OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CSPDirectiveList_h | 5 #ifndef CSPDirectiveList_h |
6 #define CSPDirectiveList_h | 6 #define CSPDirectiveList_h |
7 | 7 |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "core/frame/csp/MediaListDirective.h" | 9 #include "core/frame/csp/MediaListDirective.h" |
10 #include "core/frame/csp/SourceListDirective.h" | 10 #include "core/frame/csp/SourceListDirective.h" |
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
68 CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, Co
ntentSecurityPolicyHeaderSource); | 68 CSPDirectiveList(ContentSecurityPolicy*, ContentSecurityPolicyHeaderType, Co
ntentSecurityPolicyHeaderSource); |
69 | 69 |
70 bool parseDirective(const UChar* begin, const UChar* end, String& name, Stri
ng& value); | 70 bool parseDirective(const UChar* begin, const UChar* end, String& name, Stri
ng& value); |
71 void parseReportURI(const String& name, const String& value); | 71 void parseReportURI(const String& name, const String& value); |
72 void parsePluginTypes(const String& name, const String& value); | 72 void parsePluginTypes(const String& name, const String& value); |
73 void parseReflectedXSS(const String& name, const String& value); | 73 void parseReflectedXSS(const String& name, const String& value); |
74 void parseReferrer(const String& name, const String& value); | 74 void parseReferrer(const String& name, const String& value); |
75 void addDirective(const String& name, const String& value); | 75 void addDirective(const String& name, const String& value); |
76 void applySandboxPolicy(const String& name, const String& sandboxPolicy); | 76 void applySandboxPolicy(const String& name, const String& sandboxPolicy); |
77 void enforceStrictMixedContentChecking(const String& name, const String& val
ue); | 77 void enforceStrictMixedContentChecking(const String& name, const String& val
ue); |
| 78 void enableInsecureContentUpgrade(const String& name, const String& value); |
78 | 79 |
79 template <class CSPDirectiveType> | 80 template <class CSPDirectiveType> |
80 void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDire
ctiveType>&); | 81 void setCSPDirective(const String& name, const String& value, OwnPtr<CSPDire
ctiveType>&); |
81 | 82 |
82 SourceListDirective* operativeDirective(SourceListDirective*) const; | 83 SourceListDirective* operativeDirective(SourceListDirective*) const; |
83 SourceListDirective* operativeDirective(SourceListDirective*, SourceListDire
ctive* override) const; | 84 SourceListDirective* operativeDirective(SourceListDirective*, SourceListDire
ctive* override) const; |
84 void reportViolation(const String& directiveText, const String& effectiveDir
ective, const String& consoleMessage, const KURL& blockedURL) const; | 85 void reportViolation(const String& directiveText, const String& effectiveDir
ective, const String& consoleMessage, const KURL& blockedURL) const; |
85 void reportViolationWithFrame(const String& directiveText, const String& eff
ectiveDirective, const String& consoleMessage, const KURL& blockedURL, LocalFram
e*) const; | 86 void reportViolationWithFrame(const String& directiveText, const String& eff
ectiveDirective, const String& consoleMessage, const KURL& blockedURL, LocalFram
e*) const; |
86 void reportViolationWithLocation(const String& directiveText, const String&
effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const
String& contextURL, const WTF::OrdinalNumber& contextLine) const; | 87 void reportViolationWithLocation(const String& directiveText, const String&
effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const
String& contextURL, const WTF::OrdinalNumber& contextLine) const; |
87 void reportViolationWithState(const String& directiveText, const String& eff
ectiveDirective, const String& message, const KURL& blockedURL, ScriptState*) co
nst; | 88 void reportViolationWithState(const String& directiveText, const String& eff
ectiveDirective, const String& message, const KURL& blockedURL, ScriptState*) co
nst; |
(...skipping 25 matching lines...) Expand all Loading... |
113 | 114 |
114 bool m_reportOnly; | 115 bool m_reportOnly; |
115 bool m_haveSandboxPolicy; | 116 bool m_haveSandboxPolicy; |
116 ReflectedXSSDisposition m_reflectedXSSDisposition; | 117 ReflectedXSSDisposition m_reflectedXSSDisposition; |
117 | 118 |
118 bool m_didSetReferrerPolicy; | 119 bool m_didSetReferrerPolicy; |
119 ReferrerPolicy m_referrerPolicy; | 120 ReferrerPolicy m_referrerPolicy; |
120 | 121 |
121 bool m_strictMixedContentCheckingEnforced; | 122 bool m_strictMixedContentCheckingEnforced; |
122 | 123 |
| 124 bool m_upgradeInsecureRequests; |
| 125 |
123 OwnPtr<MediaListDirective> m_pluginTypes; | 126 OwnPtr<MediaListDirective> m_pluginTypes; |
124 OwnPtr<SourceListDirective> m_baseURI; | 127 OwnPtr<SourceListDirective> m_baseURI; |
125 OwnPtr<SourceListDirective> m_childSrc; | 128 OwnPtr<SourceListDirective> m_childSrc; |
126 OwnPtr<SourceListDirective> m_connectSrc; | 129 OwnPtr<SourceListDirective> m_connectSrc; |
127 OwnPtr<SourceListDirective> m_defaultSrc; | 130 OwnPtr<SourceListDirective> m_defaultSrc; |
128 OwnPtr<SourceListDirective> m_fontSrc; | 131 OwnPtr<SourceListDirective> m_fontSrc; |
129 OwnPtr<SourceListDirective> m_formAction; | 132 OwnPtr<SourceListDirective> m_formAction; |
130 OwnPtr<SourceListDirective> m_frameAncestors; | 133 OwnPtr<SourceListDirective> m_frameAncestors; |
131 OwnPtr<SourceListDirective> m_frameSrc; | 134 OwnPtr<SourceListDirective> m_frameSrc; |
132 OwnPtr<SourceListDirective> m_imgSrc; | 135 OwnPtr<SourceListDirective> m_imgSrc; |
133 OwnPtr<SourceListDirective> m_mediaSrc; | 136 OwnPtr<SourceListDirective> m_mediaSrc; |
134 OwnPtr<SourceListDirective> m_manifestSrc; | 137 OwnPtr<SourceListDirective> m_manifestSrc; |
135 OwnPtr<SourceListDirective> m_objectSrc; | 138 OwnPtr<SourceListDirective> m_objectSrc; |
136 OwnPtr<SourceListDirective> m_scriptSrc; | 139 OwnPtr<SourceListDirective> m_scriptSrc; |
137 OwnPtr<SourceListDirective> m_styleSrc; | 140 OwnPtr<SourceListDirective> m_styleSrc; |
138 | 141 |
139 Vector<String> m_reportEndpoints; | 142 Vector<String> m_reportEndpoints; |
140 | 143 |
141 String m_evalDisabledErrorMessage; | 144 String m_evalDisabledErrorMessage; |
142 }; | 145 }; |
143 | 146 |
144 | 147 |
145 } // namespace | 148 } // namespace |
146 | 149 |
147 #endif | 150 #endif |
OLD | NEW |