| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 154 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 165 void reportInvalidPluginTypes(const String&); | 165 void reportInvalidPluginTypes(const String&); |
| 166 void reportInvalidSandboxFlags(const String&); | 166 void reportInvalidSandboxFlags(const String&); |
| 167 void reportInvalidSourceExpression(const String& directiveName, const String
& source); | 167 void reportInvalidSourceExpression(const String& directiveName, const String
& source); |
| 168 void reportInvalidReflectedXSS(const String&); | 168 void reportInvalidReflectedXSS(const String&); |
| 169 void reportMissingReportURI(const String&); | 169 void reportMissingReportURI(const String&); |
| 170 void reportUnsupportedDirective(const String&); | 170 void reportUnsupportedDirective(const String&); |
| 171 void reportInvalidInReportOnly(const String&); | 171 void reportInvalidInReportOnly(const String&); |
| 172 void reportInvalidReferrer(const String&); | 172 void reportInvalidReferrer(const String&); |
| 173 void reportReportOnlyInMeta(const String&); | 173 void reportReportOnlyInMeta(const String&); |
| 174 void reportMetaOutsideHead(const String&); | 174 void reportMetaOutsideHead(const String&); |
| 175 void reportViolation(const String& directiveText, const String& effectiveDir
ective, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL>
& reportURIs, const String& header); | 175 void reportViolation(const String& directiveText, const String& effectiveDir
ective, const String& consoleMessage, const KURL& blockedURL, const Vector<Strin
g>& reportEndpoints, const String& header); |
| 176 | 176 |
| 177 void reportBlockedScriptExecutionToInspector(const String& directiveText) co
nst; | 177 void reportBlockedScriptExecutionToInspector(const String& directiveText) co
nst; |
| 178 | 178 |
| 179 const KURL url() const; | 179 const KURL url() const; |
| 180 KURL completeURL(const String&) const; | |
| 181 void enforceSandboxFlags(SandboxFlags); | 180 void enforceSandboxFlags(SandboxFlags); |
| 182 String evalDisabledErrorMessage() const; | 181 String evalDisabledErrorMessage() const; |
| 183 | 182 |
| 184 bool urlMatchesSelf(const KURL&) const; | 183 bool urlMatchesSelf(const KURL&) const; |
| 185 bool protocolMatchesSelf(const KURL&) const; | 184 bool protocolMatchesSelf(const KURL&) const; |
| 186 | 185 |
| 187 bool experimentalFeaturesEnabled() const; | 186 bool experimentalFeaturesEnabled() const; |
| 188 | 187 |
| 189 static bool shouldBypassMainWorld(ExecutionContext*); | 188 static bool shouldBypassMainWorld(ExecutionContext*); |
| 190 | 189 |
| 191 static bool isDirectiveName(const String&); | 190 static bool isDirectiveName(const String&); |
| 192 | 191 |
| 193 ExecutionContext* executionContext() const { return m_executionContext; } | 192 ExecutionContext* executionContext() const { return m_executionContext; } |
| 194 | 193 |
| 195 private: | 194 private: |
| 196 explicit ContentSecurityPolicy(ExecutionContext*); | 195 explicit ContentSecurityPolicy(ExecutionContext*); |
| 197 | 196 |
| 198 void applyPolicySideEffectsToExecutionContext(); | 197 void applyPolicySideEffectsToExecutionContext(); |
| 199 | 198 |
| 200 Document* document() const; | 199 Document* document() const; |
| 201 SecurityOrigin* securityOrigin() const; | 200 SecurityOrigin* securityOrigin() const; |
| 201 KURL completeURL(const String&) const; |
| 202 | 202 |
| 203 void logToConsole(const String& message, MessageLevel = ErrorMessageLevel); | 203 void logToConsole(const String& message, MessageLevel = ErrorMessageLevel); |
| 204 void addPolicyFromHeaderValue(const String&, ContentSecurityPolicyHeaderType
, ContentSecurityPolicyHeaderSource); | 204 void addPolicyFromHeaderValue(const String&, ContentSecurityPolicyHeaderType
, ContentSecurityPolicyHeaderSource); |
| 205 | 205 |
| 206 bool shouldSendViolationReport(const String&) const; | 206 bool shouldSendViolationReport(const String&) const; |
| 207 void didSendViolationReport(const String&); | 207 void didSendViolationReport(const String&); |
| 208 | 208 |
| 209 ExecutionContext* m_executionContext; | 209 ExecutionContext* m_executionContext; |
| 210 bool m_overrideInlineStyleAllowed; | 210 bool m_overrideInlineStyleAllowed; |
| 211 CSPDirectiveListVector m_policies; | 211 CSPDirectiveListVector m_policies; |
| (...skipping 11 matching lines...) Expand all Loading... |
| 223 SandboxFlags m_sandboxMask; | 223 SandboxFlags m_sandboxMask; |
| 224 ReferrerPolicy m_referrerPolicy; | 224 ReferrerPolicy m_referrerPolicy; |
| 225 String m_disableEvalErrorMessage; | 225 String m_disableEvalErrorMessage; |
| 226 | 226 |
| 227 OwnPtr<CSPSource> m_selfSource; | 227 OwnPtr<CSPSource> m_selfSource; |
| 228 }; | 228 }; |
| 229 | 229 |
| 230 } | 230 } |
| 231 | 231 |
| 232 #endif | 232 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 561693002:
CSP: Resolve report endpoints at reporting time, not at parse time. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk