Source/core/frame/SubresourceIntegrity.cpp - Issue 566083003: Implementation of subresource integrity attribute for secure origins.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: Source/core/frame/SubresourceIntegrity.cpp

Issue 566083003: Implementation of subresource integrity attribute for secure origins. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: Block resources at insecure origins Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright 2014 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "config.h"

	6 #include "core/frame/SubresourceIntegrity.h"

	7

	8 #include "platform/Crypto.h"

	9 #include "public/platform/WebCrypto.h"

	10 #include "public/platform/WebCryptoAlgorithm.h"

	11 #include "wtf/text/Base64.h"

	12 #include "wtf/text/StringUTF8Adaptor.h"

	13 #include "wtf/text/WTFString.h"

	14

	15 namespace blink {

	16

	17 static bool DigestsEqual(const DigestValue& digest1, const DigestValue& digest2)

	18 {

	19 if (digest1.size() != digest2.size())

	20 return false;

	21

	22 for (size_t i = 0; i < digest1.size(); i++) {

	23 if (digest1[i] != digest2[i])

	24 return false;

	25 }

	26

	27 return true;

	28 }

	29

	30 // TODO(jww) If CheckSubresourceIntegrity fails, Blink should create a console

	31 // message to alert the developer of the failure.

	32 bool SubresourceIntegrity::CheckSubresourceIntegrity(const String& source, const String& integrity)

	33 {

	34 Vector<char> hashVector;

	35 base64Decode(integrity, hashVector);
	Mike West 2014/09/13 03:44:31 Please add some TODOs about parsing the `ni:///` s Please add some TODOs about parsing the `ni:///` syntax to extract the algorithm and expected hash, and about supporting multiple sets of integrity metadata, as discussed in the agility section.
	36

	37 StringUTF8Adaptor normalizedSource(source, StringUTF8Adaptor::Normalize, WTF ::EntitiesForUnencodables);

	38

	39 DigestValue digest;

	40 bool digestSuccess = computeDigest(HashAlgorithmSha256, normalizedSource.dat a(), normalizedSource.length(), digest);

	41

	42 if (digestSuccess) {

	43 DigestValue convertedHashVector;

	44 convertedHashVector.append(reinterpret_cast<uint8_t*>(hashVector.data()) , hashVector.size());

	45 return DigestsEqual(digest, convertedHashVector);

	46 }

	47

	48 return false;

	49 }

	50

	51 } // namespace blink

OLD	NEW

« Source/core/dom/ScriptLoader.cpp ('K') | « Source/core/frame/SubresourceIntegrity.h ('k') | no next file » | no next file with comments »