OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google, Inc. All rights reserved. | 2 * Copyright (C) 2011 Google, Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 118 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
129 bool allowObjectFromSource(const KURL&, ReportingStatus = SendReport) const; | 129 bool allowObjectFromSource(const KURL&, ReportingStatus = SendReport) const; |
130 bool allowChildFrameFromSource(const KURL&, ReportingStatus = SendReport) co
nst; | 130 bool allowChildFrameFromSource(const KURL&, ReportingStatus = SendReport) co
nst; |
131 bool allowImageFromSource(const KURL&, ReportingStatus = SendReport) const; | 131 bool allowImageFromSource(const KURL&, ReportingStatus = SendReport) const; |
132 bool allowStyleFromSource(const KURL&, ReportingStatus = SendReport) const; | 132 bool allowStyleFromSource(const KURL&, ReportingStatus = SendReport) const; |
133 bool allowFontFromSource(const KURL&, ReportingStatus = SendReport) const; | 133 bool allowFontFromSource(const KURL&, ReportingStatus = SendReport) const; |
134 bool allowMediaFromSource(const KURL&, ReportingStatus = SendReport) const; | 134 bool allowMediaFromSource(const KURL&, ReportingStatus = SendReport) const; |
135 bool allowConnectToSource(const KURL&, ReportingStatus = SendReport) const; | 135 bool allowConnectToSource(const KURL&, ReportingStatus = SendReport) const; |
136 bool allowFormAction(const KURL&, ReportingStatus = SendReport) const; | 136 bool allowFormAction(const KURL&, ReportingStatus = SendReport) const; |
137 bool allowBaseURI(const KURL&, ReportingStatus = SendReport) const; | 137 bool allowBaseURI(const KURL&, ReportingStatus = SendReport) const; |
138 bool allowAncestors(LocalFrame*, const KURL&, ReportingStatus = SendReport)
const; | 138 bool allowAncestors(LocalFrame*, const KURL&, ReportingStatus = SendReport)
const; |
139 bool allowChildContextFromSource(const KURL&, ReportingStatus = SendReport)
const; | |
140 bool allowWorkerContextFromSource(const KURL&, ReportingStatus = SendReport)
const; | 139 bool allowWorkerContextFromSource(const KURL&, ReportingStatus = SendReport)
const; |
141 | 140 |
142 bool allowManifestFromSource(const KURL&, ReportingStatus = SendReport) cons
t; | 141 bool allowManifestFromSource(const KURL&, ReportingStatus = SendReport) cons
t; |
143 | 142 |
144 // The nonce and hash allow functions are guaranteed to not have any side | 143 // The nonce and hash allow functions are guaranteed to not have any side |
145 // effects, including reporting. | 144 // effects, including reporting. |
146 // Nonce/Hash functions check all policies relating to use of a script/style | 145 // Nonce/Hash functions check all policies relating to use of a script/style |
147 // with the given nonce/hash and return true all CSP policies allow it. | 146 // with the given nonce/hash and return true all CSP policies allow it. |
148 // If these return true, callers can then process the content or | 147 // If these return true, callers can then process the content or |
149 // issue a load and be safe disabling any further CSP checks. | 148 // issue a load and be safe disabling any further CSP checks. |
150 bool allowScriptWithNonce(const String& nonce) const; | 149 bool allowScriptWithNonce(const String& nonce) const; |
151 bool allowStyleWithNonce(const String& nonce) const; | 150 bool allowStyleWithNonce(const String& nonce) const; |
152 bool allowScriptWithHash(const String& source) const; | 151 bool allowScriptWithHash(const String& source) const; |
153 bool allowStyleWithHash(const String& source) const; | 152 bool allowStyleWithHash(const String& source) const; |
154 | 153 |
155 void usesScriptHashAlgorithms(uint8_t ContentSecurityPolicyHashAlgorithm); | 154 void usesScriptHashAlgorithms(uint8_t ContentSecurityPolicyHashAlgorithm); |
156 void usesStyleHashAlgorithms(uint8_t ContentSecurityPolicyHashAlgorithm); | 155 void usesStyleHashAlgorithms(uint8_t ContentSecurityPolicyHashAlgorithm); |
157 | 156 |
158 ReflectedXSSDisposition reflectedXSSDisposition() const; | 157 ReflectedXSSDisposition reflectedXSSDisposition() const; |
159 | 158 |
160 ReferrerPolicy referrerPolicy() const; | |
161 bool didSetReferrerPolicy() const; | 159 bool didSetReferrerPolicy() const; |
162 | 160 |
163 void setOverrideAllowInlineStyle(bool); | 161 void setOverrideAllowInlineStyle(bool); |
164 void setOverrideURLForSelf(const KURL&); | 162 void setOverrideURLForSelf(const KURL&); |
165 | 163 |
166 bool isActive() const; | 164 bool isActive() const; |
167 | 165 |
168 // If a frame is passed in, the message will be logged to its active documen
t's console. | 166 // If a frame is passed in, the message will be logged to its active documen
t's console. |
169 // Otherwise, the message will be logged to this object's |m_executionContex
t|. | 167 // Otherwise, the message will be logged to this object's |m_executionContex
t|. |
170 void logToConsole(PassRefPtrWillBeRawPtr<ConsoleMessage>, LocalFrame* = null
ptr); | 168 void logToConsole(PassRefPtrWillBeRawPtr<ConsoleMessage>, LocalFrame* = null
ptr); |
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
244 String m_disableEvalErrorMessage; | 242 String m_disableEvalErrorMessage; |
245 SecurityContext::InsecureContentPolicy m_insecureContentPolicy; | 243 SecurityContext::InsecureContentPolicy m_insecureContentPolicy; |
246 | 244 |
247 OwnPtr<CSPSource> m_selfSource; | 245 OwnPtr<CSPSource> m_selfSource; |
248 String m_selfProtocol; | 246 String m_selfProtocol; |
249 }; | 247 }; |
250 | 248 |
251 } | 249 } |
252 | 250 |
253 #endif | 251 #endif |
OLD | NEW |