Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(626)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/html/HTMLLinkElement.cpp

Issue 622783004: Implementation of subresource integrity attribute for style sheets. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Rebase on ToT Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « LayoutTests/http/tests/security/subresourceIntegrity/subresource-integrity-style-blocked-expected.txt ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org)
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) 3 * (C) 1999 Antti Koivisto (koivisto@kde.org)
4 * (C) 2001 Dirk Mueller (mueller@kde.org) 4 * (C) 2001 Dirk Mueller (mueller@kde.org)
5 * Copyright (C) 2003, 2006, 2007, 2008, 2009, 2010 Apple Inc. All rights reserv ed. 5 * Copyright (C) 2003, 2006, 2007, 2008, 2009, 2010 Apple Inc. All rights reserv ed.
6 * Copyright (C) 2009 Rob Buis (rwlbuis@gmail.com) 6 * Copyright (C) 2009 Rob Buis (rwlbuis@gmail.com)
7 * Copyright (C) 2011 Google Inc. All rights reserved. 7 * Copyright (C) 2011 Google Inc. All rights reserved.
8 * 8 *
9 * This library is free software; you can redistribute it and/or 9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Library General Public 10 * modify it under the terms of the GNU Library General Public
(...skipping 24 matching lines...) Expand all
35 #include "core/dom/Attribute.h" 35 #include "core/dom/Attribute.h"
36 #include "core/dom/Document.h" 36 #include "core/dom/Document.h"
37 #include "core/dom/StyleEngine.h" 37 #include "core/dom/StyleEngine.h"
38 #include "core/events/Event.h" 38 #include "core/events/Event.h"
39 #include "core/events/EventSender.h" 39 #include "core/events/EventSender.h"
40 #include "core/fetch/CSSStyleSheetResource.h" 40 #include "core/fetch/CSSStyleSheetResource.h"
41 #include "core/fetch/FetchRequest.h" 41 #include "core/fetch/FetchRequest.h"
42 #include "core/fetch/ResourceFetcher.h" 42 #include "core/fetch/ResourceFetcher.h"
43 #include "core/frame/FrameView.h" 43 #include "core/frame/FrameView.h"
44 #include "core/frame/LocalFrame.h" 44 #include "core/frame/LocalFrame.h"
45 #include "core/frame/SubresourceIntegrity.h"
45 #include "core/frame/csp/ContentSecurityPolicy.h" 46 #include "core/frame/csp/ContentSecurityPolicy.h"
46 #include "core/html/LinkManifest.h" 47 #include "core/html/LinkManifest.h"
47 #include "core/html/imports/LinkImport.h" 48 #include "core/html/imports/LinkImport.h"
48 #include "core/loader/FrameLoader.h" 49 #include "core/loader/FrameLoader.h"
49 #include "core/loader/FrameLoaderClient.h" 50 #include "core/loader/FrameLoaderClient.h"
50 #include "core/rendering/style/StyleInheritedData.h" 51 #include "core/rendering/style/StyleInheritedData.h"
51 #include "platform/RuntimeEnabledFeatures.h" 52 #include "platform/RuntimeEnabledFeatures.h"
52 #include "wtf/StdLibExtras.h" 53 #include "wtf/StdLibExtras.h"
53 54
54 namespace blink { 55 namespace blink {
(...skipping 439 matching lines...) Expand 10 before | Expand all | Expand 10 after
494 Document& LinkStyle::document() 495 Document& LinkStyle::document()
495 { 496 {
496 return m_owner->document(); 497 return m_owner->document();
497 } 498 }
498 499
499 void LinkStyle::setCSSStyleSheet(const String& href, const KURL& baseURL, const String& charset, const CSSStyleSheetResource* cachedStyleSheet) 500 void LinkStyle::setCSSStyleSheet(const String& href, const KURL& baseURL, const String& charset, const CSSStyleSheetResource* cachedStyleSheet)
500 { 501 {
501 if (!m_owner->inDocument()) { 502 if (!m_owner->inDocument()) {
502 ASSERT(!m_sheet); 503 ASSERT(!m_sheet);
503 return; 504 return;
505 }
504 506
507 if (!SubresourceIntegrity::CheckSubresourceIntegrity(*m_owner, cachedStyleSh eet->sheetText(), KURL(KURL(), href))) {
508 m_loading = false;
509 removePendingSheet();
510 return;
505 } 511 }
512
506 // Completing the sheet load may cause scripts to execute. 513 // Completing the sheet load may cause scripts to execute.
