Changeset 116254 in webkit
- Timestamp:
- May 6, 2012 5:53:33 PM (12 years ago)
- Location:
- trunk
- Files:
-
- 4 added
- 9 edited
-
LayoutTests/ChangeLog (modified) (1 diff)
-
LayoutTests/http/tests/security/contentSecurityPolicy/combine-multiple-policies-expected.txt (added)
-
LayoutTests/http/tests/security/contentSecurityPolicy/combine-multiple-policies.html (added)
-
LayoutTests/http/tests/security/contentSecurityPolicy/report-and-enforce-expected.txt (added)
-
LayoutTests/http/tests/security/contentSecurityPolicy/report-and-enforce.html (added)
-
Source/WebCore/ChangeLog (modified) (1 diff)
-
Source/WebCore/page/ContentSecurityPolicy.cpp (modified) (2 diffs)
-
Source/WebCore/page/ContentSecurityPolicy.h (modified) (3 diffs)
-
Source/WebCore/workers/DefaultSharedWorkerRepository.cpp (modified) (1 diff)
-
Source/WebCore/workers/WorkerMessagingProxy.cpp (modified) (1 diff)
-
Source/WebKit/chromium/ChangeLog (modified) (1 diff)
-
Source/WebKit/chromium/src/SharedWorkerRepository.cpp (modified) (1 diff)
-
Source/WebKit/chromium/src/WebWorkerClientImpl.cpp (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r116250 r116254 1 2012-05-06 Adam Barth <abarth@webkit.org> 2 3 CSP should let sites both enforce one policy and monitor another 4 https://bugs.webkit.org/show_bug.cgi?id=85561 5 6 Reviewed by Eric Seidel. 7 8 Test that we can enforce multiple policies and that we can enforce one 9 policy while monitoring another. 10 11 * http/tests/security/contentSecurityPolicy/combine-multiple-policies-expected.txt: Added. 12 * http/tests/security/contentSecurityPolicy/combine-multiple-policies.html: Added. 13 * http/tests/security/contentSecurityPolicy/report-and-enforce-expected.txt: Added. 14 * http/tests/security/contentSecurityPolicy/report-and-enforce.html: Added. 15 1 16 2012-05-06 Mikhail Pozdnyakov <mikhail.pozdnyakov@intel.com> 2 17 -
trunk/Source/WebCore/ChangeLog
r116253 r116254 1 2012-05-06 Adam Barth <abarth@webkit.org> 2 3 CSP should let sites both enforce one policy and monitor another 4 https://bugs.webkit.org/show_bug.cgi?id=85561 5 6 Reviewed by Eric Seidel. 7 8 This patch lets us enforce and/or monitor multiple CSP policies. 9 Rather than having a single directive list, we now have a vector of 10 directive lists. 11 12 Tests: http/tests/security/contentSecurityPolicy/combine-multiple-policies.html 13 http/tests/security/contentSecurityPolicy/report-and-enforce.html 14 15 * page/ContentSecurityPolicy.cpp: 16 (WebCore::ContentSecurityPolicy::copyStateFrom): 17 (WebCore::ContentSecurityPolicy::didReceiveHeader): 18 (WebCore::ContentSecurityPolicy::deprecatedHeader): 19 (WebCore::ContentSecurityPolicy::deprecatedHeaderType): 20 - Even after this patch, workers aren't smart enough to enforce 21 multiple policies. They just use the first header, like they did 22 before. We'll need to teach workers how to enforce multiple 23 policies in a future patch. 