Context Navigation

← Previous Changeset
Next Changeset →

Changeset 125531 in webkit

Timestamp:

Aug 14, 2012 2:16:51 AM (12 years ago)

Author:

commit-queue@webkit.org

Message:

Implement the plugin-types Content Security Policy directive.
https://bugs.webkit.org/show_bug.cgi?id=91919

Patch by Mike West <mkwst@chromium.org> on 2012-08-14
Reviewed by Adam Barth.

Source/WebCore:

The CSP 1.1 editor's draft defines the 'plugin-types' directive as a
mechanism for whitelisting only specific types of plugin content on a
page. A protected resource might trust only Flash content, for instance,
and could enforce that preference via a Content Security Policy of
'plugin-types application/x-shockwave-flash'. Flash would load, no other
plugin type would.

Specification details available at: https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#plugin-types--experimental

This experimental directive is gated on the ENABLE_CSP_NEXT flag, which
is currently only enabled in Chromium.

Tests: http/tests/security/contentSecurityPolicy/1.1/plugintypes-invalid.html

http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-data.html
http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-url.html
http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-data.html
http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-url.html
http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-allowed.html
http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-blocked.html
http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-01.html
http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-02.html

loader/SubframeLoader.cpp:

(WebCore::SubframeLoader::pluginIsLoadable):

Adding a check against 'allowPluginType', and passing in both the
MIME type of the plugin, as well as the declared MIME type from the
object/embed element (ensuring that we do this correctly, even if
we're inside a PluginDocument).

(WebCore::SubframeLoader::createJavaAppletWidget):

Same as 'pluginIsLoadable', but hard-coded to
'application/x-java-applet'.

page/ContentSecurityPolicy.cpp:

(CSPDirectiveList):
(WebCore::CSPDirectiveList::logInvalidPluginTypes):

Plugin types that don't match the grammar ('not/a/mime/type') are
logged to the console, and ignored for purposes of matching.

(WebCore):
(WebCore::CSPDirectiveList::checkPluginType):

Given both the plugin type and the declared type attribute, returns
true if both types match, and are contained in the list of accepted
plugin types.

(WebCore::CSPDirectiveList::checkPluginTypeAndReportViolation):

Calls out to checkPluginType, and reports a violation if that check
fails.

(WebCore::CSPDirectiveList::allowPluginType):

Analog to the other 'CSPDirectiveList::allowXXX' methods, this
branches between simply checking the type against the policy, and
checking against the policy and then reporting violations.

(WebCore::CSPDirectiveList::parsePluginTypes):

Given a directive value, parse out the media types contained within
by splitting on spaces, and validating each token. Valid tokens are
added to 'm_pluginTypes' for use in 'checkPluginType'.

(WebCore::CSPDirectiveList::addDirective):

Wire up 'plugin-types' as a valid directive (if the ENABLE_CSP_NEXT
flag is set). This has been combined with the other implemented 1.1
header, 'script-nonce'.

(WebCore::ContentSecurityPolicy::allowPluginType):

The public interface to this set of functionality.

page/ContentSecurityPolicy.h:

LayoutTests:

http/tests/plugins/resources/mock-plugin-unknown-type.pl:

Adding a mock plugin resource that is served with a type that WebKit
doesn't understand. Using it to test a confusion attack in
plugintypes-url-02.

http/tests/security/contentSecurityPolicy/1.1/plugintypes-invalid-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-invalid.html: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-data-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-data.html: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-url-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-url.html: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-data-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-data.html: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-url-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-url.html: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-allowed-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-allowed.html: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-blocked-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-blocked.html: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-01-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-01.html: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-02-expected.txt: Added.
http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-02.html: Added.
http/tests/security/contentSecurityPolicy/object-src-none-allowed.html:
http/tests/security/contentSecurityPolicy/object-src-none-blocked.html:

Renaming the q parameter to plugin in these two tests.

http/tests/security/contentSecurityPolicy/resources/echo-object-data.pl:

Add output of explicit MIME types to the object data renderer, and
changed the q parameter to be slightly less confusingly named.
It's now plugin.

http/tests/security/contentSecurityPolicy/resources/multiple-iframe-plugin-test.js: Added.

