| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 124 return UseCounter::NumberOfFeatures; | 124 return UseCounter::NumberOfFeatures; |
| 125 } | 125 } |
| 126 | 126 |
| 127 static ReferrerPolicy mergeReferrerPolicies(ReferrerPolicy a, ReferrerPolicy b) | 127 static ReferrerPolicy mergeReferrerPolicies(ReferrerPolicy a, ReferrerPolicy b) |
| 128 { | 128 { |
| 129 if (a != b) | 129 if (a != b) |
| 130 return ReferrerPolicyNever; | 130 return ReferrerPolicyNever; |
| 131 return a; | 131 return a; |
| 132 } | 132 } |
| 133 | 133 |
| 134 ContentSecurityPolicy::ContentSecurityPolicy(ExecutionContext* executionContext) | 134 ContentSecurityPolicy::ContentSecurityPolicy() |
| 135 : m_executionContext(executionContext) | 135 : m_executionContext(0) |
| 136 , m_overrideInlineStyleAllowed(false) | 136 , m_overrideInlineStyleAllowed(false) |
| 137 , m_scriptHashAlgorithmsUsed(ContentSecurityPolicyHashAlgorithmNone) | 137 , m_scriptHashAlgorithmsUsed(ContentSecurityPolicyHashAlgorithmNone) |
| 138 , m_styleHashAlgorithmsUsed(ContentSecurityPolicyHashAlgorithmNone) | 138 , m_styleHashAlgorithmsUsed(ContentSecurityPolicyHashAlgorithmNone) |
| 139 , m_sandboxMask(0) | 139 , m_sandboxMask(0) |
| 140 , m_referrerPolicy(ReferrerPolicyDefault) | 140 , m_referrerPolicy(ReferrerPolicyDefault) |
| 141 { | 141 { |
| 142 } | 142 } |
| 143 | 143 |
| 144 void ContentSecurityPolicy::bindToExecutionContext(ExecutionContext* executionCo
ntext) |
| 145 { |
| 146 m_executionContext = executionContext; |
| 147 applyPolicySideEffectsToExecutionContext(); |
| 148 } |
| 149 |
| 144 void ContentSecurityPolicy::applyPolicySideEffectsToExecutionContext() | 150 void ContentSecurityPolicy::applyPolicySideEffectsToExecutionContext() |
| 145 { | 151 { |
| 152 ASSERT(m_executionContext); |
| 146 // Ensure that 'self' processes correctly. | 153 // Ensure that 'self' processes correctly. |
| 147 m_selfSource = adoptPtr(new CSPSource(this, securityOrigin()->protocol(), se
curityOrigin()->host(), securityOrigin()->port(), String(), false, false)); | 154 m_selfSource = adoptPtr(new CSPSource(this, securityOrigin()->protocol(), se
curityOrigin()->host(), securityOrigin()->port(), String(), false, false)); |
| 148 | 155 |
| 149 // If we're in a Document, set the referrer policy and sandbox flags, then d
ump all the | 156 // If we're in a Document, set the referrer policy and sandbox flags, then d
ump all the |
| 150 // parsing error messages, then poke at histograms. | 157 // parsing error messages, then poke at histograms. |
| 151 if (Document* document = this->document()) { | 158 if (Document* document = this->document()) { |
| 152 document->enforceSandboxFlags(m_sandboxMask); | 159 document->enforceSandboxFlags(m_sandboxMask); |
| 153 if (didSetReferrerPolicy()) | 160 if (didSetReferrerPolicy()) |
| 154 document->setReferrerPolicy(m_referrerPolicy); | 161 document->setReferrerPolicy(m_referrerPolicy); |
| 155 | 162 |
| 156 for (ConsoleMessageVector::const_iterator iter = m_consoleMessages.begin
(); iter != m_consoleMessages.end(); ++iter) | 163 for (ConsoleMessageVector::const_iterator iter = m_consoleMessages.begin
(); iter != m_consoleMessages.end(); ++iter) |
| 157 executionContext()->addConsoleMessage(*iter); | 164 m_executionContext->addConsoleMessage(*iter); |
| 158 m_consoleMessages.clear(); | 165 m_consoleMessages.clear(); |
| 159 | 166 |
| 160 for (CSPDirectiveListVector::const_iterator iter = m_policies.begin(); i