24 (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): 25 (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): 26 (WebCore::ContentSecurityPolicy::allowInlineScript): 27 (WebCore::ContentSecurityPolicy::allowInlineStyle): 28 (WebCore::ContentSecurityPolicy::allowEval): 29 (WebCore::ContentSecurityPolicy::allowScriptFromSource): 30 (WebCore::ContentSecurityPolicy::allowObjectFromSource): 31 (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): 32 (WebCore::ContentSecurityPolicy::allowImageFromSource): 33 (WebCore::ContentSecurityPolicy::allowStyleFromSource): 34 (WebCore::ContentSecurityPolicy::allowFontFromSource): 35 (WebCore::ContentSecurityPolicy::allowMediaFromSource): 36 (WebCore::ContentSecurityPolicy::allowConnectFromSource): 37 * page/ContentSecurityPolicy.h: 38 * workers/DefaultSharedWorkerRepository.cpp: 39 (WebCore::SharedWorkerScriptLoader::notifyFinished): 40 * workers/WorkerMessagingProxy.cpp: 41 (WebCore::WorkerMessagingProxy::startWorkerContext): 42 1 43 2012-05-06 Rob Buis <rbuis@rim.com> 2 44 -
trunk/Source/WebCore/page/ContentSecurityPolicy.cpp
r116248 r116254 888 888 void ContentSecurityPolicy::copyStateFrom(const ContentSecurityPolicy* other) 889 889 { 890 ASSERT( !m_policy);891 if (other->m_policy)892 didReceiveHeader( other->header(), other->headerType());890 ASSERT(m_policies.isEmpty()); 891 for (CSPDirectiveListVector::const_iterator iter = other->m_policies.begin(); iter != other->m_policies.end(); ++iter) 892 didReceiveHeader((*iter)->header(), (*iter)->headerType()); 893 893 } 894 894 895 895 void ContentSecurityPolicy::didReceiveHeader(const String& header, HeaderType type) 896 896 { 897 if (m_policy) 898 return; // The first policy wins. 899 m_policy = CSPDirectiveList::create(m_scriptExecutionContext, header, type); 897 m_policies.append(CSPDirectiveList::create(m_scriptExecutionContext, header, type)); 900 898 } 901 899 … … 905 903 } 906 904 907 const String& ContentSecurityPolicy::header() const 908 { 909 return m_policy ? m_policy->header() : emptyString(); 910 } 911 912 ContentSecurityPolicy::HeaderType ContentSecurityPolicy::headerType() const 913 { 914 return m_policy ? m_policy->headerType() : EnforcePolicy; 905 const String& ContentSecurityPolicy::deprecatedHeader() const 906 { 907 return m_policies.isEmpty() ? emptyString() : m_policies[0]->header(); 908 } 909 910 ContentSecurityPolicy::HeaderType ContentSecurityPolicy::deprecatedHeaderType() const 911 { 912 return m_policies.isEmpty() ? EnforcePolicy : m_policies[0]->headerType(); 913 } 914 915 template<bool (CSPDirectiveList::*allowed)() const> 916 bool isAllowedByAll(const CSPDirectiveListVector& policies) 917 { 918 for (size_t i = 0; i < policies.size(); ++i) { 919 if (!(policies[i].get()->*allowed)()) 920 return false; 921 } 922 return true; 923 } 924 925 template<bool (CSPDirectiveList::*allowFromURL)(const KURL&) const> 926 bool isAllowedByAll(const CSPDirectiveListVector& policies, const KURL& url) 927 { 928 for (size_t i = 0; i < policies.size(); ++i) { 929 if (!(policies[i].get()->*allowFromURL)(url)) 930 return false; 931 } 932 return true; 915 933 } 916 934 917 935 bool ContentSecurityPolicy::allowJavaScriptURLs() const 918 936 { 919 return !m_policy || m_policy->allowJavaScriptURLs();937 return isAllowedByAll<&CSPDirectiveList::allowJavaScriptURLs>(m_policies); 920 938 } 921 939 922 940 bool ContentSecurityPolicy::allowInlineEventHandlers() const 923 941 { 924 return !m_policy || m_policy->allowInlineEventHandlers();942 return isAllowedByAll<&CSPDirectiveList::allowInlineEventHandlers>(m_policies); 925 943 } 926 944 927 945 bool ContentSecurityPolicy::allowInlineScript() const 928 946 { 929 return !m_policy || m_policy->allowInlineScript();947 