Source/core/frame/csp/CSPDirectiveList.cpp - Issue 568583003: Allow CSP checkNonce and checkHash to pass with 'unsafe-inline' only.

Side by Side Diff: Source/core/frame/csp/CSPDirectiveList.cpp

Issue 568583003: Allow CSP checkNonce and checkHash to pass with 'unsafe-inline' only. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: Fixed broken tests Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies-with-unsafe-inline-expected.txt ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "config.h"	5 #include "config.h"

6 #include "core/frame/csp/CSPDirectiveList.h"	6 #include "core/frame/csp/CSPDirectiveList.h"

7	7

8 #include "core/dom/Document.h"	8 #include "core/dom/Document.h"

9 #include "core/frame/LocalFrame.h"	9 #include "core/frame/LocalFrame.h"

10 #include "core/inspector/ConsoleMessage.h"	10 #include "core/inspector/ConsoleMessage.h"

(...skipping 60 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
71 return !directive \|\| directive->allowEval();	71 return !directive \|\| directive->allowEval();

72 }	72 }

73	73

74 bool CSPDirectiveList::checkInline(SourceListDirective* directive) const	74 bool CSPDirectiveList::checkInline(SourceListDirective* directive) const

75 {	75 {

76 return !directive \|\| (directive->allowInline() && !directive->isHashOrNonceP resent());	76 return !directive \|\| (directive->allowInline() && !directive->isHashOrNonceP resent());

77 }	77 }

78	78

79 bool CSPDirectiveList::checkNonce(SourceListDirective* directive, const String& nonce) const	79 bool CSPDirectiveList::checkNonce(SourceListDirective* directive, const String& nonce) const

80 {	80 {

81 return !directive \|\| directive->allowNonce(nonce);	81 return !directive \|\| directive->allowNonce(nonce) \|\| checkInline(directive);

82 }	82 }

83	83

84 bool CSPDirectiveList::checkHash(SourceListDirective* directive, const CSPHashVa lue& hashValue) const	84 bool CSPDirectiveList::checkHash(SourceListDirective* directive, const CSPHashVa lue& hashValue) const

85 {	85 {

86 return !directive \|\| directive->allowHash(hashValue);	86 return !directive \|\| directive->allowHash(hashValue) \|\| checkInline(directiv e);

87 }	87 }

88	88

89 bool CSPDirectiveList::checkSource(SourceListDirective* directive, const KURL& u rl) const	89 bool CSPDirectiveList::checkSource(SourceListDirective* directive, const KURL& u rl) const

90 {	90 {

91 return !directive \|\| directive->allows(url);	91 return !directive \|\| directive->allows(url);

92 }	92 }

93	93

94 bool CSPDirectiveList::checkAncestors(SourceListDirective* directive, LocalFrame * frame) const	94 bool CSPDirectiveList::checkAncestors(SourceListDirective* directive, LocalFrame * frame) const

95 {	95 {

96 if (!frame \|\| !directive)	96 if (!frame \|\| !directive)

(...skipping 577 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
674 parseReferrer(name, value);	674 parseReferrer(name, value);

675 else	675 else

676 m_policy->reportUnsupportedDirective(name);	676 m_policy->reportUnsupportedDirective(name);

677 } else {	677 } else {

678 m_policy->reportUnsupportedDirective(name);	678 m_policy->reportUnsupportedDirective(name);

679 }	679 }

680 }	680 }

681	681

682	682

683 } // namespace blink	683 } // namespace blink

OLD	NEW