OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 528 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
539 bool ContentSecurityPolicy::allowBaseURI(const KURL& url, ContentSecurityPolicy:
:ReportingStatus reportingStatus) const | 539 bool ContentSecurityPolicy::allowBaseURI(const KURL& url, ContentSecurityPolicy:
:ReportingStatus reportingStatus) const |
540 { | 540 { |
541 return isAllowedByAllWithURL<&CSPDirectiveList::allowBaseURI>(m_policies, ur
l, reportingStatus); | 541 return isAllowedByAllWithURL<&CSPDirectiveList::allowBaseURI>(m_policies, ur
l, reportingStatus); |
542 } | 542 } |
543 | 543 |
544 bool ContentSecurityPolicy::allowAncestors(LocalFrame* frame, const KURL& url, C
ontentSecurityPolicy::ReportingStatus reportingStatus) const | 544 bool ContentSecurityPolicy::allowAncestors(LocalFrame* frame, const KURL& url, C
ontentSecurityPolicy::ReportingStatus reportingStatus) const |
545 { | 545 { |
546 return isAllowedByAllWithFrame<&CSPDirectiveList::allowAncestors>(m_policies
, frame, url, reportingStatus); | 546 return isAllowedByAllWithFrame<&CSPDirectiveList::allowAncestors>(m_policies
, frame, url, reportingStatus); |
547 } | 547 } |
548 | 548 |
549 bool ContentSecurityPolicy::allowChildContextFromSource(const KURL& url, Content
SecurityPolicy::ReportingStatus reportingStatus) const | |
550 { | |
551 return isAllowedByAllWithURL<&CSPDirectiveList::allowChildContextFromSource>
(m_policies, url, reportingStatus); | |
552 } | |
553 | |
554 bool ContentSecurityPolicy::allowWorkerContextFromSource(const KURL& url, Conten
tSecurityPolicy::ReportingStatus reportingStatus) const | 549 bool ContentSecurityPolicy::allowWorkerContextFromSource(const KURL& url, Conten
tSecurityPolicy::ReportingStatus reportingStatus) const |
555 { | 550 { |
556 // CSP 1.1 moves workers from 'script-src' to the new 'child-src'. Measure t
he impact of this backwards-incompatible change. | 551 // CSP 1.1 moves workers from 'script-src' to the new 'child-src'. Measure t
he impact of this backwards-incompatible change. |
557 if (Document* document = this->document()) { | 552 if (Document* document = this->document()) { |
558 UseCounter::count(*document, UseCounter::WorkerSubjectToCSP); | 553 UseCounter::count(*document, UseCounter::WorkerSubjectToCSP); |
559 if (isAllowedByAllWithURL<&CSPDirectiveList::allowChildContextFromSource
>(m_policies, url, SuppressReport) && !isAllowedByAllWithURL<&CSPDirectiveList::
allowScriptFromSource>(m_policies, url, SuppressReport)) | 554 if (isAllowedByAllWithURL<&CSPDirectiveList::allowChildContextFromSource
>(m_policies, url, SuppressReport) && !isAllowedByAllWithURL<&CSPDirectiveList::
allowScriptFromSource>(m_policies, url, SuppressReport)) |
560 UseCounter::count(*document, UseCounter::WorkerAllowedByChildBlocked
ByScript); | 555 UseCounter::count(*document, UseCounter::WorkerAllowedByChildBlocked
ByScript); |
561 } | 556 } |
562 | 557 |
563 return isAllowedByAllWithURL<&CSPDirectiveList::allowChildContextFromSource>
(m_policies, url, reportingStatus); | 558 return isAllowedByAllWithURL<&CSPDirectiveList::allowChildContextFromSource>
(m_policies, url, reportingStatus); |
(...skipping 12 matching lines...) Expand all Loading... |
576 ReflectedXSSDisposition ContentSecurityPolicy::reflectedXSSDisposition() const | 571 ReflectedXSSDisposition ContentSecurityPolicy::reflectedXSSDisposition() const |
577 { | 572 { |
578 ReflectedXSSDisposition disposition = ReflectedXSSUnset; | 573 ReflectedXSSDisposition disposition = ReflectedXSSUnset; |
579 for (const auto& policy : m_policies) { | 574 for (const auto& policy : m_policies) { |
580 if (policy->reflectedXSSDisposition() > disposition) | 575 if (policy->reflectedXSSDisposition() > disposition) |
581 disposition = std::max(disposition, policy->reflectedXSSDisposition(
)); | 576 disposition = std::max(disposition, policy->reflectedXSSDisposition(
)); |
582 } | 577 } |
583 return disposition; | 578 return disposition; |
584 } | 579 } |
585 | 580 |
586 ReferrerPolicy ContentSecurityPolicy::referrerPolicy() const | |
587 { | |
588 ReferrerPolicy referrerPolicy = ReferrerPolicyDefault; | |
589 bool first = true; | |
590 for (const auto& policy : m_policies) { | |
591 if (policy->didSetReferrerPolicy()) { | |
592 if (first) | |
593 referrerPolicy = policy->referrerPolicy(); | |
594 else | |
595 referrerPolicy = mergeReferrerPolicies(referrerPolicy, policy->r
eferrerPolicy()); | |
596 first = false; | |
597 } | |
598 } | |
599 return referrerPolicy; | |
600 } | |
601 | |
602 bool ContentSecurityPolicy::didSetReferrerPolicy() const | 581 bool ContentSecurityPolicy::didSetReferrerPolicy() const |
603 { | 582 { |
604 for (const auto& policy : m_policies) { | 583 for (const auto& policy : m_policies) { |
605 if (policy->didSetReferrerPolicy()) | 584 if (policy->didSetReferrerPolicy()) |
606 return true; | 585 return true; |
607 } | 586 } |
608 return false; | 587 return false; |
609 } | 588 } |
610 | 589 |
611 SecurityOrigin* ContentSecurityPolicy::securityOrigin() const | 590 SecurityOrigin* ContentSecurityPolicy::securityOrigin() const |
(...skipping 307 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
919 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. | 898 // Collisions have no security impact, so we can save space by storing only
the string's hash rather than the whole report. |
920 return !m_violationReportsSent.contains(report.impl()->hash()); | 899 return !m_violationReportsSent.contains(report.impl()->hash()); |
921 } | 900 } |
922 | 901 |
923 void ContentSecurityPolicy::didSendViolationReport(const String& report) | 902 void ContentSecurityPolicy::didSendViolationReport(const String& report) |
924 { | 903 { |
925 m_violationReportsSent.add(report.impl()->hash()); | 904 m_violationReportsSent.add(report.impl()->hash()); |
926 } | 905 } |
927 | 906 |
928 } // namespace blink | 907 } // namespace blink |
OLD | NEW |