| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2012 Google Inc. All rights reserved. | 2 * Copyright (C) 2012 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 47 WTF_MAKE_NONCOPYABLE(MixedContentChecker); | 47 WTF_MAKE_NONCOPYABLE(MixedContentChecker); |
| 48 DISALLOW_ALLOCATION(); | 48 DISALLOW_ALLOCATION(); |
| 49 public: | 49 public: |
| 50 enum ReportingStatus { SendReport, SuppressReport }; | 50 enum ReportingStatus { SendReport, SuppressReport }; |
| 51 static bool shouldBlockFetch(LocalFrame*, WebURLRequest::RequestContext, Web
URLRequest::FrameType, const KURL&, ReportingStatus = SendReport); | 51 static bool shouldBlockFetch(LocalFrame*, WebURLRequest::RequestContext, Web
URLRequest::FrameType, const KURL&, ReportingStatus = SendReport); |
| 52 static bool shouldBlockFetch(LocalFrame* frame, const ResourceRequest& reque
st, const KURL& url, ReportingStatus status = SendReport) | 52 static bool shouldBlockFetch(LocalFrame* frame, const ResourceRequest& reque
st, const KURL& url, ReportingStatus status = SendReport) |
| 53 { | 53 { |
| 54 return shouldBlockFetch(frame, request.requestContext(), request.frameTy
pe(), url, status); | 54 return shouldBlockFetch(frame, request.requestContext(), request.frameTy
pe(), url, status); |
| 55 } | 55 } |
| 56 | 56 |
| 57 static bool shouldBlockConnection(LocalFrame*, const KURL&, ReportingStatus
= SendReport); |
| 58 |
| 57 static bool isMixedContent(SecurityOrigin*, const KURL&); | 59 static bool isMixedContent(SecurityOrigin*, const KURL&); |
| 58 | 60 |
| 59 static void checkMixedPrivatePublic(LocalFrame*, const AtomicString& resourc
eIPAddress); | 61 static void checkMixedPrivatePublic(LocalFrame*, const AtomicString& resourc
eIPAddress); |
| 60 | 62 |
| 61 // FIXME: Get rid of these non-static bits. https://crbug.com/305811 | 63 // FIXME: Get rid of these non-static bits. https://crbug.com/305811 |
| 62 explicit MixedContentChecker(LocalFrame*); | 64 explicit MixedContentChecker(LocalFrame*); |
| 63 bool canSubmitToInsecureForm(SecurityOrigin*, const KURL&) const; | 65 bool canSubmitToInsecureForm(SecurityOrigin*, const KURL&) const; |
| 64 bool canConnectInsecureWebSocket(SecurityOrigin*, const KURL&) const; | |
| 65 void trace(Visitor*); | 66 void trace(Visitor*); |
| 66 | 67 |
| 67 private: | 68 private: |
| 68 enum MixedContentType { | 69 enum MixedContentType { |
| 69 Display, | 70 Display, |
| 70 Execution, | 71 Execution, |
| 71 WebSocket, | 72 WebSocket, |
| 72 Submission | 73 Submission |
| 73 }; | 74 }; |
| 74 | 75 |
| 75 enum ContextType { | 76 enum ContextType { |
| 76 ContextTypeBlockable, | 77 ContextTypeBlockable, |
| 77 ContextTypeOptionallyBlockable, | 78 ContextTypeOptionallyBlockable, |
| 78 ContextTypeShouldBeBlockable, | 79 ContextTypeShouldBeBlockable, |
| 79 }; | 80 }; |
| 80 | 81 |
| 82 static LocalFrame* inWhichFrameIsContentMixed(LocalFrame*, WebURLRequest::Fr
ameType, const KURL&); |
| 83 |
| 81 static ContextType contextTypeFromContext(WebURLRequest::RequestContext); | 84 static ContextType contextTypeFromContext(WebURLRequest::RequestContext); |
| 82 static const char* typeNameFromContext(WebURLRequest::RequestContext); | 85 static const char* typeNameFromContext(WebURLRequest::RequestContext); |
| 83 static void logToConsole(LocalFrame*, const KURL&, WebURLRequest::RequestCon
text, bool allowed); | 86 static void logToConsole(LocalFrame*, const KURL&, WebURLRequest::RequestCon
text, bool allowed); |
| 84 static void count(LocalFrame*, WebURLRequest::RequestContext); | 87 static void count(LocalFrame*, WebURLRequest::RequestContext); |
| 85 | 88 |
| 86 // FIXME: Get rid of these non-static bits. https://crbug.com/305811 | 89 // FIXME: Get rid of these non-static bits. https://crbug.com/305811 |
| 87 FrameLoaderClient* client() const; | 90 FrameLoaderClient* client() const; |
| 88 bool canDisplayInsecureContent(SecurityOrigin*, const KURL&, const MixedCont
entType) const; | 91 bool canDisplayInsecureContent(SecurityOrigin*, const KURL&, const MixedCont
entType) const; |
| 89 bool canRunInsecureContent(SecurityOrigin*, const KURL&, const MixedContentT
ype) const; | |
| 90 void logWarning(bool allowed, const KURL& i, const MixedContentType) const; | 92 void logWarning(bool allowed, const KURL& i, const MixedContentType) const; |
| 91 | 93 |
| 92 RawPtrWillBeMember<LocalFrame> m_frame; | 94 RawPtrWillBeMember<LocalFrame> m_frame; |
| 93 }; | 95 }; |
| 94 | 96 |
| 95 } // namespace blink | 97 } // namespace blink |
| 96 | 98 |
| 97 #endif // MixedContentChecker_h | 99 #endif // MixedContentChecker_h |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 842783002:
Mixed Content: Add a static check for WebSockets. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@lax