Chromium Code Reviews Chromium Code Reviews
Issue 747403002:
Ignore insecure parts of CSP in extensions and allow extension to load (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef EXTENSIONS_COMMON_CSP_VALIDATOR_H_ | 5 #ifndef EXTENSIONS_COMMON_CSP_VALIDATOR_H_ |
| 6 #define EXTENSIONS_COMMON_CSP_VALIDATOR_H_ | 6 #define EXTENSIONS_COMMON_CSP_VALIDATOR_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "extensions/common/manifest.h" | 10 #include "extensions/common/manifest.h" |
| (...skipping 23 matching lines...) Expand all Loading... | |
| 34 // | 34 // |
| 35 // Ideally, we would like to say that an XSS vulnerability in the extension | 35 // Ideally, we would like to say that an XSS vulnerability in the extension |
| 36 // should not be able to execute script, even in the precense of an active | 36 // should not be able to execute script, even in the precense of an active |
| 37 // network attacker. | 37 // network attacker. |
| 38 // | 38 // |
| 39 // However, we found that it broke too many deployed extensions to limit | 39 // However, we found that it broke too many deployed extensions to limit |
| 40 // 'unsafe-eval' in the script-src directive, so that is allowed as a special | 40 // 'unsafe-eval' in the script-src directive, so that is allowed as a special |
| 41 // case for extensions. Platform apps disallow it. | 41 // case for extensions. Platform apps disallow it. |
| 42 // | 42 // |
| 43 // |options| is a bitmask of Options. | 43 // |options| is a bitmask of Options. |
| 44 bool ContentSecurityPolicyIsSecure( | 44 // |
| 45 const std::string& policy, int options); | 45 // If |sanitized_csp| is not NULL, |policy| minus the insecure values is stored |
| 46 // in |sanitized_csp|. | |
|
not at google - send to devlin
2014/12/03 20:33:05
If you're going to rename this to "SanitizeCSP" or
| |
| 47 // If |warnings| is not NULL, any validation errors are appended to |warnings|. | |
| 48 // Returns whether |policy| meets the minimum security requirements. | |
|
not at google - send to devlin
2014/12/03 20:33:05
This happens iff there were no warnings, right? Yo
| |
| 49 bool ContentSecurityPolicyIsSecure(const std::string& policy, | |
| 50 int options, | |
| 51 std::string* sanitized_csp, | |
| 52 std::vector<InstallWarning>* warnings); | |
| 46 | 53 |
| 47 // Checks whether the given |policy| enforces a unique origin sandbox as | 54 // Checks whether the given |policy| enforces a unique origin sandbox as |
| 48 // defined by http://www.whatwg.org/specs/web-apps/current-work/multipage/ | 55 // defined by http://www.whatwg.org/specs/web-apps/current-work/multipage/ |
| 49 // the-iframe-element.html#attr-iframe-sandbox. The policy must have the | 56 // the-iframe-element.html#attr-iframe-sandbox. The policy must have the |
| 50 // "sandbox" directive, and the sandbox tokens must not include | 57 // "sandbox" directive, and the sandbox tokens must not include |
| 51 // "allow-same-origin". Additional restrictions may be imposed depending on | 58 // "allow-same-origin". Additional restrictions may be imposed depending on |
| 52 // |type|. | 59 // |type|. |
| 53 bool ContentSecurityPolicyIsSandboxed( | 60 bool ContentSecurityPolicyIsSandboxed( |
| 54 const std::string& policy, Manifest::Type type); | 61 const std::string& policy, Manifest::Type type); |
| 55 | 62 |
| 56 } // namespace csp_validator | 63 } // namespace csp_validator |
| 57 | 64 |
| 58 } // namespace extensions | 65 } // namespace extensions |
| 59 | 66 |
| 60 #endif // EXTENSIONS_COMMON_CSP_VALIDATOR_H_ | 67 #endif // EXTENSIONS_COMMON_CSP_VALIDATOR_H_ |
| OLD | NEW |
