Context Navigation

← Previous Changeset
Next Changeset →

Changeset 123722 in webkit

Timestamp:

Jul 26, 2012 2:49:52 AM (12 years ago)

Author:

commit-queue@webkit.org

Message:

Source/WebCore: CSP 1.1: Implement the Content Security Policy script interface.
https://bugs.webkit.org/show_bug.cgi?id=91707

Patch by Mike West <mkwst@chromium.org> on 2012-07-26
Reviewed by Adam Barth.

The CSP 1.1 editor's draft defines a script interface that gives
developers the ability to query a document regarding the restrictions
set by it's currently active content security policy[1]. This patch
exposes that API in terms of a new DOMSecurityPolicy object.

Data for the API is gathered from the existing ContentSecurityPolicy
object on the containing document. CSP's various methods have been
extended with a reportingStatus parameter which, unsurprisingly,
determines whether a violation report should be sent for blocked
resources. This allows us to reuse the same codepaths by simply using
ContentSecurityPolicy::SuppressReport when querying on behalf of the
API, and ContentSecurityPolicy::SendReport when checking resources a
page wants to load.

This feature is gated on the CSP_NEXT flag, which is currently disabled
for all ports other than Chromium.

[1]: https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#script-interfaces--experimental

Tests: http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowconnectionto.html

http/tests/security/contentSecurityPolicy/1.1/securitypolicy-alloweval.html
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowfontfrom.html
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowframefrom.html
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowimagefrom.html
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowmediafrom.html
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowobjectfrom.html
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowscriptfrom.html
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowstylefrom.html
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-isactive.html
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-reporturi.html

CMakeLists.txt:
DerivedSources.cpp:
DerivedSources.make:
DerivedSources.pri:
GNUmakefile.list.am:
WebCore.gypi:
bindings/gobject/GNUmakefile.am:
WebCore.xcodeproj/project.pbxproj:

We added a new object, so let's tell _everyone!_

dom/Document.cpp:

(WebCore::Document::securityPolicy):

Expose the SecurityPolicy object via Document, gated on CSP_NEXT.

(WebCore):

dom/Document.h:

(WebCore):
(Document):

dom/Document.idl:

Adding the SecurityPolicy object to the document, gated on CSP_NEXT.

page/ContentSecurityPolicy.cpp:

(CSPDirectiveList):
(WebCore::CSPDirectiveList::checkInline):
(WebCore::CSPDirectiveList::checkNonce):
(WebCore::CSPDirectiveList::checkSource):

Extracting the core checks out into separate methods.

(WebCore::CSPDirectiveList::checkEvalAndReportViolation):

Use checkEval.

(WebCore::CSPDirectiveList::checkNonceAndReportViolation):

Use checkNonce.

(WebCore::CSPDirectiveList::checkInlineAndReportViolation):

Use checkInline.

(WebCore::CSPDirectiveList::checkSourceAndReportViolation):

Use checkSource.

(WebCore::CSPDirectiveList::allowJavaScriptURLs):
(WebCore::CSPDirectiveList::allowInlineEventHandlers):
(WebCore::CSPDirectiveList::allowInlineScript):
(WebCore::CSPDirectiveList::allowInlineStyle):
(WebCore::CSPDirectiveList::allowEval):
(WebCore::CSPDirectiveList::allowScriptFromSource):
(WebCore::CSPDirectiveList::allowObjectFromSource):
(WebCore::CSPDirectiveList::allowChildFrameFromSource):
(WebCore::CSPDirectiveList::allowImageFromSource):
(WebCore::CSPDirectiveList::allowStyleFromSource):
(WebCore::CSPDirectiveList::allowFontFromSource):
(WebCore::CSPDirectiveList::allowMediaFromSource):
(WebCore::CSPDirectiveList::allowConnectToSource):

These methods now branch on reportingStatus: if SendReoport,
they call checkXAndReportViolation, otherwise, they call checkX.

(WebCore::CSPDirectiveList::gatherReportURIs):

New method that gathers the violation report URIs into a DOMStringList.

(WebCore::isAllowedByAllWithCallStack):
(WebCore::isAllowedByAllWithContext):
(WebCore::isAllowedByAllWithURL):

These now pass reportingStatus through to the various allowX methods.

(WebCore::ContentSecurityPolicy::allowJavaScriptURLs):
(WebCore::ContentSecurityPolicy::allowInlineEventHandlers):
(WebCore::ContentSecurityPolicy::allowInlineScript):
(WebCore::ContentSecurityPolicy::allowInlineStyle):
(WebCore::ContentSecurityPolicy::allowEval):
(WebCore::ContentSecurityPolicy::allowScriptFromSource):
(WebCore::ContentSecurityPolicy::allowObjectFromSource):
(WebCore::ContentSecurityPolicy::allowChildFrameFromSource):
(WebCore::ContentSecurityPolicy::allowImageFromSource):
(WebCore::ContentSecurityPolicy::allowStyleFromSource):
(WebCore::ContentSecurityPolicy::allowFontFromSource):
(WebCore::ContentSecurityPolicy::allowMediaFromSource):
(WebCore::ContentSecurityPolicy::allowConnectToSource):

These accept a new reportingStatus parameter, which is passed through
to the CSPDirectiveList methods.

(WebCore::ContentSecurityPolicy::isActive):

New method that returns true if policy is active.

(WebCore::ContentSecurityPolicy::gatherReportURIs):

New method that returns a DOMStringList of violation report URIs.

page/ContentSecurityPolicy.h:

(WebCore):

page/DOMSecurityPolicy.cpp: Added.

(WebCore::DOMSecurityPolicy::DOMSecurityPolicy):
(WebCore):
(WebCore::DOMSecurityPolicy::~DOMSecurityPolicy):
(WebCore::DOMSecurityPolicy::isActive):
(WebCore::DOMSecurityPolicy::reportURIs):
(WebCore::DOMSecurityPolicy::allowsInlineScript):
(WebCore::DOMSecurityPolicy::allowsInlineStyle):
(WebCore::DOMSecurityPolicy::allowsEval):
(WebCore::DOMSecurityPolicy::allowsConnectionTo):
(WebCore::DOMSecurityPolicy::allowsFontFrom):
(WebCore::DOMSecurityPolicy::allowsFrameFrom):
(WebCore::DOMSecurityPolicy::allowsImageFrom):
(WebCore::DOMSecurityPolicy::allowsMediaFrom):
(WebCore::DOMSecurityPolicy::allowsObjectFrom):
(WebCore::DOMSecurityPolicy::allowsScriptFrom):
(WebCore::DOMSecurityPolicy::allowsStyleFrom):

page/DOMSecurityPolicy.h: Added.