507 RefPtrWillBeRawPtr<Node> protector(m_owner.get()); 514 RefPtrWillBeRawPtr<Node> protector(m_owner.get());
508 515
509 CSSParserContext parserContext(m_owner->document(), 0, baseURL, charset); 516 CSSParserContext parserContext(m_owner->document(), 0, baseURL, charset);
510 517
511 if (RefPtrWillBeRawPtr<StyleSheetContents> restoredSheet = const_cast<CSSSty leSheetResource*>(cachedStyleSheet)->restoreParsedStyleSheet(parserContext)) { 518 if (RefPtrWillBeRawPtr<StyleSheetContents> restoredSheet = const_cast<CSSSty leSheetResource*>(cachedStyleSheet)->restoreParsedStyleSheet(parserContext)) {
512 ASSERT(restoredSheet->isCacheable()); 519 ASSERT(restoredSheet->isCacheable());
513 ASSERT(!restoredSheet->isLoading()); 520 ASSERT(!restoredSheet->isLoading());
514 521
515 if (m_sheet) 522 if (m_sheet)
516 clearSheet(); 523 clearSheet();
517 m_sheet = CSSStyleSheet::create(restoredSheet, m_owner); 524 m_sheet = CSSStyleSheet::create(restoredSheet, m_owner);
518 m_sheet->setMediaQueries(MediaQuerySet::create(m_owner->media())); 525 m_sheet->setMediaQueries(MediaQuerySet::create(m_owner->media()));
519 m_sheet->setTitle(m_owner->title()); 526 m_sheet->setTitle(m_owner->title());
520 527
521 m_loading = false; 528 m_loading = false;
522 restoredSheet->checkLoaded(); 529 restoredSheet->checkLoaded();
523 return; 530 return;
524 } 531 }
525 532
526 RefPtrWillBeRawPtr<StyleSheetContents> styleSheet = StyleSheetContents::crea te(href, parserContext); 533 RefPtrWillBeRawPtr<StyleSheetContents> styleSheet = StyleSheetContents::crea te(href, parserContext);
527 534
528 if (m_sheet) 535 if (m_sheet)
529 clearSheet(); 536 clearSheet();
537
530 m_sheet = CSSStyleSheet::create(styleSheet, m_owner); 538 m_sheet = CSSStyleSheet::create(styleSheet, m_owner);
531 m_sheet->setMediaQueries(MediaQuerySet::create(m_owner->media())); 539 m_sheet->setMediaQueries(MediaQuerySet::create(m_owner->media()));
532 m_sheet->setTitle(m_owner->title()); 540 m_sheet->setTitle(m_owner->title());
533 541
534 styleSheet->parseAuthorStyleSheet(cachedStyleSheet, m_owner->document().secu rityOrigin()); 542 styleSheet->parseAuthorStyleSheet(cachedStyleSheet, m_owner->document().secu rityOrigin());
535 543
536 m_loading = false; 544 m_loading = false;
537 styleSheet->notifyLoadedSheet(cachedStyleSheet); 545 styleSheet->notifyLoadedSheet(cachedStyleSheet);
538 styleSheet->checkLoaded(); 546 styleSheet->checkLoaded();
539 547
(...skipping 198 matching lines...) Expand 10 before | Expand all | Expand 10 after
738 removePendingSheet(); 746 removePendingSheet();
739 } 747 }
740 748
741 void LinkStyle::trace(Visitor* visitor) 749 void LinkStyle::trace(Visitor* visitor)
742 { 750 {
743 visitor->trace(m_sheet); 751 visitor->trace(m_sheet);
744 LinkResource::trace(visitor); 752 LinkResource::trace(visitor);
745 } 753 }
746 754
747 } // namespace blink 755 } // namespace blink
OLDNEW
« no previous file with comments | « LayoutTests/http/tests/security/subresourceIntegrity/subresource-integrity-style-blocked-expected.txt ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698