OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2012 Google Inc. All rights reserved. | 2 * Copyright (C) 2012 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 13 matching lines...) Expand all Loading... |
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
29 */ | 29 */ |
30 | 30 |
31 #ifndef MixedContentChecker_h | 31 #ifndef MixedContentChecker_h |
32 #define MixedContentChecker_h | 32 #define MixedContentChecker_h |
33 | 33 |
| 34 #include "public/platform/WebURLRequest.h" |
34 #include "wtf/text/WTFString.h" | 35 #include "wtf/text/WTFString.h" |
35 | 36 |
36 namespace blink { | 37 namespace blink { |
37 | 38 |
38 class LocalFrame; | 39 class LocalFrame; |
39 class FrameLoaderClient; | 40 class FrameLoaderClient; |
40 class KURL; | 41 class KURL; |
41 class SecurityOrigin; | 42 class SecurityOrigin; |
| 43 class ResourceRequest; |
42 | 44 |
43 class MixedContentChecker { | 45 class MixedContentChecker { |
44 WTF_MAKE_NONCOPYABLE(MixedContentChecker); | 46 WTF_MAKE_NONCOPYABLE(MixedContentChecker); |
45 public: | 47 public: |
46 MixedContentChecker(LocalFrame*); | 48 explicit MixedContentChecker(LocalFrame*); |
| 49 |
| 50 static bool shouldBlockFetch(LocalFrame*, const ResourceRequest&, const KURL
&); |
47 | 51 |
48 bool canDisplayInsecureContent(SecurityOrigin* securityOrigin, const KURL& u
rl) const | 52 bool canDisplayInsecureContent(SecurityOrigin* securityOrigin, const KURL& u
rl) const |
49 { | 53 { |
50 return canDisplayInsecureContentInternal(securityOrigin, url, MixedConte
ntChecker::Display); | 54 return canDisplayInsecureContentInternal(securityOrigin, url, MixedConte
ntChecker::Display); |
51 } | 55 } |
52 | 56 |
53 bool canRunInsecureContent(SecurityOrigin* securityOrigin, const KURL& url)
const | 57 bool canRunInsecureContent(SecurityOrigin* securityOrigin, const KURL& url)
const |
54 { | 58 { |
55 return canRunInsecureContentInternal(securityOrigin, url, MixedContentCh
ecker::Execution); | 59 return canRunInsecureContentInternal(securityOrigin, url, MixedContentCh
ecker::Execution); |
56 } | 60 } |
57 | 61 |
58 bool canSubmitToInsecureForm(SecurityOrigin*, const KURL&) const; | 62 bool canSubmitToInsecureForm(SecurityOrigin*, const KURL&) const; |
59 bool canConnectInsecureWebSocket(SecurityOrigin*, const KURL&) const; | 63 bool canConnectInsecureWebSocket(SecurityOrigin*, const KURL&) const; |
60 bool canFrameInsecureContent(SecurityOrigin*, const KURL&) const; | 64 bool canFrameInsecureContent(SecurityOrigin*, const KURL&) const; |
61 static bool isMixedContent(SecurityOrigin*, const KURL&); | 65 static bool isMixedContent(SecurityOrigin*, const KURL&); |
62 | 66 |
63 private: | 67 private: |
64 enum MixedContentType { | 68 enum MixedContentType { |
65 Display, | 69 Display, |
66 Execution, | 70 Execution, |
67 WebSocket, | 71 WebSocket, |
68 Submission | 72 Submission |
69 }; | 73 }; |
70 | 74 |
| 75 enum ContextType { |
| 76 ContextTypeBlockable, |
| 77 ContextTypeOptionallyBlockable, |
| 78 ContextTypeShouldBeBlockable, |
| 79 ContextTypeBlockableUnlessLax |
| 80 }; |
| 81 |
| 82 static ContextType contextTypeFromContext(WebURLRequest::RequestContext); |
| 83 |
71 // FIXME: This should probably have a separate client from FrameLoader. | 84 // FIXME: This should probably have a separate client from FrameLoader. |
72 FrameLoaderClient* client() const; | 85 FrameLoaderClient* client() const; |
73 | 86 |
74 bool canDisplayInsecureContentInternal(SecurityOrigin*, const KURL&, const M
ixedContentType) const; | 87 bool canDisplayInsecureContentInternal(SecurityOrigin*, const KURL&, const M
ixedContentType) const; |
75 | 88 |
76 bool canRunInsecureContentInternal(SecurityOrigin*, const KURL&, const Mixed
ContentType) const; | 89 bool canRunInsecureContentInternal(SecurityOrigin*, const KURL&, const Mixed
ContentType) const; |
77 | 90 |
78 void logWarning(bool allowed, const KURL& i, const MixedContentType) const; | 91 void logWarning(bool allowed, const KURL& i, const MixedContentType) const; |
79 | 92 |
80 LocalFrame* m_frame; | 93 LocalFrame* m_frame; |
81 }; | 94 }; |
82 | 95 |
83 } // namespace blink | 96 } // namespace blink |
84 | 97 |
85 #endif // MixedContentChecker_h | 98 #endif // MixedContentChecker_h |
OLD | NEW |