Chromium Code Reviews Chromium Code Reviews
Issue 730203007:
CSP: Permit exempting schemes only for certain policy areas. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 14 matching lines...) Expand all Loading... | |
| 25 */ | 25 */ |
| 26 | 26 |
| 27 #include "config.h" | 27 #include "config.h" |
| 28 #include "platform/weborigin/SchemeRegistry.h" | 28 #include "platform/weborigin/SchemeRegistry.h" |
| 29 | 29 |
| 30 #include "wtf/MainThread.h" | 30 #include "wtf/MainThread.h" |
| 31 #include "wtf/text/StringBuilder.h" | 31 #include "wtf/text/StringBuilder.h" |
| 32 | 32 |
| 33 namespace blink { | 33 namespace blink { |
| 34 | 34 |
| 35 static URLSchemesMap& localURLSchemes() | 35 static URLSchemesSet& localURLSchemes() |
| 36 { | 36 { |
| 37 DEFINE_STATIC_LOCAL(URLSchemesMap, localSchemes, ()); | 37 DEFINE_STATIC_LOCAL(URLSchemesSet, localSchemes, ()); |
| 38 | 38 |
| 39 if (localSchemes.isEmpty()) | 39 if (localSchemes.isEmpty()) |
| 40 localSchemes.add("file"); | 40 localSchemes.add("file"); |
| 41 | 41 |
| 42 return localSchemes; | 42 return localSchemes; |
| 43 } | 43 } |
| 44 | 44 |
| 45 static URLSchemesMap& displayIsolatedURLSchemes() | 45 static URLSchemesSet& displayIsolatedURLSchemes() |
| 46 { | 46 { |
| 47 DEFINE_STATIC_LOCAL(URLSchemesMap, displayIsolatedSchemes, ()); | 47 DEFINE_STATIC_LOCAL(URLSchemesSet, displayIsolatedSchemes, ()); |
| 48 return displayIsolatedSchemes; | 48 return displayIsolatedSchemes; |
| 49 } | 49 } |
| 50 | 50 |
| 51 static URLSchemesMap& secureSchemes() | 51 static URLSchemesSet& secureSchemes() |
| 52 { | 52 { |
| 53 DEFINE_STATIC_LOCAL(URLSchemesMap, secureSchemes, ()); | 53 DEFINE_STATIC_LOCAL(URLSchemesSet, secureSchemes, ()); |
| 54 | 54 |
| 55 if (secureSchemes.isEmpty()) { | 55 if (secureSchemes.isEmpty()) { |
| 56 secureSchemes.add("https"); | 56 secureSchemes.add("https"); |
| 57 secureSchemes.add("about"); | 57 secureSchemes.add("about"); |
| 58 secureSchemes.add("data"); | 58 secureSchemes.add("data"); |
| 59 secureSchemes.add("wss"); | 59 secureSchemes.add("wss"); |
| 60 } | 60 } |
| 61 | 61 |
| 62 return secureSchemes; | 62 return secureSchemes; |
| 63 } | 63 } |
| 64 | 64 |
| 65 static URLSchemesMap& schemesWithUniqueOrigins() | 65 static URLSchemesSet& schemesWithUniqueOrigins() |
| 66 { | 66 { |
| 67 DEFINE_STATIC_LOCAL(URLSchemesMap, schemesWithUniqueOrigins, ()); | 67 DEFINE_STATIC_LOCAL(URLSchemesSet, schemesWithUniqueOrigins, ()); |
| 68 | 68 |
| 69 if (schemesWithUniqueOrigins.isEmpty()) { | 69 if (schemesWithUniqueOrigins.isEmpty()) { |
| 70 schemesWithUniqueOrigins.add("about"); | 70 schemesWithUniqueOrigins.add("about"); |
| 71 schemesWithUniqueOrigins.add("javascript"); | 71 schemesWithUniqueOrigins.add("javascript"); |
| 72 // This is a willful violation of HTML5. | 72 // This is a willful violation of HTML5. |
| 73 // See https://bugs.webkit.org/show_bug.cgi?id=11885 | 73 // See https://bugs.webkit.org/show_bug.cgi?id=11885 |
| 74 schemesWithUniqueOrigins.add("data"); | 74 schemesWithUniqueOrigins.add("data"); |