(WebCore):
(DOMSecurityPolicy):
(WebCore::DOMSecurityPolicy::create):

page/DOMSecurityPolicy.idl: Added.

LayoutTests: Implement the experimental Content Security Policy script interface.
https://bugs.webkit.org/show_bug.cgi?id=91707

Patch by Mike West <mkwst@chromium.org> on 2012-07-26
Reviewed by Adam Barth.

http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowconnectionto-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowconnectionto.html: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-alloweval-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-alloweval.html: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowfontfrom-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowfontfrom.html: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowframefrom-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowframefrom.html: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowimagefrom-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowimagefrom.html: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowmediafrom-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowmediafrom.html: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowobjectfrom-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowobjectfrom.html: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowscriptfrom-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowscriptfrom.html: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowstylefrom-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowstylefrom.html: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-isactive-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-isactive.html: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-reporturi-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/securitypolicy-reporturi.html: Added.
http/tests/security/contentSecurityPolicy/resources/securitypolicy-tests-base.js: Added.

(log):
(injectPolicy):

Location:

trunk

Files:

: 26 added
: 15 edited

Legend:

: Unmodified
: Added
: Removed

trunk/LayoutTests/ChangeLog

-                      r123720
+                      r123722
+-07-26  Mike West  <mkwst@chromium.org>
+        Implement the experimental Content Security Policy script interface.
+        https://bugs.webkit.org/show_bug.cgi?id=91707
+        Reviewed by Adam Barth.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowconnectionto-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowconnectionto.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-alloweval-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-alloweval.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowfontfrom-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowfontfrom.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowframefrom-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowframefrom.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowimagefrom-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowimagefrom.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowmediafrom-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowmediafrom.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowobjectfrom-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowobjectfrom.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowscriptfrom-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowscriptfrom.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowstylefrom-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowstylefrom.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-isactive-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-isactive.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-reporturi-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/securitypolicy-reporturi.html: Added.
+        * http/tests/security/contentSecurityPolicy/resources/securitypolicy-tests-base.js: Added.
+        (log):
+        (injectPolicy):
 -07-26  Ádám Kallai  <kadam@inf.u-szeged.hu>

trunk/Source/WebCore/CMakeLists.txt

-                      r123522
+                      r123722
     page/Coordinates.idl
     page/Crypto.idl
+    page/DOMSecurityPolicy.idl
     page/DOMSelection.idl
     page/DOMWindow.idl
 …
     page/ContextMenuController.cpp
     page/Crypto.cpp
+    page/DOMSecurityPolicy.cpp
     page/DOMSelection.cpp
     page/DOMTimer.cpp

trunk/Source/WebCore/ChangeLog

-                      r123721
+                      r123722
+-07-26  Mike West  <mkwst@chromium.org>
+        CSP 1.1: Implement the Content Security Policy script interface.
+        https://bugs.webkit.org/show_bug.cgi?id=91707
+        Reviewed by Adam Barth.
+        The CSP 1.1 editor's draft defines a script interface that gives
+        developers the ability to query a document regarding the restrictions
+        set by it's currently active content security policy[1]. This patch
+        exposes that API in terms of a new DOMSecurityPolicy object.
+        Data for the API is gathered from the existing ContentSecurityPolicy
+        object on the containing document. CSP's various methods have been
+        extended with a `reportingStatus` parameter which, unsurprisingly,
+        determines whether a violation report should be sent for blocked
+        resources. This allows us to reuse the same codepaths by simply using
+        ContentSecurityPolicy::SuppressReport when querying on behalf of the
+        API, and ContentSecurityPolicy::SendReport when checking resources a
+        page wants to load.
+        This feature is gated on the CSP_NEXT flag, which is currently disabled
+        for all ports other than Chromium.
+        [1]: https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#script-interfaces--experimental
+        Tests: http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowconnectionto.html
+               http/tests/security/contentSecurityPolicy/1.1/securitypolicy-alloweval.html
+               http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowfontfrom.html
+               http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowframefrom.html
+               http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowimagefrom.html
+               http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowmediafrom.html
+               http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowobjectfrom.html
+               http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowscriptfrom.html
+               http/tests/security/contentSecurityPolicy/1.1/securitypolicy-allowstylefrom.html
+               http/tests/security/contentSecurityPolicy/1.1/securitypolicy-isactive.html
+               http/tests/security/contentSecurityPolicy/1.1/securitypolicy-reporturi.html
+        * CMakeLists.txt:
+        * DerivedSources.cpp:
+        * DerivedSources.make:
+        * DerivedSources.pri:
+        * GNUmakefile.list.am:
+        * WebCore.gypi:
+        * bindings/gobject/GNUmakefile.am:
+        * WebCore.xcodeproj/project.pbxproj:
+            We added a new object, so let's tell _everyone!_
+        * dom/Document.cpp:
+        (WebCore::Document::securityPolicy):
+            Expose the SecurityPolicy object via Document, gated on CSP_NEXT.
+        (WebCore):
+        * dom/Document.h:
+        (WebCore):
+        (Document):
+        * dom/Document.idl:
+            Adding the SecurityPolicy object to the document, gated on CSP_NEXT.
+        * page/ContentSecurityPolicy.cpp:
+        (CSPDirectiveList):
+        (WebCore::CSPDirectiveList::checkInline):
+        (WebCore::CSPDirectiveList::checkNonce):
+        (WebCore::CSPDirectiveList::checkSource):
+            Extracting the core checks out into separate methods.
+        (WebCore::CSPDirectiveList::checkEvalAndReportViolation):
+            Use checkEval.
+        (WebCore::CSPDirectiveList::checkNonceAndReportViolation):
+            Use checkNonce.
+        (WebCore::CSPDirectiveList::checkInlineAndReportViolation):
+            Use checkInline.
+        (WebCore::CSPDirectiveList::checkSourceAndReportViolation):
+            Use checkSource.
+        (WebCore::CSPDirectiveList::allowJavaScriptURLs):
+        (WebCore::CSPDirectiveList::allowInlineEventHandlers):
+        (WebCore::CSPDirectiveList::allowInlineScript):
+        (WebCore::CSPDirectiveList::allowInlineStyle):
+        (WebCore::CSPDirectiveList::allowEval):
+        (WebCore::CSPDirectiveList::allowScriptFromSource):
+        (WebCore::CSPDirectiveList::allowObjectFromSource):
+        (WebCore::CSPDirectiveList::allowChildFrameFromSource):
+        (WebCore::CSPDirectiveList::allowImageFromSource):
+        (WebCore::CSPDirectiveList::allowStyleFromSource):
+        (WebCore::CSPDirectiveList::allowFontFromSource):
+        (WebCore::CSPDirectiveList::allowMediaFromSource):
+        (WebCore::CSPDirectiveList::allowConnectToSource):
+            These methods now branch on `reportingStatus`: if `SendReoport`,
+            they call `checkXAndReportViolation`, otherwise, they call `checkX`.
+        (WebCore::CSPDirectiveList::gatherReportURIs):
+            New method that gathers the violation report URIs into a DOMStringList.
+        (WebCore::isAllowedByAllWithCallStack):
+        (WebCore::isAllowedByAllWithContext):
+        (WebCore::isAllowedByAllWithURL):
+            These now pass reportingStatus through to the various `allowX` methods.
+        (WebCore::ContentSecurityPolicy::allowJavaScriptURLs):
+        (WebCore::ContentSecurityPolicy::allowInlineEventHandlers):
+        (WebCore::ContentSecurityPolicy::allowInlineScript):
+        (WebCore::ContentSecurityPolicy::allowInlineStyle):
+        (WebCore::ContentSecurityPolicy::allowEval):
+        (WebCore::ContentSecurityPolicy::allowScriptFromSource):
+        (WebCore::ContentSecurityPolicy::allowObjectFromSource):
+        (WebCore::ContentSecurityPolicy::allowChildFrameFromSource):
+        (WebCore::ContentSecurityPolicy::allowImageFromSource):
+        (WebCore::ContentSecurityPolicy::allowStyleFromSource):
+        (WebCore::ContentSecurityPolicy::allowFontFromSource):
+        (WebCore::ContentSecurityPolicy::allowMediaFromSource):
+        (WebCore::ContentSecurityPolicy::allowConnectToSource):
+            These accept a new `reportingStatus` parameter, which is passed through
+            to the CSPDirectiveList methods.
+        (WebCore::ContentSecurityPolicy::isActive):
+            New method that returns `true` if policy is active.
+        (WebCore::ContentSecurityPolicy::gatherReportURIs):
+            New method that returns a DOMStringList of violation report URIs.
+        * page/ContentSecurityPolicy.h:
+        (WebCore):
+        * page/DOMSecurityPolicy.cpp: Added.
+        (WebCore::DOMSecurityPolicy::DOMSecurityPolicy):
+        (WebCore):
+        (WebCore::DOMSecurityPolicy::~DOMSecurityPolicy):
+        (WebCore::DOMSecurityPolicy::isActive):
+        (WebCore::DOMSecurityPolicy::reportURIs):
+        (WebCore::DOMSecurityPolicy::allowsInlineScript):
+        (WebCore::DOMSecurityPolicy::allowsInlineStyle):
+        (WebCore::DOMSecurityPolicy::allowsEval):
+        (WebCore::DOMSecurityPolicy::allowsConnectionTo):
+        (WebCore::DOMSecurityPolicy::allowsFontFrom):
+        (WebCore::DOMSecurityPolicy::allowsFrameFrom):
+        (WebCore::DOMSecurityPolicy::allowsImageFrom):
+        (WebCore::DOMSecurityPolicy::allowsMediaFrom):
+        (WebCore::DOMSecurityPolicy::allowsObjectFrom):
+        (WebCore::DOMSecurityPolicy::allowsScriptFrom):
+        (WebCore::DOMSecurityPolicy::allowsStyleFrom):
+        * page/DOMSecurityPolicy.h: Added.
+        (WebCore):
+        (DOMSecurityPolicy):
+        (WebCore::DOMSecurityPolicy::create):
+        * page/DOMSecurityPolicy.idl: Added.
 -07-26  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