Copy multiple-iframe-test.js, and add in plugin-specific details,
like plugin, log, and type.

(test):
(finishTesting):

Location:

trunk

Files:

: 20 added
: 8 edited

Legend:

: Unmodified
: Added
: Removed

trunk/LayoutTests/ChangeLog

-                      r125529
+                      r125531
+-08-14  Mike West  <mkwst@chromium.org>
+        Implement the plugin-types Content Security Policy directive.
+        https://bugs.webkit.org/show_bug.cgi?id=91919
+        Reviewed by Adam Barth.
+        * http/tests/plugins/resources/mock-plugin-unknown-type.pl:
+            Adding a mock plugin resource that is served with a type that WebKit
+            doesn't understand. Using it to test a confusion attack in
+            plugintypes-url-02.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-invalid-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-invalid.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-data-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-data.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-url-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-url.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-data-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-data.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-url-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-url.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-allowed-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-allowed.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-blocked-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-blocked.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-01-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-01.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-02-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-02.html: Added.
+        * http/tests/security/contentSecurityPolicy/object-src-none-allowed.html:
+        * http/tests/security/contentSecurityPolicy/object-src-none-blocked.html:
+            Renaming the `q` parameter to `plugin` in these two tests.
+        * http/tests/security/contentSecurityPolicy/resources/echo-object-data.pl:
+            Add output of explicit MIME types to the object data renderer, and
+            changed the `q` parameter to be slightly less confusingly named.
+            It's now `plugin`.
+        * http/tests/security/contentSecurityPolicy/resources/multiple-iframe-plugin-test.js: Added.
+            Copy `multiple-iframe-test.js`, and add in plugin-specific details,
+            like `plugin`, `log`, and `type`.
+        (test):
+        (finishTesting):
 -08-14  Hans Wennborg  <hans@chromium.org>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/object-src-none-allowed.html

r123978	r125531
10	10	</head>
11	11	<body>
12		<iframe src="http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-object-data.pl?q=data:application/x-webkit-test-netscape,logifloaded&log=PASS!&csp=img-src%20'none'"></iframe>
	12	<iframe src="http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-object-data.pl?plugin=data:application/x-webkit-test-netscape,logifloaded&log=PASS!&csp=img-src%20'none'"></iframe>
13	13	</body>
14	14	</html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/object-src-none-blocked.html

r123978	r125531
10	10	</head>
11	11	<body>
12		<iframe src="http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-object-data.pl?q=data:application/x-webkit-test-netscape,logifloaded&log=FAIL&csp=object-src%20'none'"></iframe>
	12	<iframe src="http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-object-data.pl?plugin=data:application/x-webkit-test-netscape,logifloaded&log=FAIL&csp=object-src%20'none'"></iframe>
13	13	</body>
14	14	</html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/resources/echo-object-data.pl

-                      r123978
+                      r125531
 print "<body>\n";
 print "<script src=\"/plugins/resources/mock-plugin-logger.js\"></script>\n";
+print "<object data=\"".$cgi->param('q')."\" log=\"".$cgi->param('log')."\"></object>\n";
+print "<object data=\"".$cgi->param('plugin')."\"\n";
+print "        log=\"".$cgi->param('log')."\"\n" if $cgi->param('log');
+print "        type=\"".$cgi->param('type')."\"\n" if $cgi->param('type');
+print "></object>\n";
 print "</body>\n";
 print "</html>\n";

