OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef SourceListDirective_h | 5 #ifndef SourceListDirective_h |
6 #define SourceListDirective_h | 6 #define SourceListDirective_h |
7 | 7 |
8 #include "core/CoreExport.h" | 8 #include "core/CoreExport.h" |
9 #include "core/frame/csp/CSPDirective.h" | 9 #include "core/frame/csp/CSPDirective.h" |
10 #include "core/frame/csp/CSPSource.h" | 10 #include "core/frame/csp/CSPSource.h" |
(...skipping 26 matching lines...) Expand all Loading... |
37 | 37 |
38 bool allows(const KURL&, | 38 bool allows(const KURL&, |
39 ResourceRequest::RedirectStatus = | 39 ResourceRequest::RedirectStatus = |
40 ResourceRequest::RedirectStatus::NoRedirect) const; | 40 ResourceRequest::RedirectStatus::NoRedirect) const; |
41 bool allowInline() const; | 41 bool allowInline() const; |
42 bool allowEval() const; | 42 bool allowEval() const; |
43 bool allowDynamic() const; | 43 bool allowDynamic() const; |
44 bool allowNonce(const String& nonce) const; | 44 bool allowNonce(const String& nonce) const; |
45 bool allowHash(const CSPHashValue&) const; | 45 bool allowHash(const CSPHashValue&) const; |
46 bool allowHashedAttributes() const; | 46 bool allowHashedAttributes() const; |
| 47 bool allowReportSample() const; |
47 bool isNone() const; | 48 bool isNone() const; |
48 bool isHashOrNoncePresent() const; | 49 bool isHashOrNoncePresent() const; |
49 uint8_t hashAlgorithmsUsed() const; | 50 uint8_t hashAlgorithmsUsed() const; |
50 bool allowAllInline() const; | 51 bool allowAllInline() const; |
51 | 52 |
52 // The algorothm is described more extensively here: | 53 // The algorothm is described more extensively here: |
53 // https://w3c.github.io/webappsec-csp/embedded/#subsume-source-list | 54 // https://w3c.github.io/webappsec-csp/embedded/#subsume-source-list |
54 bool subsumes(const HeapVector<Member<SourceListDirective>>&) const; | 55 bool subsumes(const HeapVector<Member<SourceListDirective>>&) const; |
55 | 56 |
56 // Export a subset of the source list that affect navigation. | 57 // Export a subset of the source list that affect navigation. |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
93 const UChar* end, | 94 const UChar* end, |
94 DigestValue& hash, | 95 DigestValue& hash, |
95 ContentSecurityPolicyHashAlgorithm&); | 96 ContentSecurityPolicyHashAlgorithm&); |
96 | 97 |
97 void addSourceSelf(); | 98 void addSourceSelf(); |
98 void addSourceStar(); | 99 void addSourceStar(); |
99 void addSourceUnsafeInline(); | 100 void addSourceUnsafeInline(); |
100 void addSourceUnsafeEval(); | 101 void addSourceUnsafeEval(); |
101 void addSourceStrictDynamic(); | 102 void addSourceStrictDynamic(); |
102 void addSourceUnsafeHashedAttributes(); | 103 void addSourceUnsafeHashedAttributes(); |
| 104 void addReportSample(); |
103 void addSourceNonce(const String& nonce); | 105 void addSourceNonce(const String& nonce); |
104 void addSourceHash(const ContentSecurityPolicyHashAlgorithm&, | 106 void addSourceHash(const ContentSecurityPolicyHashAlgorithm&, |
105 const DigestValue& hash); | 107 const DigestValue& hash); |
106 | 108 |
107 static void addSourceToMap(HeapHashMap<String, Member<CSPSource>>&, | 109 static void addSourceToMap(HeapHashMap<String, Member<CSPSource>>&, |
108 CSPSource*); | 110 CSPSource*); |
109 | 111 |
110 bool hasSourceMatchInList(const KURL&, ResourceRequest::RedirectStatus) const; | 112 bool hasSourceMatchInList(const KURL&, ResourceRequest::RedirectStatus) const; |
111 HashSet<String> getIntersectNonces(const HashSet<String>& other) const; | 113 HashSet<String> getIntersectNonces(const HashSet<String>& other) const; |
112 HashSet<CSPHashValue> getIntersectHashes( | 114 HashSet<CSPHashValue> getIntersectHashes( |
113 const HashSet<CSPHashValue>& other) const; | 115 const HashSet<CSPHashValue>& other) const; |
114 HeapVector<Member<CSPSource>> getIntersectCSPSources( | 116 HeapVector<Member<CSPSource>> getIntersectCSPSources( |
115 const HeapVector<Member<CSPSource>>& other) const; | 117 const HeapVector<Member<CSPSource>>& other) const; |
116 HeapHashMap<String, Member<CSPSource>> getIntersectSchemesOnly( | 118 HeapHashMap<String, Member<CSPSource>> getIntersectSchemesOnly( |
117 const HeapVector<Member<CSPSource>>& other) const; | 119 const HeapVector<Member<CSPSource>>& other) const; |
118 bool subsumesNoncesAndHashes(const HashSet<String>& nonces, | 120 bool subsumesNoncesAndHashes(const HashSet<String>& nonces, |
119 const HashSet<CSPHashValue> hashes) const; | 121 const HashSet<CSPHashValue> hashes) const; |
120 HeapVector<Member<CSPSource>> getSources(Member<CSPSource>) const; | 122 HeapVector<Member<CSPSource>> getSources(Member<CSPSource>) const; |
121 | 123 |
122 Member<ContentSecurityPolicy> m_policy; | 124 Member<ContentSecurityPolicy> m_policy; |
123 HeapVector<Member<CSPSource>> m_list; | 125 HeapVector<Member<CSPSource>> m_list; |
124 String m_directiveName; | 126 String m_directiveName; |
125 bool m_allowSelf; | 127 bool m_allowSelf; |
126 bool m_allowStar; | 128 bool m_allowStar; |
127 bool m_allowInline; | 129 bool m_allowInline; |
128 bool m_allowEval; | 130 bool m_allowEval; |
129 bool m_allowDynamic; | 131 bool m_allowDynamic; |
130 bool m_allowHashedAttributes; | 132 bool m_allowHashedAttributes; |
| 133 bool m_reportSample; |
131 HashSet<String> m_nonces; | 134 HashSet<String> m_nonces; |
132 HashSet<CSPHashValue> m_hashes; | 135 HashSet<CSPHashValue> m_hashes; |
133 uint8_t m_hashAlgorithmsUsed; | 136 uint8_t m_hashAlgorithmsUsed; |
134 }; | 137 }; |
135 | 138 |
136 } // namespace blink | 139 } // namespace blink |
137 | 140 |
138 #endif | 141 #endif |
OLD | NEW |