OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CSPDirectiveList_h | 5 #ifndef CSPDirectiveList_h |
6 #define CSPDirectiveList_h | 6 #define CSPDirectiveList_h |
7 | 7 |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "core/frame/csp/MediaListDirective.h" | 9 #include "core/frame/csp/MediaListDirective.h" |
10 #include "core/frame/csp/SourceListDirective.h" | 10 #include "core/frame/csp/SourceListDirective.h" |
(...skipping 28 matching lines...) Expand all Loading... |
39 | 39 |
40 void parse(const UChar* begin, const UChar* end); | 40 void parse(const UChar* begin, const UChar* end); |
41 | 41 |
42 const String& header() const { return m_header; } | 42 const String& header() const { return m_header; } |
43 ContentSecurityPolicyHeaderType headerType() const { return m_headerType; } | 43 ContentSecurityPolicyHeaderType headerType() const { return m_headerType; } |
44 ContentSecurityPolicyHeaderSource headerSource() const { | 44 ContentSecurityPolicyHeaderSource headerSource() const { |
45 return m_headerSource; | 45 return m_headerSource; |
46 } | 46 } |
47 | 47 |
48 bool allowJavaScriptURLs(Element*, | 48 bool allowJavaScriptURLs(Element*, |
| 49 const String& source, |
49 const String& contextURL, | 50 const String& contextURL, |
50 const WTF::OrdinalNumber& contextLine, | 51 const WTF::OrdinalNumber& contextLine, |
51 SecurityViolationReportingPolicy) const; | 52 SecurityViolationReportingPolicy) const; |
52 bool allowInlineEventHandlers(Element*, | 53 bool allowInlineEventHandlers(Element*, |
| 54 const String& source, |
53 const String& contextURL, | 55 const String& contextURL, |
54 const WTF::OrdinalNumber& contextLine, | 56 const WTF::OrdinalNumber& contextLine, |
55 SecurityViolationReportingPolicy) const; | 57 SecurityViolationReportingPolicy) const; |
56 bool allowInlineScript(Element*, | 58 bool allowInlineScript(Element*, |
57 const String& contextURL, | 59 const String& contextURL, |
58 const String& nonce, | 60 const String& nonce, |
59 const WTF::OrdinalNumber& contextLine, | 61 const WTF::OrdinalNumber& contextLine, |
60 SecurityViolationReportingPolicy, | 62 SecurityViolationReportingPolicy, |
61 const String& scriptContent) const; | 63 const String& scriptContent) const; |
62 bool allowInlineStyle(Element*, | 64 bool allowInlineStyle(Element*, |
(...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
219 const ContentSecurityPolicy::DirectiveType&, | 221 const ContentSecurityPolicy::DirectiveType&, |
220 const String& consoleMessage, | 222 const String& consoleMessage, |
221 const KURL& blockedURL, | 223 const KURL& blockedURL, |
222 LocalFrame*) const; | 224 LocalFrame*) const; |
223 void reportViolationWithLocation(const String& directiveText, | 225 void reportViolationWithLocation(const String& directiveText, |
224 const ContentSecurityPolicy::DirectiveType&, | 226 const ContentSecurityPolicy::DirectiveType&, |
225 const String& consoleMessage, | 227 const String& consoleMessage, |
226 const KURL& blockedURL, | 228 const KURL& blockedURL, |
227 const String& contextURL, | 229 const String& contextURL, |
228 const WTF::OrdinalNumber& contextLine, | 230 const WTF::OrdinalNumber& contextLine, |
229 Element*) const; | 231 Element*, |
| 232 const String& source) const; |
230 void reportViolationWithState( | 233 void reportViolationWithState( |
231 const String& directiveText, | 234 const String& directiveText, |
232 const ContentSecurityPolicy::DirectiveType&, | 235 const ContentSecurityPolicy::DirectiveType&, |
233 const String& message, | 236 const String& message, |
234 const KURL& blockedURL, | 237 const KURL& blockedURL, |
235 ScriptState*, | 238 ScriptState*, |
236 const ContentSecurityPolicy::ExceptionStatus) const; | 239 const ContentSecurityPolicy::ExceptionStatus) const; |
237 | 240 |
238 bool checkEval(SourceListDirective*) const; | 241 bool checkEval(SourceListDirective*) const; |
239 bool checkDynamic(SourceListDirective*) const; | 242 bool checkDynamic(SourceListDirective*) const; |
(...skipping 15 matching lines...) Expand all Loading... |
255 | 258 |
256 bool checkEvalAndReportViolation( | 259 bool checkEvalAndReportViolation( |
257 SourceListDirective*, | 260 SourceListDirective*, |
258 const String& consoleMessage, | 261 const String& consoleMessage, |
259 ScriptState*, | 262 ScriptState*, |
260 ContentSecurityPolicy::ExceptionStatus = | 263 ContentSecurityPolicy::ExceptionStatus = |
261 ContentSecurityPolicy::WillNotThrowException) const; | 264 ContentSecurityPolicy::WillNotThrowException) const; |
262 bool checkInlineAndReportViolation(SourceListDirective*, | 265 bool checkInlineAndReportViolation(SourceListDirective*, |
263 const String& consoleMessage, | 266 const String& consoleMessage, |
264 Element*, | 267 Element*, |
| 268 const String& source, |
265 const String& contextURL, | 269 const String& contextURL, |
266 const WTF::OrdinalNumber& contextLine, | 270 const WTF::OrdinalNumber& contextLine, |
267 bool isScript, | 271 bool isScript, |
268 const String& hashValue) const; | 272 const String& hashValue) const; |
269 | 273 |
270 bool checkSourceAndReportViolation( | 274 bool checkSourceAndReportViolation( |
271 SourceListDirective*, | 275 SourceListDirective*, |
272 const KURL&, | 276 const KURL&, |
273 const ContentSecurityPolicy::DirectiveType&, | 277 const ContentSecurityPolicy::DirectiveType&, |
274 ResourceRequest::RedirectStatus) const; | 278 ResourceRequest::RedirectStatus) const; |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
330 uint8_t m_requireSRIFor; | 334 uint8_t m_requireSRIFor; |
331 | 335 |
332 Vector<String> m_reportEndpoints; | 336 Vector<String> m_reportEndpoints; |
333 | 337 |
334 String m_evalDisabledErrorMessage; | 338 String m_evalDisabledErrorMessage; |
335 }; | 339 }; |
336 | 340 |
337 } // namespace blink | 341 } // namespace blink |
338 | 342 |
339 #endif | 343 #endif |
OLD | NEW |