| 75 } | 75 } |
| 76 | 76 |
| 77 return schemesWithUniqueOrigins; | 77 return schemesWithUniqueOrigins; |
| 78 } | 78 } |
| 79 | 79 |
| 80 static URLSchemesMap& emptyDocumentSchemes() | 80 static URLSchemesSet& emptyDocumentSchemes() |
| 81 { | 81 { |
| 82 DEFINE_STATIC_LOCAL(URLSchemesMap, emptyDocumentSchemes, ()); | 82 DEFINE_STATIC_LOCAL(URLSchemesSet, emptyDocumentSchemes, ()); |
| 83 | 83 |
| 84 if (emptyDocumentSchemes.isEmpty()) | 84 if (emptyDocumentSchemes.isEmpty()) |
| 85 emptyDocumentSchemes.add("about"); | 85 emptyDocumentSchemes.add("about"); |
| 86 | 86 |
| 87 return emptyDocumentSchemes; | 87 return emptyDocumentSchemes; |
| 88 } | 88 } |
| 89 | 89 |
| 90 static HashSet<String>& schemesForbiddenFromDomainRelaxation() | 90 static HashSet<String>& schemesForbiddenFromDomainRelaxation() |
| 91 { | 91 { |
| 92 DEFINE_STATIC_LOCAL(HashSet<String>, schemes, ()); | 92 DEFINE_STATIC_LOCAL(HashSet<String>, schemes, ()); |
| 93 return schemes; | 93 return schemes; |
| 94 } | 94 } |
| 95 | 95 |
| 96 static URLSchemesMap& canDisplayOnlyIfCanRequestSchemes() | 96 static URLSchemesSet& canDisplayOnlyIfCanRequestSchemes() |
| 97 { | 97 { |
| 98 DEFINE_STATIC_LOCAL(URLSchemesMap, canDisplayOnlyIfCanRequestSchemes, ()); | 98 DEFINE_STATIC_LOCAL(URLSchemesSet, canDisplayOnlyIfCanRequestSchemes, ()); |
| 99 | 99 |
| 100 if (canDisplayOnlyIfCanRequestSchemes.isEmpty()) { | 100 if (canDisplayOnlyIfCanRequestSchemes.isEmpty()) { |
| 101 canDisplayOnlyIfCanRequestSchemes.add("blob"); | 101 canDisplayOnlyIfCanRequestSchemes.add("blob"); |
| 102 canDisplayOnlyIfCanRequestSchemes.add("filesystem"); | 102 canDisplayOnlyIfCanRequestSchemes.add("filesystem"); |
| 103 } | 103 } |
| 104 | 104 |
| 105 return canDisplayOnlyIfCanRequestSchemes; | 105 return canDisplayOnlyIfCanRequestSchemes; |
| 106 } | 106 } |
| 107 | 107 |
| 108 static URLSchemesMap& notAllowingJavascriptURLsSchemes() | 108 static URLSchemesSet& notAllowingJavascriptURLsSchemes() |
| 109 { | 109 { |
| 110 DEFINE_STATIC_LOCAL(URLSchemesMap, notAllowingJavascriptURLsSchemes, ()); | 110 DEFINE_STATIC_LOCAL(URLSchemesSet, notAllowingJavascriptURLsSchemes, ()); |
| 111 return notAllowingJavascriptURLsSchemes; | 111 return notAllowingJavascriptURLsSchemes; |
| 112 } | 112 } |
| 113 | 113 |
| 114 void SchemeRegistry::registerURLSchemeAsLocal(const String& scheme) | 114 void SchemeRegistry::registerURLSchemeAsLocal(const String& scheme) |
| 115 { | 115 { |
| 116 localURLSchemes().add(scheme); | 116 localURLSchemes().add(scheme); |
| 117 } | 117 } |
| 118 | 118 |
| 119 void SchemeRegistry::removeURLSchemeRegisteredAsLocal(const String& scheme) | 119 void SchemeRegistry::removeURLSchemeRegisteredAsLocal(const String& scheme) |
| 120 { | 120 { |
| 121 if (scheme == "file") | 121 if (scheme == "file") |
| 122 return; | 122 return; |
| 123 localURLSchemes().remove(scheme); | 123 localURLSchemes().remove(scheme); |
| 124 } | 124 } |
| 125 | 125 |
| 126 const URLSchemesMap& SchemeRegistry::localSchemes() | 126 const URLSchemesSet& SchemeRegistry::localSchemes() |
