OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 11 matching lines...) Expand all Loading... |
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 */ | 24 */ |
25 | 25 |
26 #include "config.h" | 26 #include "config.h" |
27 #include "core/frame/ContentSecurityPolicy.h" | 27 #include "core/frame/ContentSecurityPolicy.h" |
28 | 28 |
29 #include "RuntimeEnabledFeatures.h" | 29 #include "RuntimeEnabledFeatures.h" |
30 #include "bindings/v8/ScriptCallStackFactory.h" | 30 #include "bindings/v8/ScriptCallStackFactory.h" |
31 #include "bindings/v8/ScriptController.h" | 31 #include "bindings/v8/ScriptController.h" |
32 #include "bindings/v8/ScriptState.h" | |
33 #include "core/dom/DOMStringList.h" | 32 #include "core/dom/DOMStringList.h" |
34 #include "core/dom/Document.h" | 33 #include "core/dom/Document.h" |
35 #include "core/events/SecurityPolicyViolationEvent.h" | 34 #include "core/events/SecurityPolicyViolationEvent.h" |
36 #include "core/frame/ContentSecurityPolicyResponseHeaders.h" | 35 #include "core/frame/ContentSecurityPolicyResponseHeaders.h" |
37 #include "core/frame/DOMWindow.h" | 36 #include "core/frame/DOMWindow.h" |
38 #include "core/frame/Frame.h" | 37 #include "core/frame/Frame.h" |
39 #include "core/inspector/InspectorInstrumentation.h" | 38 #include "core/inspector/InspectorInstrumentation.h" |
40 #include "core/inspector/ScriptCallStack.h" | 39 #include "core/inspector/ScriptCallStack.h" |
41 #include "core/loader/DocumentLoader.h" | 40 #include "core/loader/DocumentLoader.h" |
42 #include "core/loader/PingLoader.h" | 41 #include "core/loader/PingLoader.h" |
43 #include "core/frame/UseCounter.h" | 42 #include "core/frame/UseCounter.h" |
44 #include "platform/JSONValues.h" | 43 #include "platform/JSONValues.h" |
45 #include "platform/NotImplemented.h" | 44 #include "platform/NotImplemented.h" |
46 #include "platform/ParsingUtilities.h" | 45 #include "platform/ParsingUtilities.h" |
47 #include "platform/network/FormData.h" | 46 #include "platform/network/FormData.h" |
48 #include "platform/network/ResourceResponse.h" | 47 #include "platform/network/ResourceResponse.h" |
49 #include "platform/weborigin/KURL.h" | 48 #include "platform/weborigin/KURL.h" |
50 #include "platform/weborigin/KnownPorts.h" | 49 #include "platform/weborigin/KnownPorts.h" |
51 #include "platform/weborigin/SchemeRegistry.h" | 50 #include "platform/weborigin/SchemeRegistry.h" |
52 #include "platform/weborigin/SecurityOrigin.h" | 51 #include "platform/weborigin/SecurityOrigin.h" |
53 #include "wtf/HashSet.h" | |
54 #include "wtf/SHA1.h" | 52 #include "wtf/SHA1.h" |
55 #include "wtf/StringHasher.h" | 53 #include "wtf/StringHasher.h" |
56 #include "wtf/text/Base64.h" | 54 #include "wtf/text/Base64.h" |
57 #include "wtf/text/StringBuilder.h" | 55 #include "wtf/text/StringBuilder.h" |
58 #include "wtf/text/TextPosition.h" | |
59 #include "wtf/text/WTFString.h" | |
60 | 56 |
61 namespace WTF { | 57 namespace WTF { |
62 | 58 |
63 struct VectorIntHash { | 59 struct VectorIntHash { |
64 static unsigned hash(const Vector<uint8_t>& v) { return StringHasher::comput
eHash(v.data(), v.size()); } | 60 static unsigned hash(const Vector<uint8_t>& v) { return StringHasher::comput
eHash(v.data(), v.size()); } |
65 static bool equal(const Vector<uint8_t>& a, const Vector<uint8_t>& b) { retu
rn a == b; }; | 61 static bool equal(const Vector<uint8_t>& a, const Vector<uint8_t>& b) { retu
rn a == b; }; |
66 static const bool safeToCompareToEmptyOrDeleted = true; | 62 static const bool safeToCompareToEmptyOrDeleted = true; |
67 }; | 63 }; |
68 template<> struct DefaultHash<Vector<uint8_t> > { | 64 template<> struct DefaultHash<Vector<uint8_t> > { |
69 typedef VectorIntHash Hash; | 65 typedef VectorIntHash Hash; |
(...skipping 1952 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2022 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. | 2018 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. |
2023 return !m_violationReportsSent.contains(report.impl()->hash()); | 2019 return !m_violationReportsSent.contains(report.impl()->hash()); |
2024 } | 2020 } |
2025 | 2021 |
2026 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 2022 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
2027 { | 2023 { |
2028 m_violationReportsSent.add(report.impl()->hash()); | 2024 m_violationReportsSent.add(report.impl()->hash()); |
2029 } | 2025 } |
2030 | 2026 |
2031 } // namespace WebCore | 2027 } // namespace WebCore |
OLD | NEW |