trunk/Source/WebCore/DerivedSources.cpp

r123522	r123722
95	95	#include "JSDOMPlugin.cpp"
96	96	#include "JSDOMPluginArray.cpp"
	97	#include "JSDOMSecurityPolicy.cpp"
97	98	#include "JSDOMSelection.cpp"
98	99	#include "JSDOMSettableTokenList.cpp"

trunk/Source/WebCore/DerivedSources.make

r123522	r123722
412	412	$(WebCore)/page/Coordinates.idl \
413	413	$(WebCore)/page/Crypto.idl \
	414	$(WebCore)/page/DOMSecurityPolicy.idl \
414	415	$(WebCore)/page/DOMSelection.idl \
415	416	$(WebCore)/page/DOMWindow.idl \

trunk/Source/WebCore/DerivedSources.pri

r123522	r123722
416	416	$$PWD/page/Coordinates.idl \
417	417	$$PWD/page/Crypto.idl \
	418	$$PWD/page/DOMSecurityPolicy.idl \
418	419	$$PWD/page/DOMSelection.idl \
419	420	$$PWD/page/DOMWindow.idl \

trunk/Source/WebCore/GNUmakefile.list.am

-                      r123627
+                      r123722
         DerivedSources/WebCore/JSDOMPlugin.cpp \
         DerivedSources/WebCore/JSDOMPlugin.h \
+        DerivedSources/WebCore/JSDOMSecurityPolicy.cpp \
+        DerivedSources/WebCore/JSDOMSecurityPolicy.h \
         DerivedSources/WebCore/JSDOMSelection.cpp \
         DerivedSources/WebCore/JSDOMSelection.h \
 …
         $(WebCore)/page/Coordinates.idl \
         $(WebCore)/page/Crypto.idl \
+        $(WebCore)/page/DOMSecurityPolicy.idl \
         $(WebCore)/page/DOMSelection.idl \
         $(WebCore)/page/DOMWindow.idl \
 …
         Source/WebCore/page/Crypto.cpp \
         Source/WebCore/page/Crypto.h \
+        Source/WebCore/page/DOMSecurityPolicy.cpp \
+        Source/WebCore/page/DOMSecurityPolicy.h \
         Source/WebCore/page/DOMSelection.cpp \
         Source/WebCore/page/DOMSelection.h \

trunk/Source/WebCore/WebCore.gypi

-                      r123644
+                      r123722
             'page/ContextMenuController.h',
             'page/Coordinates.h',
+            'page/DOMSecurityPolicy.h',
             'page/DOMWindow.h',
             'page/DOMWindowExtension.h',
 …
             'page/Coordinates.idl',
             'page/Crypto.idl',
+            'page/DOMSecurityPolicy.idl',
             'page/DOMSelection.idl',
             'page/DOMWindow.idl',
 …
             'page/Crypto.cpp',
             'page/Crypto.h',
+            'page/DOMSecurityPolicy.cpp',
             'page/DOMSelection.cpp',
             'page/DOMSelection.h',
 …
             '<(PRODUCT_DIR)/DerivedSources/WebCore/JSDOMPluginArray.cpp',
             '<(PRODUCT_DIR)/DerivedSources/WebCore/JSDOMPluginArray.h',
+            '<(PRODUCT_DIR)/DerivedSources/WebCore/JSDOMSecurityPolicy.cpp',
+            '<(PRODUCT_DIR)/DerivedSources/WebCore/JSDOMSecurityPolicy.h',
             '<(PRODUCT_DIR)/DerivedSources/WebCore/JSDOMSelection.cpp',
             '<(PRODUCT_DIR)/DerivedSources/WebCore/JSDOMSelection.h',

trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj

-                      r123623
+                      r123722
 D9066060BE141D400956998 /* LayoutState.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 2D9066040BE141D400956998 /* LayoutState.cpp */; };
 D9066070BE141D400956998 /* LayoutState.h in Headers */ = {isa = PBXBuildFile; fileRef = 2D9066050BE141D400956998 /* LayoutState.h */; settings = {ATTRIBUTES = (Private, ); }; };
+D9A246E15B9BD0000D34527 /* DOMSecurityPolicy.h in Headers */ = {isa = PBXBuildFile; fileRef = 2D9A246B15B9BBDD00D34527 /* DOMSecurityPolicy.h */; };
+D9A246F15B9BD2F00D34527 /* DOMSecurityPolicy.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 2D9A246A15B9BBDD00D34527 /* DOMSecurityPolicy.cpp */; };
+D9A247315B9C2D100D34527 /* DOMDOMSecurityPolicy.mm in Sources */ = {isa = PBXBuildFile; fileRef = 2D9A247215B9C2C700D34527 /* DOMDOMSecurityPolicy.mm */; };
+D9A247415B9C2E300D34527 /* DOMDOMSecurityPolicy.h in Headers */ = {isa = PBXBuildFile; fileRef = 2D9A247015B9C29500D34527 /* DOMDOMSecurityPolicy.h */; };
+D9A247515B9C2E300D34527 /* DOMDOMSecurityPolicyInternal.h in Headers */ = {isa = PBXBuildFile; fileRef = 2D9A247115B9C29500D34527 /* DOMDOMSecurityPolicyInternal.h */; };
+D9A247615B9C2F400D34527 /* DOMDOMSecurityPolicy.h in Copy Generated Headers */ = {isa = PBXBuildFile; fileRef = 2D9A247015B9C29500D34527 /* DOMDOMSecurityPolicy.h */; };
 D9F0E1314FF1CBF00BA0FF7 /* linearSRGB.icc in Resources */ = {isa = PBXBuildFile; fileRef = 2D9F0E1214FF1CBF00BA0FF7 /* linearSRGB.icc */; };
 E0888D41148848A00AF4265 /* JSDOMFormData.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 2E0888D21148848A00AF4265 /* JSDOMFormData.cpp */; };
 …
                         files = (
 DF7F5C20F01F92A00526B4B /* CSSPropertyNames.h in Copy Generated Headers */,
+D9A247615B9C2F400D34527 /* DOMDOMSecurityPolicy.h in Copy Generated Headers */,
 F0300AD71CDB006A81D1 /* DOMAbstractView.h in Copy Generated Headers */,
 C11CCBC0AA6093700DADB20 /* DOMAttr.h in Copy Generated Headers */,
 …
 D90660B0665D937006B6F1A /* ClipboardMac.h */ = {isa = PBXFileReference; fileEncoding = 30; indentWidth = 4; lastKnownFileType = sourcecode.c.h; path = ClipboardMac.h; sourceTree = "<group>"; tabWidth = 8; usesTabs = 0; };
 D90660C0665D937006B6F1A /* ClipboardMac.mm */ = {isa = PBXFileReference; fileEncoding = 30; indentWidth = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = ClipboardMac.mm; sourceTree = "<group>"; tabWidth = 8; usesTabs = 0; };
+D9A246A15B9BBDD00D34527 /* DOMSecurityPolicy.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = DOMSecurityPolicy.cpp; sourceTree = "<group>"; };
+D9A246B15B9BBDD00D34527 /* DOMSecurityPolicy.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMSecurityPolicy.h; sourceTree = "<group>"; };
+D9A247015B9C29500D34527 /* DOMDOMSecurityPolicy.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMDOMSecurityPolicy.h; sourceTree = "<group>"; };
+D9A247115B9C29500D34527 /* DOMDOMSecurityPolicyInternal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMDOMSecurityPolicyInternal.h; sourceTree = "<group>"; };
+D9A247215B9C2C700D34527 /* DOMDOMSecurityPolicy.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = DOMDOMSecurityPolicy.mm; sourceTree = "<group>"; };
 D9F0E1214FF1CBF00BA0FF7 /* linearSRGB.icc */ = {isa = PBXFileReference; lastKnownFileType = file; path = linearSRGB.icc; sourceTree = "<group>"; };
 E0888C3114883A900AF4265 /* DOMFormData.idl */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = DOMFormData.idl; sourceTree = "<group>"; };
 …
                         isa = PBXGroup;
                         children = (
+D9A246A15B9BBDD00D34527 /* DOMSecurityPolicy.cpp */,
+D9A246B15B9BBDD00D34527 /* DOMSecurityPolicy.h */,
 FE1060E6E1D8400BF6088 /* animation */,
 C09A820B064F05005ABD4D /* mac */,
 …
                         isa = PBXGroup;
                         children = (
+D9A247215B9C2C700D34527 /* DOMDOMSecurityPolicy.mm */,
+D9A247015B9C29500D34527 /* DOMDOMSecurityPolicy.h */,
+D9A247115B9C29500D34527 /* DOMDOMSecurityPolicyInternal.h */,
 D389B00A991A7F00282145 /* DOMAttr.h */,
 D389B10A991A7F00282145 /* DOMAttr.mm */,
 …
 AB9B0AD4394E00378540 /* DOMSVGFEImageElementInternal.h in Headers */,
 AB5C0AD438C000378540 /* DOMSVGFEMergeElement.h in Headers */,
+D9A247415B9C2E300D34527 /* DOMDOMSecurityPolicy.h in Headers */,
+D9A247515B9C2E300D34527 /* DOMDOMSecurityPolicyInternal.h in Headers */,
 AB9C0AD4394E00378540 /* DOMSVGFEMergeElementInternal.h in Headers */,
 AB5E0AD438C000378540 /* DOMSVGFEMergeNodeElement.h in Headers */,
 …
                                 A81369D4097374F600D74463 /* HTMLFieldSetElement.h in Headers */,
                                 A8CFF7A60A156978000A4234 /* HTMLFontElement.h in Headers */,
+D9A246E15B9BD0000D34527 /* DOMSecurityPolicy.h in Headers */,
 B386F122883E900B81FF8 /* HTMLFormattingElementList.h in Headers */,
                                 A8DF3FCE097FA0FC0052981B /* HTMLFormCollection.h in Headers */,
 …
                         files = (
                                 FDE6860215B0A93B00BB480C /* WrapShapeFunctions.cpp in Sources */,
+D9A247315B9C2D100D34527 /* DOMDOMSecurityPolicy.mm in Sources */,
 BC69DA1505F076001B74AC /* AbstractDatabase.cpp in Sources */,
 E1B1D00FF5986900576B3B /* AbstractWorker.cpp in Sources */,
 …
 C38A80AA8F20400B187A4 /* DOMRect.mm in Sources */,
                                 BCAEFCAE1016CE4A0040D34E /* DOMRGBColor.mm in Sources */,
+D9A246F15B9BD2F00D34527 /* DOMSecurityPolicy.cpp in Sources */,
                                 BC5A86840C33676000EEA649 /* DOMSelection.cpp in Sources */,
 ACBC0C312713CCA0094F9B2 /* DOMSettableTokenList.cpp in Sources */,