| 127 { | 127 { |
| 128 return localURLSchemes(); | 128 return localURLSchemes(); |
| 129 } | 129 } |
| 130 | 130 |
| 131 static URLSchemesMap& CORSEnabledSchemes() | 131 static URLSchemesSet& CORSEnabledSchemes() |
| 132 { | 132 { |
| 133 // FIXME: http://bugs.webkit.org/show_bug.cgi?id=77160 | 133 // FIXME: http://bugs.webkit.org/show_bug.cgi?id=77160 |
| 134 DEFINE_STATIC_LOCAL(URLSchemesMap, CORSEnabledSchemes, ()); | 134 DEFINE_STATIC_LOCAL(URLSchemesSet, CORSEnabledSchemes, ()); |
| 135 | 135 |
| 136 if (CORSEnabledSchemes.isEmpty()) { | 136 if (CORSEnabledSchemes.isEmpty()) { |
| 137 CORSEnabledSchemes.add("http"); | 137 CORSEnabledSchemes.add("http"); |
| 138 CORSEnabledSchemes.add("https"); | 138 CORSEnabledSchemes.add("https"); |
| 139 CORSEnabledSchemes.add("data"); | 139 CORSEnabledSchemes.add("data"); |
| 140 } | 140 } |
| 141 | 141 |
| 142 return CORSEnabledSchemes; | 142 return CORSEnabledSchemes; |
| 143 } | 143 } |
| 144 | 144 |
| 145 static URLSchemesMap& LegacySchemes() | 145 static URLSchemesSet& LegacySchemes() |
| 146 { | 146 { |
| 147 DEFINE_STATIC_LOCAL(URLSchemesMap, LegacySchemes, ()); | 147 DEFINE_STATIC_LOCAL(URLSchemesSet, LegacySchemes, ()); |
| 148 | 148 |
| 149 if (LegacySchemes.isEmpty()) { | 149 if (LegacySchemes.isEmpty()) { |
| 150 LegacySchemes.add("ftp"); | 150 LegacySchemes.add("ftp"); |
| 151 LegacySchemes.add("gopher"); | 151 LegacySchemes.add("gopher"); |
| 152 } | 152 } |
| 153 | 153 |
| 154 return LegacySchemes; | 154 return LegacySchemes; |
| 155 } | 155 } |
| 156 | 156 |
| 157 static URLSchemesMap& ContentSecurityPolicyBypassingSchemes() | 157 static URLSchemesMap<SchemeRegistry::PolicyAreas>& ContentSecurityPolicyBypassin gSchemes() |
| 158 { | 158 { |
| 159 DEFINE_STATIC_LOCAL(URLSchemesMap, schemes, ()); | 159 DEFINE_STATIC_LOCAL(URLSchemesMap<SchemeRegistry::PolicyAreas>, schemes, ()) ; |
| 160 return schemes; | 160 return schemes; |
| 161 } | 161 } |
| 162 | 162 |
| 163 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme) | 163 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme) |
| 164 { | 164 { |
| 165 if (scheme.isEmpty()) | 165 if (scheme.isEmpty()) |
| 166 return false; | 166 return false; |
| 167 return localURLSchemes().contains(scheme); | 167 return localURLSchemes().contains(scheme); |
| 168 } | 168 } |
| 169 | 169 |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 265 bool SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(const String& scheme) | 265 bool SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(const String& scheme) |
| 266 { | 266 { |
| 267 if (scheme.isEmpty()) | 267 if (scheme.isEmpty()) |
| 268 return false; | 268 return false; |
| 269 return CORSEnabledSchemes().contains(scheme); | 269 return CORSEnabledSchemes().contains(scheme); |
| 270 } | 270 } |
| 271 | 271 |
| 272 String SchemeRegistry::listOfCORSEnabledURLSchemes() | 272 String SchemeRegistry::listOfCORSEnabledURLSchemes() |
| 273 { | 273 { |
| 274 StringBuilder builder; | 274 StringBuilder builder; |