ter != m_policies.end(); ++iter) | 167 for (CSPDirectiveListVector::const_iterator iter = m_policies.begin(); i
ter != m_policies.end(); ++iter) |
| 161 UseCounter::count(*document, getUseCounterType((*iter)->headerType()
)); | 168 UseCounter::count(*document, getUseCounterType((*iter)->headerType()
)); |
| 162 } | 169 } |
| 163 | 170 |
| 164 // We disable 'eval()' even in the case of report-only policies, and rely on
the check in the | 171 // We disable 'eval()' even in the case of report-only policies, and rely on
the check in the |
| 165 // V8Initializer::codeGenerationCheckCallbackInMainThread callback to determ
ine whether the | 172 // V8Initializer::codeGenerationCheckCallbackInMainThread callback to determ
ine whether the |
| 166 // call should execute or not. | 173 // call should execute or not. |
| 167 if (!m_disableEvalErrorMessage.isNull()) | 174 if (!m_disableEvalErrorMessage.isNull()) |
| 168 executionContext()->disableEval(m_disableEvalErrorMessage); | 175 m_executionContext->disableEval(m_disableEvalErrorMessage); |
| 169 } | 176 } |
| 170 | 177 |
| 171 ContentSecurityPolicy::~ContentSecurityPolicy() | 178 ContentSecurityPolicy::~ContentSecurityPolicy() |
| 172 { | 179 { |
| 173 } | 180 } |
| 174 | 181 |
| 175 Document* ContentSecurityPolicy::document() const | 182 Document* ContentSecurityPolicy::document() const |
| 176 { | 183 { |
| 177 return m_executionContext->isDocument() ? toDocument(m_executionContext) : 0
; | 184 return m_executionContext->isDocument() ? toDocument(m_executionContext) : 0
; |
| 178 } | 185 } |
| 179 | 186 |
| 180 void ContentSecurityPolicy::copyStateFrom(const ContentSecurityPolicy* other) | 187 void ContentSecurityPolicy::copyStateFrom(const ContentSecurityPolicy* other) |
| 181 { | 188 { |
| 182 ASSERT(m_policies.isEmpty()); | 189 ASSERT(m_policies.isEmpty()); |
| 183 for (CSPDirectiveListVector::const_iterator iter = other->m_policies.begin()
; iter != other->m_policies.end(); ++iter) | 190 for (CSPDirectiveListVector::const_iterator iter = other->m_policies.begin()
; iter != other->m_policies.end(); ++iter) |
| 184 addPolicyFromHeaderValue((*iter)->header(), (*iter)->headerType(), (*ite
r)->headerSource()); | 191 addPolicyFromHeaderValue((*iter)->header(), (*iter)->headerType(), (*ite
r)->headerSource()); |
| 185 | |
| 186 // FIXME: This ought to be a step distinct from copyStateFrom(). https://crb
ug.com/411889 | |
| 187 applyPolicySideEffectsToExecutionContext(); | |
| 188 } | 192 } |
| 189 | 193 |
| 190 void ContentSecurityPolicy::didReceiveHeaders(const ContentSecurityPolicyRespons
eHeaders& headers) | 194 void ContentSecurityPolicy::didReceiveHeaders(const ContentSecurityPolicyRespons
eHeaders& headers) |
| 191 { | 195 { |
| 192 if (!headers.contentSecurityPolicy().isEmpty()) | 196 if (!headers.contentSecurityPolicy().isEmpty()) |
| 193 didReceiveHeader(headers.contentSecurityPolicy(), ContentSecurityPolicyH
eaderTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP, DoNotApplySideEffectsTo
ExecutionContext); | 197 addPolicyFromHeaderValue(headers.contentSecurityPolicy(), ContentSecurit
yPolicyHeaderTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP); |
| 194 if (!headers.contentSecurityPolicyReportOnly().isEmpty()) | 198 if (!headers.contentSecurityPolicyReportOnly().isEmpty()) |
| 195 didReceiveHeader(headers.contentSecurityPolicyReportOnly(), ContentSecur
ityPolicyHeaderTypeReport, ContentSecurityPolicyHeaderSourceHTTP, DoNotApplySide