trunk/Source/WebCore/bindings/gobject/GNUmakefile.am

-                      r123434
+                      r123722
         DerivedSources/webkit/WebKitDOMDOMPlugin.cpp \
         DerivedSources/webkit/WebKitDOMDOMPluginPrivate.h \
+        DerivedSources/webkit/WebKitDOMDOMSecurityPolicy.cpp \
+        DerivedSources/webkit/WebKitDOMDOMSecurityPolicyPrivate.h \
         DerivedSources/webkit/WebKitDOMDOMSelection.cpp \
         DerivedSources/webkit/WebKitDOMDOMSelectionPrivate.h \
 …
         DerivedSources/webkit/WebKitDOMDOMImplementation.h \
         DerivedSources/webkit/WebKitDOMDOMSettableTokenList.h \
+        DerivedSources/webkit/WebKitDOMDOMSecurityPolicy.h \
         DerivedSources/webkit/WebKitDOMDOMStringList.h \
         DerivedSources/webkit/WebKitDOMDOMStringMap.h \

trunk/Source/WebCore/dom/Document.cpp

-                      r123412
+                      r123722
 #endif
+#if ENABLE(CSP_NEXT)
+#include "DOMSecurityPolicy.h"
+#endif
 using namespace std;
 using namespace WTF;
 …
+{
     dispatchEvent(Event::create(eventNames().webkitvisibilitychangeEvent, false, false));
+}
+#endif
+#if ENABLE(CSP_NEXT)
+DOMSecurityPolicy* Document::securityPolicy()
+{
+    if (!m_domSecurityPolicy)
+        m_domSecurityPolicy = DOMSecurityPolicy::create(this);
+    return m_domSecurityPolicy.get();
+}
 #endif

trunk/Source/WebCore/dom/Document.h

-                      r123412
+                      r123722
 #endif
+#if ENABLE(CSP_NEXT)
+class DOMSecurityPolicy;
+#endif
 typedef int ExceptionCode;
 …
 #endif
+#if ENABLE(CSP_NEXT)
+    DOMSecurityPolicy* securityPolicy();
+#endif
     PassRefPtr<Node> adoptNode(PassRefPtr<Node> source, ExceptionCode&);
 …
     RefPtr<WebKitNamedFlowCollection> m_namedFlows;
+#if ENABLE(CSP_NEXT)
+    RefPtr<DOMSecurityPolicy> m_domSecurityPolicy;
+#endif
 #ifndef NDEBUG
     bool m_didDispatchViewportPropertiesChanged;

trunk/Source/WebCore/dom/Document.idl

-                      r120486
+                      r123722
         readonly attribute [Conditional=PAGE_VISIBILITY_API] boolean webkitHidden;
+        // Security Policy API: http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#script-interfaces
+        readonly attribute [Conditional=CSP_NEXT] DOMSecurityPolicy SecurityPolicy;
     };