| 275 const URLSchemesMap& corsEnabledSchemes = CORSEnabledSchemes(); | |
| 276 | |
| 277 bool addSeparator = false; | 275 bool addSeparator = false; |
| 278 for (URLSchemesMap::const_iterator it = corsEnabledSchemes.begin(); it != co rsEnabledSchemes.end(); ++it) { | 276 for (const auto& scheme : CORSEnabledSchemes()) { |
| 279 if (addSeparator) | 277 if (addSeparator) |
| 280 builder.appendLiteral(", "); | 278 builder.appendLiteral(", "); |
| 281 else | 279 else |
| 282 addSeparator = true; | 280 addSeparator = true; |
| 283 | 281 |
| 284 builder.append(*it); | 282 builder.append(scheme); |
| 285 } | 283 } |
| 286 return builder.toString(); | 284 return builder.toString(); |
| 287 } | 285 } |
| 288 | 286 |
| 289 void SchemeRegistry::registerURLSchemeAsLegacy(const String& scheme) | 287 void SchemeRegistry::registerURLSchemeAsLegacy(const String& scheme) |
| 290 { | 288 { |
| 291 LegacySchemes().add(scheme); | 289 LegacySchemes().add(scheme); |
| 292 } | 290 } |
| 293 | 291 |
| 294 bool SchemeRegistry::shouldTreatURLSchemeAsLegacy(const String& scheme) | 292 bool SchemeRegistry::shouldTreatURLSchemeAsLegacy(const String& scheme) |
| 295 { | 293 { |
| 296 if (scheme.isEmpty()) | 294 if (scheme.isEmpty()) |
| 297 return false; | 295 return false; |
| 298 return LegacySchemes().contains(scheme); | 296 return LegacySchemes().contains(scheme); |
| 299 } | 297 } |
| 300 | 298 |
| 301 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(const Str ing& scheme) | 299 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(const Str ing& scheme, PolicyAreas policyAreas) |
| 302 { | 300 { |
| 303 ContentSecurityPolicyBypassingSchemes().add(scheme); | 301 ContentSecurityPolicyBypassingSchemes().add(scheme, policyAreas); |
| 304 } | 302 } |
| 305 | 303 |
| 306 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(c onst String& scheme) | 304 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(c onst String& scheme) |
| 307 { | 305 { |
| 308 ContentSecurityPolicyBypassingSchemes().remove(scheme); | 306 ContentSecurityPolicyBypassingSchemes().remove(scheme); |
| 309 } | 307 } |
| 310 | 308 |
| 311 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& schem e) | 309 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& schem e, PolicyAreas policyAreas) |
| 312 { | 310 { |
| 313 if (scheme.isEmpty()) | 311 if (scheme.isEmpty()) |
|
Tom Sepez
2014/11/18 19:49:35
Should we assert policyAreas != 0?
jbroman
2014/11/18 20:02:04
Done.
| |
| 314 return false; | 312 return false; |
| 315 return ContentSecurityPolicyBypassingSchemes().contains(scheme); | 313 |
| 314 // get() returns 0 (PolicyAreaNone) if there is no entry in the map. | |
| 315 // Thus by default, schemes do not bypass CSP. | |
| 316 return (~ContentSecurityPolicyBypassingSchemes().get(scheme) & policyAreas) == 0; | |
|
Tom Sepez
2014/11/18 19:35:54
nit: I thought this would be:
(ContentSecurityPol
| |
| 316 } | 317 } |
| 317 | 318 |
| 318 } // namespace blink | 319 } // namespace blink |
| OLD | NEW |