return isAllowedByAll<&CSPDirectiveList::allowInlineScript>(m_policies); 930 948 } 931 949 932 950 bool ContentSecurityPolicy::allowInlineStyle() const 933 951 { 934 return !m_policy || m_overrideInlineStyleAllowed || m_policy->allowInlineStyle(); 952 if (m_overrideInlineStyleAllowed) 953 return true; 954 return isAllowedByAll<&CSPDirectiveList::allowInlineStyle>(m_policies); 935 955 } 936 956 937 957 bool ContentSecurityPolicy::allowEval() const 938 958 { 939 return !m_policy || m_policy->allowEval();959 return isAllowedByAll<&CSPDirectiveList::allowEval>(m_policies); 940 960 } 941 961 942 962 bool ContentSecurityPolicy::allowScriptFromSource(const KURL& url) const 943 963 { 944 return !m_policy || m_policy->allowScriptFromSource(url);964 return isAllowedByAll<&CSPDirectiveList::allowScriptFromSource>(m_policies, url); 945 965 } 946 966 947 967 bool ContentSecurityPolicy::allowObjectFromSource(const KURL& url) const 948 968 { 949 return !m_policy || m_policy->allowObjectFromSource(url);969 return isAllowedByAll<&CSPDirectiveList::allowObjectFromSource>(m_policies, url); 950 970 } 951 971 952 972 bool ContentSecurityPolicy::allowChildFrameFromSource(const KURL& url) const 953 973 { 954 return !m_policy || m_policy->allowChildFrameFromSource(url);974 return isAllowedByAll<&CSPDirectiveList::allowChildFrameFromSource>(m_policies, url); 955 975 } 956 976 957 977 bool ContentSecurityPolicy::allowImageFromSource(const KURL& url) const 958 978 { 959 return !m_policy || m_policy->allowImageFromSource(url);979 return isAllowedByAll<&CSPDirectiveList::allowImageFromSource>(m_policies, url); 960 980 } 961 981 962 982 bool ContentSecurityPolicy::allowStyleFromSource(const KURL& url) const 963 983 { 964 return !m_policy || m_policy->allowStyleFromSource(url);984 return isAllowedByAll<&CSPDirectiveList::allowStyleFromSource>(m_policies, url); 965 985 } 966 986 967 987 bool ContentSecurityPolicy::allowFontFromSource(const KURL& url) const 968 988 { 969 return !m_policy || m_policy->allowFontFromSource(url);989 return isAllowedByAll<&CSPDirectiveList::allowFontFromSource>(m_policies, url); 970 990 } 971 991 972 992 bool ContentSecurityPolicy::allowMediaFromSource(const KURL& url) const 973 993 { 974 return !m_policy || m_policy->allowMediaFromSource(url);994 return isAllowedByAll<&CSPDirectiveList::allowMediaFromSource>(m_policies, url); 975 995 } 976 996 977 997 bool ContentSecurityPolicy::allowConnectFromSource(const KURL& url) const 978 998 { 979 return !m_policy || m_policy->allowConnectFromSource(url);980 } 981 982 } 999 return isAllowedByAll<&CSPDirectiveList::allowConnectFromSource>(m_policies, url); 1000 } 1001 1002 } -
trunk/Source/WebCore/page/ContentSecurityPolicy.h
r116177 r116254 38 38 class KURL; 39 39 40 typedef Vector<OwnPtr<CSPDirectiveList> > CSPDirectiveListVector; 41 40 42 class ContentSecurityPolicy { 41 43 public: … … 55 57 void didReceiveHeader(const String&, HeaderType); 56 58 57 const String& header() const; 58 HeaderType headerType() const; 59 // These functions are wrong becuase they assume that there is only one header. 60 // FIXME: Replace them with functions that return vectors. 61 const String& deprecatedHeader() const; 62 HeaderType deprecatedHeaderType() const; 59 63 60 64 bool allowJavaScriptURLs() const; … … 80 84 ScriptExecutionContext* m_scriptExecutionContext; 81 85 bool m_overrideInlineStyleAllowed; 82 OwnPtr<CSPDirectiveList> m_policy;86 CSPDirectiveListVector m_policies; 83 87 }; 84 88 -
