| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 79 | 79 |
| 80 // CSP 1.1 Directives | 80 // CSP 1.1 Directives |
| 81 static const char BaseURI[]; | 81 static const char BaseURI[]; |
| 82 static const char ChildSrc[]; | 82 static const char ChildSrc[]; |
| 83 static const char FormAction[]; | 83 static const char FormAction[]; |
| 84 static const char FrameAncestors[]; | 84 static const char FrameAncestors[]; |
| 85 static const char PluginTypes[]; | 85 static const char PluginTypes[]; |
| 86 static const char ReflectedXSS[]; | 86 static const char ReflectedXSS[]; |
| 87 static const char Referrer[]; | 87 static const char Referrer[]; |
| 88 | 88 |
| 89 // Manifest Directives (to be merged into CSP 1.1) |
| 90 // https://w3c.github.io/manifest/#content-security-policy |
| 91 static const char ManifestSrc[]; |
| 92 |
| 89 enum ReportingStatus { | 93 enum ReportingStatus { |
| 90 SendReport, | 94 SendReport, |
| 91 SuppressReport | 95 SuppressReport |
| 92 }; | 96 }; |
| 93 | 97 |
| 94 static PassRefPtr<ContentSecurityPolicy> create() | 98 static PassRefPtr<ContentSecurityPolicy> create() |
| 95 { | 99 { |
| 96 return adoptRef(new ContentSecurityPolicy()); | 100 return adoptRef(new ContentSecurityPolicy()); |
| 97 } | 101 } |
| 98 ~ContentSecurityPolicy(); | 102 ~ContentSecurityPolicy(); |
| (...skipping 23 matching lines...) Expand all Loading... |
| 122 bool allowStyleFromSource(const KURL&, ReportingStatus = SendReport) const; | 126 bool allowStyleFromSource(const KURL&, ReportingStatus = SendReport) const; |
| 123 bool allowFontFromSource(const KURL&, ReportingStatus = SendReport) const; | 127 bool allowFontFromSource(const KURL&, ReportingStatus = SendReport) const; |
| 124 bool allowMediaFromSource(const KURL&, ReportingStatus = SendReport) const; | 128 bool allowMediaFromSource(const KURL&, ReportingStatus = SendReport) const; |
| 125 bool allowConnectToSource(const KURL&, ReportingStatus = SendReport) const; | 129 bool allowConnectToSource(const KURL&, ReportingStatus = SendReport) const; |
| 126 bool allowFormAction(const KURL&, ReportingStatus = SendReport) const; | 130 bool allowFormAction(const KURL&, ReportingStatus = SendReport) const; |
| 127 bool allowBaseURI(const KURL&, ReportingStatus = SendReport) const; | 131 bool allowBaseURI(const KURL&, ReportingStatus = SendReport) const; |
| 128 bool allowAncestors(LocalFrame*, ReportingStatus = SendReport) const; | 132 bool allowAncestors(LocalFrame*, ReportingStatus = SendReport) const; |
| 129 bool allowChildContextFromSource(const KURL&, ReportingStatus = SendReport)
const; | 133 bool allowChildContextFromSource(const KURL&, ReportingStatus = SendReport)
const; |
| 130 bool allowWorkerContextFromSource(const KURL&, ReportingStatus = SendReport)
const; | 134 bool allowWorkerContextFromSource(const KURL&, ReportingStatus = SendReport)
const; |
| 131 | 135 |
| 136 bool allowManifestFromSource(const KURL&, ReportingStatus = SendReport) cons
t; |
| 137 |
| 132 // The nonce and hash allow functions are guaranteed to not have any side | 138 // The nonce and hash allow functions are guaranteed to not have any side |
| 133 // effects, including reporting. | 139 // effects, including reporting. |
| 134 // Nonce/Hash functions check all policies relating to use of a script/style | 140 // Nonce/Hash functions check all policies relating to use of a script/style |
| 135 // with the given nonce/hash and return true all CSP policies allow it. | 141 // with the given nonce/hash and return true all CSP policies allow it. |
| 136 // If these return true, callers can then process the content or | 142 // If these return true, callers can then process the content or |
| 137 // issue a load and be safe disabling any further CSP checks. | 143 // issue a load and be safe disabling any further CSP checks. |
| 138 bool allowScriptWithNonce(const String& nonce) const; | 144 bool allowScriptWithNonce(const String& nonce) const; |
| 139 bool allowStyleWithNonce(const String& nonce) const; | 145 bool allowStyleWithNonce(const String& nonce) const; |
| 140 bool allowScriptWithHash(const String& source) const; | 146 bool allowScriptWithHash(const String& source) const; |
| 141 bool allowStyleWithHash(const String& source) const; | 147 bool allowStyleWithHash(const String& source) const; |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 218 SandboxFlags m_sandboxMask; | 224 SandboxFlags m_sandboxMask; |
| 219 ReferrerPolicy m_referrerPolicy; | 225 ReferrerPolicy m_referrerPolicy; |
| 220 String m_disableEvalErrorMessage; | 226 String m_disableEvalErrorMessage; |
| 221 | 227 |
| 222 OwnPtr<CSPSource> m_selfSource; | 228 OwnPtr<CSPSource> m_selfSource; |
| 223 }; | 229 }; |
| 224 | 230 |
| 225 } | 231 } |
| 226 | 232 |
| 227 #endif | 233 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 570563003:
Implement CSP check for manifest fetching (Closed)
Base URL: svn://svn.chromium.org/blink/trunk