Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(83)

Side by Side Diff: Source/core/frame/SubresourceIntegrity.cpp

Issue 566083003: Implementation of subresource integrity attribute for secure origins. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Block resources at insecure origins Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
(Empty)
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "config.h"
6 #include "core/frame/SubresourceIntegrity.h"
7
8 #include "platform/Crypto.h"
9 #include "public/platform/WebCrypto.h"
10 #include "public/platform/WebCryptoAlgorithm.h"
11 #include "wtf/text/Base64.h"
12 #include "wtf/text/StringUTF8Adaptor.h"
13 #include "wtf/text/WTFString.h"
14
15 namespace blink {
16
17 static bool DigestsEqual(const DigestValue& digest1, const DigestValue& digest2)
18 {
19 if (digest1.size() != digest2.size())
20 return false;
21
22 for (size_t i = 0; i < digest1.size(); i++) {
23 if (digest1[i] != digest2[i])
24 return false;
25 }
26
27 return true;
28 }
29
30 // TODO(jww) If CheckSubresourceIntegrity fails, Blink should create a console
31 // message to alert the developer of the failure.
32 bool SubresourceIntegrity::CheckSubresourceIntegrity(const String& source, const String& integrity)
33 {
34 Vector<char> hashVector;
35 base64Decode(integrity, hashVector);
Mike West 2014/09/13 03:44:31 Please add some TODOs about parsing the `ni:///` s
36
37 StringUTF8Adaptor normalizedSource(source, StringUTF8Adaptor::Normalize, WTF ::EntitiesForUnencodables);
38
39 DigestValue digest;
40 bool digestSuccess = computeDigest(HashAlgorithmSha256, normalizedSource.dat a(), normalizedSource.length(), digest);
41
42 if (digestSuccess) {
43 DigestValue convertedHashVector;
44 convertedHashVector.append(reinterpret_cast<uint8_t*>(hashVector.data()) , hashVector.size());
45 return DigestsEqual(digest, convertedHashVector);
46 }
47
48 return false;
49 }
50
51 } // namespace blink
OLDNEW
« Source/core/dom/ScriptLoader.cpp ('K') | « Source/core/frame/SubresourceIntegrity.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698