trunk/Source/WebCore/workers/DefaultSharedWorkerRepository.cpp
r116177 r116254 323 323 DefaultSharedWorkerRepository::instance().workerScriptLoaded(*m_proxy, m_worker->scriptExecutionContext()->userAgent(m_scriptLoader->url()), 324 324 m_scriptLoader->script(), m_port.release(), 325 m_worker->scriptExecutionContext()->contentSecurityPolicy()-> header(),326 m_worker->scriptExecutionContext()->contentSecurityPolicy()-> headerType());325 m_worker->scriptExecutionContext()->contentSecurityPolicy()->deprecatedHeader(), 326 m_worker->scriptExecutionContext()->contentSecurityPolicy()->deprecatedHeaderType()); 327 327 } 328 328 m_worker->unsetPendingActivity(m_worker.get()); -
trunk/Source/WebCore/workers/WorkerMessagingProxy.cpp
r116177 r116254 273 273 { 274 274 RefPtr<DedicatedWorkerThread> thread = DedicatedWorkerThread::create(scriptURL, userAgent, sourceCode, *this, *this, startMode, 275 m_scriptExecutionContext->contentSecurityPolicy()-> header(),276 m_scriptExecutionContext->contentSecurityPolicy()-> headerType());275 m_scriptExecutionContext->contentSecurityPolicy()->deprecatedHeader(), 276 m_scriptExecutionContext->contentSecurityPolicy()->deprecatedHeaderType()); 277 277 workerThreadCreated(thread); 278 278 thread->start(); -
trunk/Source/WebKit/chromium/ChangeLog
r116243 r116254 1 2012-05-06 Adam Barth <abarth@webkit.org> 2 3 CSP should let sites both enforce one policy and monitor another 4 https://bugs.webkit.org/show_bug.cgi?id=85561 5 6 Reviewed by Eric Seidel. 7 8 * src/SharedWorkerRepository.cpp: 9 (WebCore::SharedWorkerScriptLoader::notifyFinished): 10 * src/WebWorkerClientImpl.cpp: 11 (WebKit::WebWorkerClientImpl::startWorkerContext): 12 1 13 2012-05-06 Kent Tamura <tkent@chromium.org> 2 14 -
trunk/Source/WebKit/chromium/src/SharedWorkerRepository.cpp
r116177 r116254 172 172 // Pass the script off to the worker, then send a connect event. 173 173 m_webWorker->startWorkerContext(m_url, m_name, m_worker->scriptExecutionContext()->userAgent(m_url), m_scriptLoader->script(), 174 m_worker->scriptExecutionContext()->contentSecurityPolicy()-> header(),175 static_cast<WebKit::WebContentSecurityPolicyType>(m_worker->scriptExecutionContext()->contentSecurityPolicy()-> headerType()),174 m_worker->scriptExecutionContext()->contentSecurityPolicy()->deprecatedHeader(), 175 static_cast<WebKit::WebContentSecurityPolicyType>(m_worker->scriptExecutionContext()->contentSecurityPolicy()->deprecatedHeaderType()), 176 176 m_responseAppCacheID); 177 177 sendConnect(); -
trunk/Source/WebKit/chromium/src/WebWorkerClientImpl.cpp
r116177 r116254 88 88 { 89 89 RefPtr<DedicatedWorkerThread> thread = DedicatedWorkerThread::create(scriptURL, userAgent, sourceCode, *this, *this, startMode, 90 m_scriptExecutionContext->contentSecurityPolicy()-> header(),91 m_scriptExecutionContext->contentSecurityPolicy()-> headerType());90 m_scriptExecutionContext->contentSecurityPolicy()->deprecatedHeader(), 91 m_scriptExecutionContext->contentSecurityPolicy()->deprecatedHeaderType()); 92 92 m_proxy->workerThreadCreated(thread); 93 93 thread->start();
Note: See TracChangeset
for help on using the changeset viewer.
