OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2012 Google Inc. All rights reserved. | 2 * Copyright (C) 2012 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 13 matching lines...) Expand all Loading... |
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
29 */ | 29 */ |
30 | 30 |
31 #ifndef MixedContentChecker_h | 31 #ifndef MixedContentChecker_h |
32 #define MixedContentChecker_h | 32 #define MixedContentChecker_h |
33 | 33 |
| 34 #include "platform/heap/Handle.h" |
34 #include "public/platform/WebURLRequest.h" | 35 #include "public/platform/WebURLRequest.h" |
35 #include "wtf/text/WTFString.h" | 36 #include "wtf/text/WTFString.h" |
36 | 37 |
37 namespace blink { | 38 namespace blink { |
38 | 39 |
39 class FrameLoaderClient; | 40 class FrameLoaderClient; |
40 class LocalFrame; | 41 class LocalFrame; |
41 class KURL; | 42 class KURL; |
42 class SecurityOrigin; | 43 class SecurityOrigin; |
43 | 44 |
44 class MixedContentChecker { | 45 class MixedContentChecker FINAL { |
45 WTF_MAKE_NONCOPYABLE(MixedContentChecker); | 46 WTF_MAKE_NONCOPYABLE(MixedContentChecker); |
| 47 DISALLOW_ALLOCATION(); |
46 public: | 48 public: |
47 explicit MixedContentChecker(LocalFrame*); | 49 explicit MixedContentChecker(LocalFrame*); |
48 | 50 |
49 static bool shouldBlockFetch(LocalFrame*, const ResourceRequest&, const KURL
&); | 51 static bool shouldBlockFetch(LocalFrame*, const ResourceRequest&, const KURL
&); |
50 | 52 |
51 bool canDisplayInsecureContent(SecurityOrigin* securityOrigin, const KURL& u
rl) const | 53 bool canDisplayInsecureContent(SecurityOrigin* securityOrigin, const KURL& u
rl) const |
52 { | 54 { |
53 return canDisplayInsecureContentInternal(securityOrigin, url, MixedConte
ntChecker::Display); | 55 return canDisplayInsecureContentInternal(securityOrigin, url, MixedConte
ntChecker::Display); |
54 } | 56 } |
55 | 57 |
56 bool canRunInsecureContent(SecurityOrigin* securityOrigin, const KURL& url)
const | 58 bool canRunInsecureContent(SecurityOrigin* securityOrigin, const KURL& url)
const |
57 { | 59 { |
58 return canRunInsecureContentInternal(securityOrigin, url, MixedContentCh
ecker::Execution); | 60 return canRunInsecureContentInternal(securityOrigin, url, MixedContentCh
ecker::Execution); |
59 } | 61 } |
60 | 62 |
61 bool canSubmitToInsecureForm(SecurityOrigin*, const KURL&) const; | 63 bool canSubmitToInsecureForm(SecurityOrigin*, const KURL&) const; |
62 bool canConnectInsecureWebSocket(SecurityOrigin*, const KURL&) const; | 64 bool canConnectInsecureWebSocket(SecurityOrigin*, const KURL&) const; |
63 bool canFrameInsecureContent(SecurityOrigin*, const KURL&) const; | 65 bool canFrameInsecureContent(SecurityOrigin*, const KURL&) const; |
64 static bool isMixedContent(SecurityOrigin*, const KURL&); | 66 static bool isMixedContent(SecurityOrigin*, const KURL&); |
65 | 67 |
66 static void checkMixedPrivatePublic(LocalFrame*, const AtomicString& resourc
eIPAddress); | 68 static void checkMixedPrivatePublic(LocalFrame*, const AtomicString& resourc
eIPAddress); |
67 | 69 |
| 70 void trace(Visitor*); |
| 71 |
68 private: | 72 private: |
69 enum MixedContentType { | 73 enum MixedContentType { |
70 Display, | 74 Display, |
71 Execution, | 75 Execution, |
72 WebSocket, | 76 WebSocket, |
73 Submission | 77 Submission |
74 }; | 78 }; |
75 | 79 |
76 enum ContextType { | 80 enum ContextType { |
77 ContextTypeBlockable, | 81 ContextTypeBlockable, |
78 ContextTypeOptionallyBlockable, | 82 ContextTypeOptionallyBlockable, |
79 ContextTypeShouldBeBlockable, | 83 ContextTypeShouldBeBlockable, |
80 ContextTypeBlockableUnlessLax | 84 ContextTypeBlockableUnlessLax |
81 }; | 85 }; |
82 | 86 |
83 static ContextType contextTypeFromContext(WebURLRequest::RequestContext); | 87 static ContextType contextTypeFromContext(WebURLRequest::RequestContext); |
84 static const char* typeNameFromContext(WebURLRequest::RequestContext); | 88 static const char* typeNameFromContext(WebURLRequest::RequestContext); |
85 static void logToConsole(LocalFrame*, const KURL&, WebURLRequest::RequestCon
text, bool allowed); | 89 static void logToConsole(LocalFrame*, const KURL&, WebURLRequest::RequestCon
text, bool allowed); |
86 | 90 |
87 // FIXME: This should probably have a separate client from FrameLoader. | 91 // FIXME: This should probably have a separate client from FrameLoader. |
88 FrameLoaderClient* client() const; | 92 FrameLoaderClient* client() const; |
89 | 93 |
90 bool canDisplayInsecureContentInternal(SecurityOrigin*, const KURL&, const M
ixedContentType) const; | 94 bool canDisplayInsecureContentInternal(SecurityOrigin*, const KURL&, const M
ixedContentType) const; |
91 | 95 |
92 bool canRunInsecureContentInternal(SecurityOrigin*, const KURL&, const Mixed
ContentType) const; | 96 bool canRunInsecureContentInternal(SecurityOrigin*, const KURL&, const Mixed
ContentType) const; |
93 | 97 |
94 void logWarning(bool allowed, const KURL& i, const MixedContentType) const; | 98 void logWarning(bool allowed, const KURL& i, const MixedContentType) const; |
95 | 99 |
96 LocalFrame* m_frame; | 100 RawPtrWillBeMember<LocalFrame> m_frame; |
97 }; | 101 }; |
98 | 102 |
99 } // namespace blink | 103 } // namespace blink |
100 | 104 |
101 #endif // MixedContentChecker_h | 105 #endif // MixedContentChecker_h |
OLD | NEW |