File: SecurityContext.h

package info (click to toggle)
chromium-browser 57.0.2987.98-1~deb8u1
  • links: PTS, VCS
  • area: main
  • in suites: jessie
  • size: 2,637,852 kB
  • ctags: 2,544,394
  • sloc: cpp: 12,815,961; ansic: 3,676,222; python: 1,147,112; asm: 526,608; java: 523,212; xml: 286,794; perl: 92,654; sh: 86,408; objc: 73,271; makefile: 27,698; cs: 18,487; yacc: 13,031; tcl: 12,957; pascal: 4,875; ml: 4,716; lex: 3,904; sql: 3,862; ruby: 1,982; lisp: 1,508; php: 1,368; exp: 404; awk: 325; csh: 117; jsp: 39; sed: 37
file content (125 lines) | stat: -rw-r--r-- 4,518 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
 
/*
 * Copyright (C) 2011 Google Inc. All Rights Reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY GOOGLE, INC. ``AS IS'' AND ANY
 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE COMPUTER, INC. OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 */

#ifndef SecurityContext_h
#define SecurityContext_h

#include "core/CoreExport.h"
#include "core/dom/SandboxFlags.h"
#include "platform/feature_policy/FeaturePolicy.h"
#include "platform/heap/Handle.h"
#include "platform/weborigin/Suborigin.h"
#include "public/platform/WebAddressSpace.h"
#include "public/platform/WebFeaturePolicy.h"
#include "public/platform/WebInsecureRequestPolicy.h"
#include "public/platform/WebURLRequest.h"
#include "wtf/HashSet.h"
#include "wtf/Noncopyable.h"
#include "wtf/PassRefPtr.h"
#include "wtf/RefPtr.h"
#include "wtf/text/StringHash.h"
#include "wtf/text/WTFString.h"

#include <memory>

namespace blink {

class SecurityOrigin;
class ContentSecurityPolicy;

class CORE_EXPORT SecurityContext : public GarbageCollectedMixin {
  WTF_MAKE_NONCOPYABLE(SecurityContext);

 public:
  DECLARE_VIRTUAL_TRACE();

  using InsecureNavigationsSet = HashSet<unsigned, WTF::AlreadyHashed>;

  SecurityOrigin* getSecurityOrigin() const { return m_securityOrigin.get(); }
  ContentSecurityPolicy* contentSecurityPolicy() const {
    return m_contentSecurityPolicy.get();
  }

  // Explicitly override the security origin for this security context.
  // Note: It is dangerous to change the security origin of a script context
  //       that already contains content.
  void setSecurityOrigin(PassRefPtr<SecurityOrigin>);
  virtual void didUpdateSecurityOrigin() = 0;

  SandboxFlags getSandboxFlags() const { return m_sandboxFlags; }
  bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; }
  virtual void enforceSandboxFlags(SandboxFlags mask);

  void setAddressSpace(WebAddressSpace space) { m_addressSpace = space; }
  WebAddressSpace addressSpace() const { return m_addressSpace; }
  String addressSpaceForBindings() const;

  void addInsecureNavigationUpgrade(unsigned hashedHost) {
    m_insecureNavigationsToUpgrade.add(hashedHost);
  }
  InsecureNavigationsSet* insecureNavigationsToUpgrade() {
    return &m_insecureNavigationsToUpgrade;
  }

  virtual void setInsecureRequestPolicy(WebInsecureRequestPolicy policy) {
    m_insecureRequestPolicy = policy;
  }
  WebInsecureRequestPolicy getInsecureRequestPolicy() const {
    return m_insecureRequestPolicy;
  }

  void enforceSuborigin(const Suborigin&);

  FeaturePolicy* getFeaturePolicy() const { return m_featurePolicy.get(); }
  void setFeaturePolicyForTesting(std::unique_ptr<FeaturePolicy> newPolicy) {
    m_featurePolicy = std::move(newPolicy);
  }
  void setFeaturePolicyFromHeader(const WebParsedFeaturePolicy& parsedHeader,
                                  FeaturePolicy* parentFeaturePolicy);

 protected:
  SecurityContext();
  virtual ~SecurityContext();

  void setContentSecurityPolicy(ContentSecurityPolicy*);

  void applySandboxFlags(SandboxFlags mask);

 private:
  RefPtr<SecurityOrigin> m_securityOrigin;
  Member<ContentSecurityPolicy> m_contentSecurityPolicy;
  std::unique_ptr<FeaturePolicy> m_featurePolicy;

  SandboxFlags m_sandboxFlags;

  WebAddressSpace m_addressSpace;
  WebInsecureRequestPolicy m_insecureRequestPolicy;
  InsecureNavigationsSet m_insecureNavigationsToUpgrade;
};

}  // namespace blink

#endif  // SecurityContext_h