trunk/Source/WebCore/page/ContentSecurityPolicy.cpp

-                      r122741
+                      r123722
 #include "Console.h"
+#include "DOMStringList.h"
 #include "Document.h"
 #include "FormData.h"
 …
     ContentSecurityPolicy::HeaderType headerType() const { return m_reportOnly ? ContentSecurityPolicy::ReportOnly : ContentSecurityPolicy::EnforcePolicy; }
     bool allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
     bool allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
     bool allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
     bool allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
     bool allowEval(PassRefPtr<ScriptCallStack>) const;
+    bool allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const;
+    bool allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const;
+    bool allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const;
+    bool allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus) const;
+    bool allowEval(PassRefPtr<ScriptCallStack>, ContentSecurityPolicy::ReportingStatus) const;
     bool allowScriptNonce(const String& nonce, const String& contextURL, const WTF::OrdinalNumber& contextLine, const KURL&) const;
+    bool allowScriptFromSource(const KURL&) const;
+    bool allowObjectFromSource(const KURL&) const;
+    bool allowChildFrameFromSource(const KURL&) const;
+    bool allowImageFromSource(const KURL&) const;
+    bool allowStyleFromSource(const KURL&) const;
+    bool allowFontFromSource(const KURL&) const;
+    bool allowMediaFromSource(const KURL&) const;
+    bool allowConnectToSource(const KURL&) const;
+    bool allowScriptFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const;
+    bool allowObjectFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const;
+    bool allowChildFrameFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const;
+    bool allowImageFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const;
+    bool allowStyleFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const;
+    bool allowFontFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const;
+    bool allowMediaFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const;
+    bool allowConnectToSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const;
+    void gatherReportURIs(DOMStringList&) const;
 private:
 …
     void logDuplicateDirective(const String& name) const;
     void logInvalidNonce(const String& nonce) const;
     bool checkEval(CSPDirective*) const;
+    bool checkInline(CSPDirective*) const;
+    bool checkNonce(const String&) const;
+    bool checkSource(CSPDirective*, const KURL&) const;
+    bool checkEvalAndReportViolation(CSPDirective*, const String& consoleMessage, const String& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::OrdinalNumber::beforeFirst(), PassRefPtr<ScriptCallStack> = 0) const;
     bool checkInlineAndReportViolation(CSPDirective*, const String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
     bool checkNonceAndReportViolation(const String& nonce, const String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
-    bool checkEvalAndReportViolation(CSPDirective*, const String& consoleMessage, const String& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::OrdinalNumber::beforeFirst(), PassRefPtr<ScriptCallStack> = 0) const;
     bool checkSourceAndReportViolation(CSPDirective*, const KURL&, const String& type) const;
 …
+}
+bool CSPDirectiveList::checkInline(CSPDirective* directive) const
+{
+    return !directive || directive->allowInline();
+}
+bool CSPDirectiveList::checkNonce(const String& nonce) const
+{
+    return (m_scriptNonce.isNull()
+            || (!m_scriptNonce.isEmpty()
+                && nonce.stripWhiteSpace() == m_scriptNonce));
+}
+bool CSPDirectiveList::checkSource(CSPDirective* directive, const KURL& url) const
+{
+    return !directive || directive->allows(url);
+}
 CSPDirective* CSPDirectiveList::operativeDirective(CSPDirective* directive) const
+{
 …
+}
+bool CSPDirectiveList::checkEvalAndReportViolation(CSPDirective* directive, const String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine, PassRefPtr<ScriptCallStack> callStack) const
+{
+    if (checkEval(directive))
+        return true;
+    reportViolation(directive->text(), consoleMessage + "\"" + directive->text() + "\".\n", KURL(), contextURL, contextLine, callStack);
+    return denyIfEnforcingPolicy();
+}
+bool CSPDirectiveList::checkNonceAndReportViolation(const String& nonce, const String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+{
+    if (checkNonce(nonce))
+        return true;
+    reportViolation(m_scriptNonce, consoleMessage + "\"script-nonce " + m_scriptNonce + "\".\n", KURL(), contextURL, contextLine);
+    return denyIfEnforcingPolicy();
+}
 bool CSPDirectiveList::checkInlineAndReportViolation(CSPDirective* directive, const String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+{
     if (!directive || directive->allowInline())
+    if (checkInline(directive))
         return true;
     reportViolation(directive->text(), consoleMessage + "\"" + directive->text() + "\".\n", KURL(), contextURL, contextLine);
 …
+}
-bool CSPDirectiveList::checkNonceAndReportViolation(const String& nonce, const String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+{
-    if (m_scriptNonce.isNull() || (!m_scriptNonce.isEmpty() && nonce.stripWhiteSpace() == m_scriptNonce))
-        return true;
-    reportViolation(m_scriptNonce, consoleMessage + "\"script-nonce " + m_scriptNonce + "\".\n", KURL(), contextURL, contextLine);
-    return denyIfEnforcingPolicy();
+}
-bool CSPDirectiveList::checkEvalAndReportViolation(CSPDirective* directive, const String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine, PassRefPtr<ScriptCallStack> callStack) const
+{
-    if (checkEval(directive))
-        return true;
-    reportViolation(directive->text(), consoleMessage + "\"" + directive->text() + "\".\n", KURL(), contextURL, contextLine, callStack);
-    return denyIfEnforcingPolicy();
+}
 bool CSPDirectiveList::checkSourceAndReportViolation(CSPDirective* directive, const KURL& url, const String& type) const
+{
     if (!directive || directive->allows(url))
+    if (checkSource(directive, url))
         return true;
     String verb = type == "connect" ? "connect to" : "load the";
 …
+}
 bool CSPDirectiveList::allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+bool CSPDirectiveList::allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to execute JavaScript URL because it violates the following Content Security Policy directive: "));
+    return (checkInlineAndReportViolation(operativeDirective(m_scriptSrc.get()), consoleMessage, contextURL, contextLine)
+            && checkNonceAndReportViolation(String(), consoleMessage, contextURL, contextLine));
+}
+bool CSPDirectiveList::allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+    if (reportingStatus == ContentSecurityPolicy::SendReport) {
+        return (checkInlineAndReportViolation(operativeDirective(m_scriptSrc.get()), consoleMessage, contextURL, contextLine)
+                && checkNonceAndReportViolation(String(), consoleMessage, contextURL, contextLine));
+    } else {
+        return (checkInline(operativeDirective(m_scriptSrc.get()))
+                && checkNonce(String()));
+    }
+}
+bool CSPDirectiveList::allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to execute inline event handler because it violates the following Content Security Policy directive: "));
+    return (checkInlineAndReportViolation(operativeDirective(m_scriptSrc.get()), consoleMessage, contextURL, contextLine)
+            && checkNonceAndReportViolation(String(), consoleMessage, contextURL, contextLine));
+}
+bool CSPDirectiveList::allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+    if (reportingStatus == ContentSecurityPolicy::SendReport) {
+        return (checkInlineAndReportViolation(operativeDirective(m_scriptSrc.get()), consoleMessage, contextURL, contextLine)
+                && checkNonceAndReportViolation(String(), consoleMessage, contextURL, contextLine));
+    } else {
+        return (checkInline(operativeDirective(m_scriptSrc.get()))
+                && checkNonce(String()));
+    }
+}
+bool CSPDirectiveList::allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to execute inline script because it violates the following Content Security Policy directive: "));
+    return checkInlineAndReportViolation(operativeDirective(m_scriptSrc.get()), consoleMessage, contextURL, contextLine);
+}
+bool CSPDirectiveList::allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+    return reportingStatus == ContentSecurityPolicy::SendReport ?
+        checkInlineAndReportViolation(operativeDirective(m_scriptSrc.get()), consoleMessage, contextURL, contextLine) :
+        checkInline(operativeDirective(m_scriptSrc.get()));
+}
+bool CSPDirectiveList::allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to apply inline style because it violates the following Content Security Policy directive: "));
+    return checkInlineAndReportViolation(operativeDirective(m_styleSrc.get()), consoleMessage, contextURL, contextLine);
+}
+bool CSPDirectiveList::allowEval(PassRefPtr<ScriptCallStack> callStack) const
+    return reportingStatus == ContentSecurityPolicy::SendReport ?
+        checkInlineAndReportViolation(operativeDirective(m_styleSrc.get()), consoleMessage, contextURL, contextLine) :
+        checkInline(operativeDirective(m_styleSrc.get()));
+}
+bool CSPDirectiveList::allowEval(PassRefPtr<ScriptCallStack> callStack, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to evaluate script because it violates the following Content Security Policy directive: "));
+    return checkEvalAndReportViolation(operativeDirective(m_scriptSrc.get()), consoleMessage, String(), WTF::OrdinalNumber::beforeFirst(), callStack);
+    return reportingStatus == ContentSecurityPolicy::SendReport ?
+        checkEvalAndReportViolation(operativeDirective(m_scriptSrc.get()), consoleMessage, String(), WTF::OrdinalNumber::beforeFirst(), callStack) :
+        checkEval(operativeDirective(m_scriptSrc.get()));
+}
 …
+}
 bool CSPDirectiveList::allowScriptFromSource(const KURL& url) const
+bool CSPDirectiveList::allowScriptFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, type, ("script"));
+    return checkSourceAndReportViolation(operativeDirective(m_scriptSrc.get()), url, type);
+}
+bool CSPDirectiveList::allowObjectFromSource(const KURL& url) const
+    return reportingStatus == ContentSecurityPolicy::SendReport ?
+        checkSourceAndReportViolation(operativeDirective(m_scriptSrc.get()), url, type) :
+        checkSource(operativeDirective(m_scriptSrc.get()), url);
+}
+bool CSPDirectiveList::allowObjectFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, type, ("object"));
     if (url.isBlankURL())
         return true;
+    return checkSourceAndReportViolation(operativeDirective(m_objectSrc.get()), url, type);
+}
+bool CSPDirectiveList::allowChildFrameFromSource(const KURL& url) const
+    return reportingStatus == ContentSecurityPolicy::SendReport ?
+        checkSourceAndReportViolation(operativeDirective(m_objectSrc.get()), url, type) :
+        checkSource(operativeDirective(m_objectSrc.get()), url);
+}
+bool CSPDirectiveList::allowChildFrameFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, type, ("frame"));
     if (url.isBlankURL())
         return true;
+    return checkSourceAndReportViolation(operativeDirective(m_frameSrc.get()), url, type);
+}
+bool CSPDirectiveList::allowImageFromSource(const KURL& url) const
+    return reportingStatus == ContentSecurityPolicy::SendReport ?
+        checkSourceAndReportViolation(operativeDirective(m_frameSrc.get()), url, type) :
+        checkSource(operativeDirective(m_frameSrc.get()), url);
+}
+bool CSPDirectiveList::allowImageFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, type, ("image"));
+    return checkSourceAndReportViolation(operativeDirective(m_imgSrc.get()), url, type);
+}
+bool CSPDirectiveList::allowStyleFromSource(const KURL& url) const
+    return reportingStatus == ContentSecurityPolicy::SendReport ?
+        checkSourceAndReportViolation(operativeDirective(m_imgSrc.get()), url, type) :
+        checkSource(operativeDirective(m_imgSrc.get()), url);
+}
+bool CSPDirectiveList::allowStyleFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, type, ("style"));
+    return checkSourceAndReportViolation(operativeDirective(m_styleSrc.get()), url, type);
+}
+bool CSPDirectiveList::allowFontFromSource(const KURL& url) const
+    return reportingStatus == ContentSecurityPolicy::SendReport ?
+        checkSourceAndReportViolation(operativeDirective(m_styleSrc.get()), url, type) :
+        checkSource(operativeDirective(m_styleSrc.get()), url);
+}
+bool CSPDirectiveList::allowFontFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, type, ("font"));
+    return checkSourceAndReportViolation(operativeDirective(m_fontSrc.get()), url, type);
+}
+bool CSPDirectiveList::allowMediaFromSource(const KURL& url) const
+    return reportingStatus == ContentSecurityPolicy::SendReport ?
+        checkSourceAndReportViolation(operativeDirective(m_fontSrc.get()), url, type) :
+        checkSource(operativeDirective(m_fontSrc.get()), url);
+}
+bool CSPDirectiveList::allowMediaFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, type, ("media"));
+    return checkSourceAndReportViolation(operativeDirective(m_mediaSrc.get()), url, type);
+}
+bool CSPDirectiveList::allowConnectToSource(const KURL& url) const
+    return reportingStatus == ContentSecurityPolicy::SendReport ?
+        checkSourceAndReportViolation(operativeDirective(m_mediaSrc.get()), url, type) :
+        checkSource(operativeDirective(m_mediaSrc.get()), url);
+}
+bool CSPDirectiveList::allowConnectToSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     DEFINE_STATIC_LOCAL(String, type, ("connect"));
+    return checkSourceAndReportViolation(operativeDirective(m_connectSrc.get()), url, type);
+    return reportingStatus == ContentSecurityPolicy::SendReport ?
+        checkSourceAndReportViolation(operativeDirective(m_connectSrc.get()), url, type) :
+        checkSource(operativeDirective(m_connectSrc.get()), url);
+}
+void CSPDirectiveList::gatherReportURIs(DOMStringList& list) const
+{
+    for (size_t i = 0; i < m_reportURIs.size(); ++i)
+        list.append(m_reportURIs[i].string());
+}
 …
+}
 template<bool (CSPDirectiveList::*allowed)(PassRefPtr<ScriptCallStack>) const>
 bool isAllowedByAllWithCallStack(const CSPDirectiveListVector& policies, PassRefPtr<ScriptCallStack> callStack)
+template<bool (CSPDirectiveList::*allowed)(PassRefPtr<ScriptCallStack>, ContentSecurityPolicy::ReportingStatus) const>
+bool isAllowedByAllWithCallStack(const CSPDirectiveListVector& policies, PassRefPtr<ScriptCallStack> callStack, ContentSecurityPolicy::ReportingStatus reportingStatus)
+{
     for (size_t i = 0; i < policies.size(); ++i) {
         if (!(policies[i].get()->*allowed)(callStack))
+        if (!(policies[i].get()->*allowed)(callStack, reportingStatus))
             return false;
+    }
 …
+}
 template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumber&) const>
 bool isAllowedByAllWithContext(const CSPDirectiveListVector& policies, const String& contextURL, const WTF::OrdinalNumber& contextLine)
+template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumber&, ContentSecurityPolicy::ReportingStatus) const>
+bool isAllowedByAllWithContext(const CSPDirectiveListVector& policies, const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus)
+{
     for (size_t i = 0; i < policies.size(); ++i) {
         if (!(policies[i].get()->*allowed)(contextURL, contextLine))
+        if (!(policies[i].get()->*allowed)(contextURL, contextLine, reportingStatus))
             return false;
+    }
 …
+}
 template<bool (CSPDirectiveList::*allowFromURL)(const KURL&) const>
 bool isAllowedByAllWithURL(const CSPDirectiveListVector& policies, const KURL& url)
+template<bool (CSPDirectiveList::*allowFromURL)(const KURL&, ContentSecurityPolicy::ReportingStatus) const>
+bool isAllowedByAllWithURL(const CSPDirectiveListVector& policies, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus)
+{
     if (SchemeRegistry::schemeShouldBypassContentSecurityPolicy(url.protocol()))
 …
     for (size_t i = 0; i < policies.size(); ++i) {
         if (!(policies[i].get()->*allowFromURL)(url))
+        if (!(policies[i].get()->*allowFromURL)(url, reportingStatus))
             return false;
+    }
 …
+}
 bool ContentSecurityPolicy::allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+{
     return isAllowedByAllWithContext<&CSPDirectiveList::allowJavaScriptURLs>(m_policies, contextURL, contextLine);
+}
 bool ContentSecurityPolicy::allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+{
     return isAllowedByAllWithContext<&CSPDirectiveList::allowInlineEventHandlers>(m_policies, contextURL, contextLine);
+}
 bool ContentSecurityPolicy::allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+{
     return isAllowedByAllWithContext<&CSPDirectiveList::allowInlineScript>(m_policies, contextURL, contextLine);
+}
 bool ContentSecurityPolicy::allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine) const
+bool ContentSecurityPolicy::allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return isAllowedByAllWithContext<&CSPDirectiveList::allowJavaScriptURLs>(m_policies, contextURL, contextLine, reportingStatus);
+}
+bool ContentSecurityPolicy::allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return isAllowedByAllWithContext<&CSPDirectiveList::allowInlineEventHandlers>(m_policies, contextURL, contextLine, reportingStatus);
+}
+bool ContentSecurityPolicy::allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return isAllowedByAllWithContext<&CSPDirectiveList::allowInlineScript>(m_policies, contextURL, contextLine, reportingStatus);
+}
+bool ContentSecurityPolicy::allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
     if (m_overrideInlineStyleAllowed)
         return true;
     return isAllowedByAllWithContext<&CSPDirectiveList::allowInlineStyle>(m_policies, contextURL, contextLine);
+}
 bool ContentSecurityPolicy::allowEval(PassRefPtr<ScriptCallStack> callStack) const
+{
     return isAllowedByAllWithCallStack<&CSPDirectiveList::allowEval>(m_policies, callStack);
+    return isAllowedByAllWithContext<&CSPDirectiveList::allowInlineStyle>(m_policies, contextURL, contextLine, reportingStatus);
+}
+bool ContentSecurityPolicy::allowEval(PassRefPtr<ScriptCallStack> callStack, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return isAllowedByAllWithCallStack<&CSPDirectiveList::allowEval>(m_policies, callStack, reportingStatus);
+}
 …
+}
+bool ContentSecurityPolicy::allowScriptFromSource(const KURL& url) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowScriptFromSource>(m_policies, url);
+}
+bool ContentSecurityPolicy::allowObjectFromSource(const KURL& url) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowObjectFromSource>(m_policies, url);
+}
+bool ContentSecurityPolicy::allowChildFrameFromSource(const KURL& url) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowChildFrameFromSource>(m_policies, url);
+}
+bool ContentSecurityPolicy::allowImageFromSource(const KURL& url) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowImageFromSource>(m_policies, url);
+}
+bool ContentSecurityPolicy::allowStyleFromSource(const KURL& url) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowStyleFromSource>(m_policies, url);
+}
+bool ContentSecurityPolicy::allowFontFromSource(const KURL& url) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowFontFromSource>(m_policies, url);
+}
+bool ContentSecurityPolicy::allowMediaFromSource(const KURL& url) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowMediaFromSource>(m_policies, url);
+}
+bool ContentSecurityPolicy::allowConnectToSource(const KURL& url) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowConnectToSource>(m_policies, url);
+}
+}
+bool ContentSecurityPolicy::allowScriptFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowScriptFromSource>(m_policies, url, reportingStatus);
+}
+bool ContentSecurityPolicy::allowObjectFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowObjectFromSource>(m_policies, url, reportingStatus);
+}
+bool ContentSecurityPolicy::allowChildFrameFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowChildFrameFromSource>(m_policies, url, reportingStatus);
+}
+bool ContentSecurityPolicy::allowImageFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowImageFromSource>(m_policies, url, reportingStatus);
+}
+bool ContentSecurityPolicy::allowStyleFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowStyleFromSource>(m_policies, url, reportingStatus);
+}
+bool ContentSecurityPolicy::allowFontFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowFontFromSource>(m_policies, url, reportingStatus);
+}
+bool ContentSecurityPolicy::allowMediaFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowMediaFromSource>(m_policies, url, reportingStatus);
+}
+bool ContentSecurityPolicy::allowConnectToSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return isAllowedByAllWithURL<&CSPDirectiveList::allowConnectToSource>(m_policies, url, reportingStatus);
+}
+bool ContentSecurityPolicy::isActive() const
+{
+    return !m_policies.isEmpty();
+}
+void ContentSecurityPolicy::gatherReportURIs(DOMStringList& list) const
+{
+    for (size_t i = 0; i < m_policies.size(); ++i)
+        m_policies[i].get()->gatherReportURIs(list);
+}
+}

trunk/Source/WebCore/page/ContentSecurityPolicy.h

-                      r121883
+                      r123722
 class CSPDirectiveList;
 class ScriptCallStack;
+class DOMStringList;
 class ScriptExecutionContext;
 …
     };
+    enum ReportingStatus {
+        SendReport,
+        SuppressReport
+    };
     void didReceiveHeader(const String&, HeaderType);
     // These functions are wrong becuase they assume that there is only one header.
+    // These functions are wrong because they assume that there is only one header.
     // FIXME: Replace them with functions that return vectors.
     const String& deprecatedHeader() const;
     HeaderType deprecatedHeaderType() const;
     bool allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
     bool allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
     bool allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
     bool allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
     bool allowEval(PassRefPtr<ScriptCallStack>) const;
+    bool allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ReportingStatus = SendReport) const;
+    bool allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine, ReportingStatus = SendReport) const;
+    bool allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine, ReportingStatus = SendReport) const;
+    bool allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine, ReportingStatus = SendReport) const;
+    bool allowEval(PassRefPtr<ScriptCallStack>, ReportingStatus = SendReport) const;
     bool allowScriptNonce(const String& nonce, const String& contextURL, const WTF::OrdinalNumber& contextLine, const KURL& = KURL()) const;
     bool allowScriptFromSource(const KURL&) const;
     bool allowObjectFromSource(const KURL&) const;
     bool allowChildFrameFromSource(const KURL&) const;
     bool allowImageFromSource(const KURL&) const;
     bool allowStyleFromSource(const KURL&) const;
     bool allowFontFromSource(const KURL&) const;
     bool allowMediaFromSource(const KURL&) const;
     bool allowConnectToSource(const KURL&) const;
+    bool allowScriptFromSource(const KURL&, ReportingStatus = SendReport) const;
+    bool allowObjectFromSource(const KURL&, ReportingStatus = SendReport) const;
+    bool allowChildFrameFromSource(const KURL&, ReportingStatus = SendReport) const;
+    bool allowImageFromSource(const KURL&, ReportingStatus = SendReport) const;
+    bool allowStyleFromSource(const KURL&, ReportingStatus = SendReport) const;
+    bool allowFontFromSource(const KURL&, ReportingStatus = SendReport) const;
+    bool allowMediaFromSource(const KURL&, ReportingStatus = SendReport) const;
+    bool allowConnectToSource(const KURL&, ReportingStatus = SendReport) const;
     void setOverrideAllowInlineStyle(bool);
+    bool isActive() const;
+    void gatherReportURIs(DOMStringList&) const;
 private:

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 123722 in webkit

Legend:

Download in other formats: