OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google Inc. All rights reserved. | 2 * Copyright (C) 2011 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * | 7 * |
8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
(...skipping 11 matching lines...) Expand all Loading... |
22 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | 22 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
23 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | 23 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND |
24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
27 */ | 27 */ |
28 | 28 |
29 #ifndef SecurityPolicy_h | 29 #ifndef SecurityPolicy_h |
30 #define SecurityPolicy_h | 30 #define SecurityPolicy_h |
31 | 31 |
32 #include "weborigin/ReferrerPolicy.h" | 32 #include "platform/PlatformExport.h" |
33 #include "weborigin/WebOriginExport.h" | 33 #include "platform/weborigin/ReferrerPolicy.h" |
34 #include "wtf/text/WTFString.h" | 34 #include "wtf/text/WTFString.h" |
35 | 35 |
36 namespace WebCore { | 36 namespace WebCore { |
37 | 37 |
38 class KURL; | 38 class KURL; |
39 class SecurityOrigin; | 39 class SecurityOrigin; |
40 | 40 |
41 class WEBORIGIN_EXPORT SecurityPolicy { | 41 class PLATFORM_EXPORT SecurityPolicy { |
42 public: | 42 public: |
43 // True if the referrer should be omitted according to the | 43 // True if the referrer should be omitted according to the |
44 // ReferrerPolicyDefault. If you intend to send a referrer header, you | 44 // ReferrerPolicyDefault. If you intend to send a referrer header, you |
45 // should use generateReferrerHeader instead. | 45 // should use generateReferrerHeader instead. |
46 static bool shouldHideReferrer(const KURL&, const String& referrer); | 46 static bool shouldHideReferrer(const KURL&, const String& referrer); |
47 | 47 |
48 // Returns the referrer modified according to the referrer policy for a | 48 // Returns the referrer modified according to the referrer policy for a |
49 // navigation to a given URL. If the referrer returned is empty, the | 49 // navigation to a given URL. If the referrer returned is empty, the |
50 // referrer header should be omitted. | 50 // referrer header should be omitted. |
51 static String generateReferrerHeader(ReferrerPolicy, const KURL&, const Stri
ng& referrer); | 51 static String generateReferrerHeader(ReferrerPolicy, const KURL&, const Stri
ng& referrer); |
52 | 52 |
53 static void addOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin
, const String& destinationProtocol, const String& destinationDomain, bool allow
DestinationSubdomains); | 53 static void addOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin
, const String& destinationProtocol, const String& destinationDomain, bool allow
DestinationSubdomains); |
54 static void removeOriginAccessWhitelistEntry(const SecurityOrigin& sourceOri
gin, const String& destinationProtocol, const String& destinationDomain, bool al
lowDestinationSubdomains); | 54 static void removeOriginAccessWhitelistEntry(const SecurityOrigin& sourceOri
gin, const String& destinationProtocol, const String& destinationDomain, bool al
lowDestinationSubdomains); |
55 static void resetOriginAccessWhitelists(); | 55 static void resetOriginAccessWhitelists(); |
56 | 56 |
57 static bool isAccessWhiteListed(const SecurityOrigin* activeOrigin, const Se
curityOrigin* targetOrigin); | 57 static bool isAccessWhiteListed(const SecurityOrigin* activeOrigin, const Se
curityOrigin* targetOrigin); |
58 static bool isAccessToURLWhiteListed(const SecurityOrigin* activeOrigin, con
st KURL&); | 58 static bool isAccessToURLWhiteListed(const SecurityOrigin* activeOrigin, con
st KURL&); |
59 }; | 59 }; |
60 | 60 |
61 } // namespace WebCore | 61 } // namespace WebCore |
62 | 62 |
63 #endif // SecurityPolicy_h | 63 #endif // SecurityPolicy_h |
OLD | NEW |