EffectsToExecutionContext); | 199 addPolicyFromHeaderValue(headers.contentSecurityPolicyReportOnly(), Cont
entSecurityPolicyHeaderTypeReport, ContentSecurityPolicyHeaderSourceHTTP); |
| 196 | |
| 197 // FIXME: This ought to be a step distinct from didReceiveHeaders(). https:/
/crbug.com/411889 | |
| 198 applyPolicySideEffectsToExecutionContext(); | |
| 199 } | 200 } |
| 200 | 201 |
| 201 void ContentSecurityPolicy::didReceiveHeader(const String& header, ContentSecuri
tyPolicyHeaderType type, ContentSecurityPolicyHeaderSource source, SideEffectDis
position sideEffectDisposition) | 202 void ContentSecurityPolicy::didReceiveHeader(const String& header, ContentSecuri
tyPolicyHeaderType type, ContentSecurityPolicyHeaderSource source) |
| 202 { | 203 { |
| 203 addPolicyFromHeaderValue(header, type, source); | 204 addPolicyFromHeaderValue(header, type, source); |
| 204 | 205 |
| 205 // FIXME: This ought to be a step distinct from didReceiveHeader(). https://
crbug.com/411889 | 206 // This might be called after we've been bound to an execution context. For
example, a <meta> |
| 206 if (sideEffectDisposition == ApplySideEffectsToExecutionContext) | 207 // element might be injected after page load. |
| 208 if (m_executionContext) |
| 207 applyPolicySideEffectsToExecutionContext(); | 209 applyPolicySideEffectsToExecutionContext(); |
| 208 } | 210 } |
| 209 | 211 |
| 210 void ContentSecurityPolicy::addPolicyFromHeaderValue(const String& header, Conte
ntSecurityPolicyHeaderType type, ContentSecurityPolicyHeaderSource source) | 212 void ContentSecurityPolicy::addPolicyFromHeaderValue(const String& header, Conte
ntSecurityPolicyHeaderType type, ContentSecurityPolicyHeaderSource source) |
| 211 { | 213 { |
| 214 // If this is a report-only header inside a <meta> element, bail out. |
| 212 if (source == ContentSecurityPolicyHeaderSourceMeta && type == ContentSecuri
tyPolicyHeaderTypeReport && experimentalFeaturesEnabled()) { | 215 if (source == ContentSecurityPolicyHeaderSourceMeta && type == ContentSecuri
tyPolicyHeaderTypeReport && experimentalFeaturesEnabled()) { |
| 213 reportReportOnlyInMeta(header); | 216 reportReportOnlyInMeta(header); |
| 214 return; | 217 return; |
| 215 } | 218 } |
| 216 | 219 |
| 217 Vector<UChar> characters; | 220 Vector<UChar> characters; |
| 218 header.appendTo(characters); | 221 header.appendTo(characters); |
| 219 | 222 |
| 220 const UChar* begin = characters.data(); | 223 const UChar* begin = characters.data(); |
| 221 const UChar* end = begin + characters.size(); | 224 const UChar* end = begin + characters.size(); |
| (...skipping 615 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 837 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. | 840 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. |
| 838 return !m_violationReportsSent.contains(report.impl()->hash()); | 841 return !m_violationReportsSent.contains(report.impl()->hash()); |
| 839 } | 842 } |
| 840 | 843 |
| 841 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 844 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
| 842 { | 845 { |
| 843 m_violationReportsSent.add(report.impl()->hash()); | 846 m_violationReportsSent.add(report.impl()->hash()); |
| 844 } | 847 } |
| 845 | 848 |
| 846 } // namespace blink | 849 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 559503002:
CSP: Move policy parsing out of Document. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk