Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(288)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/frame/csp/CSPDirectiveList.h

Issue 901903003: CSP: Adding the 'upgrade-insecure-requests' directive. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: WebSockets + Tests. Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Source/core/fetch/ResourceFetcherTest.cpp ('k') | Source/core/frame/csp/CSPDirectiveList.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CSPDirectiveList_h 5 #ifndef CSPDirectiveList_h
6 #define CSPDirectiveList_h 6 #define CSPDirectiveList_h
7 7
8 #include "core/frame/csp/ContentSecurityPolicy.h" 8 #include "core/frame/csp/ContentSecurityPolicy.h"
9 #include "core/frame/csp/MediaListDirective.h" 9 #include "core/frame/csp/MediaListDirective.h"
10 #include "core/frame/csp/SourceListDirective.h" 10 #include "core/frame/csp/SourceListDirective.h"
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after
68 CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, Co ntentSecurityPolicyHeaderSource); 68 CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, Co ntentSecurityPolicyHeaderSource);
69 69
70 bool parseDirective(const UChar* begin, const UChar* end, String& name, Stri ng& value); 70 bool parseDirective(const UChar* begin, const UChar* end, String& name, Stri ng& value);
71 void parseReportURI(const String& name, const String& value); 71 void parseReportURI(const String& name, const String& value);
72 void parsePluginTypes(const String& name, const String& value); 72 void parsePluginTypes(const String& name, const String& value);
73 void parseReflectedXSS(const String& name, const String& value); 73 void parseReflectedXSS(const String& name, const String& value);
74 void parseReferrer(const String& name, const String& value); 74 void parseReferrer(const String& name, const String& value);
75 void addDirective(const String& name, const String& value); 75 void addDirective(const String& name, const String& value);
76 void applySandboxPolicy(const String& name, const String& sandboxPolicy); 76 void applySandboxPolicy(const String& name, const String& sandboxPolicy);
77 void enforceStrictMixedContentChecking(const String& name, const String& val ue); 77 void enforceStrictMixedContentChecking(const String& name, const String& val ue);
78 void enableInsecureContentUpgrade(const String& name, const String& value);
78 79
79 template <class CSPDirectiveType> 80 template <class CSPDirectiveType>
80 void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDire ctiveType>&); 81 void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDire ctiveType>&);
81 82
82 SourceListDirective* operativeDirective(SourceListDirective*) const; 83 SourceListDirective* operativeDirective(SourceListDirective*) const;
83 SourceListDirective* operativeDirective(SourceListDirective*, SourceListDire ctive* override) const; 84 SourceListDirective* operativeDirective(SourceListDirective*, SourceListDire ctive* override) const;
84 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL) const; 85 void reportViolation(const String& directiveText, const String& effectiveDir ective, const String& consoleMessage, const KURL& blockedURL) const;
85 void reportViolationWithFrame(const String& directiveText, const String& eff ectiveDirective, const String& consoleMessage, const KURL& blockedURL, LocalFram e*) const; 86 void reportViolationWithFrame(const String& directiveText, const String& eff ectiveDirective, const String& consoleMessage, const KURL& blockedURL, LocalFram e*) const;
86 void reportViolationWithLocation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const String& contextURL, const WTF::OrdinalNumber& contextLine) const; 87 void reportViolationWithLocation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
87 void reportViolationWithState(const String& directiveText, const String& eff ectiveDirective, const String& message, const KURL& blockedURL, ScriptState*) co nst; 88 void reportViolationWithState(const String& directiveText, const String& eff ectiveDirective, const String& message, const KURL& blockedURL, ScriptState*) co nst;
(...skipping 25 matching lines...) Expand all
113 114
114 bool m_reportOnly; 115 bool m_reportOnly;
115 bool m_haveSandboxPolicy; 116 bool m_haveSandboxPolicy;
116 ReflectedXSSDisposition m_reflectedXSSDisposition; 117 ReflectedXSSDisposition m_reflectedXSSDisposition;
117 118
118 bool m_didSetReferrerPolicy; 119 bool m_didSetReferrerPolicy;
119 ReferrerPolicy m_referrerPolicy; 120 ReferrerPolicy m_referrerPolicy;
120 121
121 bool m_strictMixedContentCheckingEnforced; 122 bool m_strictMixedContentCheckingEnforced;
122 123
124 bool m_upgradeInsecureRequests;
125
123 OwnPtr<MediaListDirective> m_pluginTypes; 126 OwnPtr<MediaListDirective> m_pluginTypes;
124 OwnPtr<SourceListDirective> m_baseURI; 127 OwnPtr<SourceListDirective> m_baseURI;
125 OwnPtr<SourceListDirective> m_childSrc; 128 OwnPtr<SourceListDirective> m_childSrc;
126 OwnPtr<SourceListDirective> m_connectSrc; 129 OwnPtr<SourceListDirective> m_connectSrc;
127 OwnPtr<SourceListDirective> m_defaultSrc; 130 OwnPtr<SourceListDirective> m_defaultSrc;
128 OwnPtr<SourceListDirective> m_fontSrc; 131 OwnPtr<SourceListDirective> m_fontSrc;
129 OwnPtr<SourceListDirective> m_formAction; 132 OwnPtr<SourceListDirective> m_formAction;
130 OwnPtr<SourceListDirective> m_frameAncestors; 133 OwnPtr<SourceListDirective> m_frameAncestors;
131 OwnPtr<SourceListDirective> m_frameSrc; 134 OwnPtr<SourceListDirective> m_frameSrc;
132 OwnPtr<SourceListDirective> m_imgSrc; 135 OwnPtr<SourceListDirective> m_imgSrc;
133 OwnPtr<SourceListDirective> m_mediaSrc; 136 OwnPtr<SourceListDirective> m_mediaSrc;
134 OwnPtr<SourceListDirective> m_manifestSrc; 137 OwnPtr<SourceListDirective> m_manifestSrc;
135 OwnPtr<SourceListDirective> m_objectSrc; 138 OwnPtr<SourceListDirective> m_objectSrc;
136 OwnPtr<SourceListDirective> m_scriptSrc; 139 OwnPtr<SourceListDirective> m_scriptSrc;
137 OwnPtr<SourceListDirective> m_styleSrc; 140 OwnPtr<SourceListDirective> m_styleSrc;
138 141
139 Vector<String> m_reportEndpoints; 142 Vector<String> m_reportEndpoints;
140 143
141 String m_evalDisabledErrorMessage; 144 String m_evalDisabledErrorMessage;
142 }; 145 };
143 146
144 147
145 } // namespace 148 } // namespace
146 149
147 #endif 150 #endif
OLDNEW
« no previous file with comments | « Source/core/fetch/ResourceFetcherTest.cpp ('k') | Source/core/frame/csp/CSPDirectiveList.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698