)) { | 325 LowerCaseEqualsASCII(mime_type, kAppXml)) { |
326 return SiteIsolationResponseMetaData::XML; | 326 return SiteIsolationResponseMetaData::XML; |
327 } | 327 } |
328 | 328 |
329 return SiteIsolationResponseMetaData::Others; | 329 return SiteIsolationResponseMetaData::Others; |
330 } | 330 } |
331 | 331 |
332 bool SiteIsolationPolicy::IsBlockableScheme(const GURL& url) { | 332 bool SiteIsolationPolicy::IsBlockableScheme(const GURL& url) { |
333 // We exclude ftp:// from here. FTP doesn't provide a Content-Type | 333 // We exclude ftp:// from here. FTP doesn't provide a Content-Type |
334 // header which our policy depends on, so we cannot protect any | 334 // header which our policy depends on, so we cannot protect any |
335 // document from FTP servers. | 335 // document from FTP servers. |
(...skipping 168 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
504 // TODO(dsjang): This is a real hack. The only purpose of this function is to | 504 // TODO(dsjang): This is a real hack. The only purpose of this function is to |
505 // try to see if there's any possibility that this data can be JavaScript | 505 // try to see if there's any possibility that this data can be JavaScript |
506 // (superset of JS). This function will be removed once UMA stats are | 506 // (superset of JS). This function will be removed once UMA stats are |
507 // gathered. | 507 // gathered. |
508 | 508 |
509 // Search for "var " for JS detection. | 509 // Search for "var " for JS detection. |
510 return data.find("var ") != base::StringPiece::npos; | 510 return data.find("var ") != base::StringPiece::npos; |
511 } | 511 } |
512 | 512 |
513 } // namespace content | 513 } // namespace content |
OLD | NEW |