trunk/Source/WebCore/ChangeLog

-                      r125530
+                      r125531
+-08-14  Mike West  <mkwst@chromium.org>
+        Implement the plugin-types Content Security Policy directive.
+        https://bugs.webkit.org/show_bug.cgi?id=91919
+        Reviewed by Adam Barth.
+        The CSP 1.1 editor's draft defines the 'plugin-types' directive as a
+        mechanism for whitelisting only specific types of plugin content on a
+        page. A protected resource might trust only Flash content, for instance,
+        and could enforce that preference via a Content Security Policy of
+        'plugin-types application/x-shockwave-flash'. Flash would load, no other
+        plugin type would.
+        Specification details available at: https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#plugin-types--experimental
+        This experimental directive is gated on the ENABLE_CSP_NEXT flag, which
+        is currently only enabled in Chromium.
+        Tests: http/tests/security/contentSecurityPolicy/1.1/plugintypes-invalid.html
+               http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-data.html
+               http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-url.html
+               http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-data.html
+               http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-url.html
+               http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-allowed.html
+               http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-blocked.html
+               http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-01.html
+               http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-02.html
+        * loader/SubframeLoader.cpp:
+        (WebCore::SubframeLoader::pluginIsLoadable):
+            Adding a check against 'allowPluginType', and passing in both the
+            MIME type of the plugin, as well as the declared MIME type from the
+            object/embed element (ensuring that we do this correctly, even if
+            we're inside a PluginDocument).
+        (WebCore::SubframeLoader::createJavaAppletWidget):
+            Same as 'pluginIsLoadable', but hard-coded to
+            'application/x-java-applet'.
+        * page/ContentSecurityPolicy.cpp:
+        (CSPDirectiveList):
+        (WebCore::CSPDirectiveList::logInvalidPluginTypes):
+            Plugin types that don't match the grammar ('not/a/mime/type') are
+            logged to the console, and ignored for purposes of matching.
+        (WebCore):
+        (WebCore::CSPDirectiveList::checkPluginType):
+            Given both the plugin type and the declared type attribute, returns
+            true if both types match, and are contained in the list of accepted
+            plugin types.
+        (WebCore::CSPDirectiveList::checkPluginTypeAndReportViolation):
+            Calls out to checkPluginType, and reports a violation if that check
+            fails.
+        (WebCore::CSPDirectiveList::allowPluginType):
+            Analog to the other 'CSPDirectiveList::allowXXX' methods, this
+            branches between simply checking the type against the policy, and
+            checking against the policy and then reporting violations.
+        (WebCore::CSPDirectiveList::parsePluginTypes):
+            Given a directive value, parse out the media types contained within
+            by splitting on spaces, and validating each token. Valid tokens are
+            added to 'm_pluginTypes' for use in 'checkPluginType'.
+        (WebCore::CSPDirectiveList::addDirective):
+            Wire up 'plugin-types' as a valid directive (if the ENABLE_CSP_NEXT
+            flag is set). This has been combined with the other implemented 1.1
+            header, 'script-nonce'.
+        (WebCore::ContentSecurityPolicy::allowPluginType):
+            The public interface to this set of functionality.
+        * page/ContentSecurityPolicy.h:
 -08-14  Charles Wei  <charles.wei@torchmobile.com.cn>

trunk/Source/WebCore/loader/SubframeLoader.cpp

-                      r124704
+                      r125531
+        }
+        if (!document()->contentSecurityPolicy()->allowObjectFromSource(url)) {
+        String declaredMimeType = document()->isPluginDocument() ?
+            document()->ownerElement()->fastGetAttribute(HTMLNames::typeAttr) :
+            pluginElement->fastGetAttribute(HTMLNames::typeAttr);
+        if (!document()->contentSecurityPolicy()->allowObjectFromSource(url)
+            || !document()->contentSecurityPolicy()->allowPluginType(mimeType, declaredMimeType, url)) {
             RenderEmbeddedObject* renderer = pluginElement->renderEmbeddedObject();
             renderer->setPluginUnavailabilityReason(RenderEmbeddedObject::PluginBlockedByContentSecurityPolicy);
 …
+        }
+        if (!element->document()->contentSecurityPolicy()->allowObjectFromSource(codeBaseURL))
+        const char javaAppletMimeType[] = "application/x-java-applet";
+        if (!element->document()->contentSecurityPolicy()->allowObjectFromSource(codeBaseURL)
+            || !element->document()->contentSecurityPolicy()->allowPluginType(javaAppletMimeType, javaAppletMimeType, codeBaseURL))
             return 0;
+    }

trunk/Source/WebCore/page/ContentSecurityPolicy.cpp

-                      r125213
+                      r125531
 #include "SecurityOrigin.h"
 #include "TextEncoding.h"
+#include <wtf/HashSet.h>
 #include <wtf/text/TextPosition.h>
 #include <wtf/text/WTFString.h>
 …
+{
     return c != ':' && c != '/';
+}
+bool isMediaTypeCharacter(UChar c)
+{
+    return !isASCIISpace(c) && c != '/';
+}
 …
     bool allowEval(PassRefPtr<ScriptCallStack>, ContentSecurityPolicy::ReportingStatus) const;
     bool allowScriptNonce(const String& nonce, const String& contextURL, const WTF::OrdinalNumber& contextLine, const KURL&) const;
+    bool allowPluginType(const String& type, const String& typeAttribute, const KURL&, ContentSecurityPolicy::ReportingStatus) const;
     bool allowScriptFromSource(const KURL&, ContentSecurityPolicy::ReportingStatus) const;
 …
     void parseReportURI(const String& name, const String& value);
     void parseScriptNonce(const String& name, const String& value);
+    void parsePluginTypes(const String& name, const String& value);
     void addDirective(const String& name, const String& value);
     void applySandboxPolicy(const String& name, const String& sandboxPolicy);
 …
     bool checkNonce(const String&) const;
     bool checkSource(CSPDirective*, const KURL&) const;
+    bool checkPluginType(const String& type, const String& typeAttribute) const;
     bool checkEvalAndReportViolation(CSPDirective*, const String& consoleMessage, const String& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::OrdinalNumber::beforeFirst(), PassRefPtr<ScriptCallStack> = 0) const;
 …
     bool checkNonceAndReportViolation(const String& nonce, const String& consoleMessage, const String& contextURL, const WTF::OrdinalNumber& contextLine) const;
     bool checkSourceAndReportViolation(CSPDirective*, const KURL&, const String& type) const;
+    bool checkPluginTypeAndReportViolation(const String& type, const String& typeAttribute, const String& consoleMessage) const;
     bool denyIfEnforcingPolicy() const { return m_reportOnly; }
 …
     Vector<KURL> m_reportURIs;
+    HashSet<String> m_pluginTypes;
+    String m_pluginTypesDirective;
     String m_scriptNonce;
 };
 …
+}
+bool CSPDirectiveList::checkPluginType(const String& type, const String& typeAttribute) const
+{
+    if (m_pluginTypesDirective.isNull())
+        return true;
+    if (typeAttribute.isEmpty() || typeAttribute.stripWhiteSpace() != type)
+        return false;
+    return m_pluginTypes.contains(type);
+}
 CSPDirective* CSPDirectiveList::operativeDirective(CSPDirective* directive) const
+{
 …
         return true;
     reportViolation(m_scriptNonce, consoleMessage + "\"script-nonce " + m_scriptNonce + "\".\n", KURL(), contextURL, contextLine);
+    return denyIfEnforcingPolicy();
+}
+bool CSPDirectiveList::checkPluginTypeAndReportViolation(const String& type, const String& typeAttribute, const String& consoleMessage) const
+{
+    if (checkPluginType(type, typeAttribute))
+        return true;
+    reportViolation(m_pluginTypesDirective, consoleMessage + "'plugin-types " + m_pluginTypesDirective + "'.\n", KURL());
     return denyIfEnforcingPolicy();
+}
 …
         return checkNonceAndReportViolation(nonce, consoleMessage, contextURL, contextLine);
     return checkNonceAndReportViolation(nonce, "Refused to load '" + url.string() + "' because it violates the following Content Security Policy directive: ", contextURL, contextLine);
+}
+bool CSPDirectiveList::allowPluginType(const String& type, const String& typeAttribute, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    return reportingStatus == ContentSecurityPolicy::SendReport ?
+        checkPluginTypeAndReportViolation(type, typeAttribute, "Refused to load '" + url.string() + "' (MIME type '" + typeAttribute + "') because it violates the following Content Security Policy Directive: ") :
+        checkPluginType(type, typeAttribute);
+}
 …
+}
+void CSPDirectiveList::parsePluginTypes(const String& name, const String& value)
+{
+    if (!m_pluginTypesDirective.isNull()) {
+        m_policy->reportDuplicateDirective(name);
+        return;
+    }
+    const UChar* begin = value.characters();
+    const UChar* position = begin;
+    const UChar* end = begin + value.length();
+    m_pluginTypesDirective = value;
+    // 'plugin-types ____;' OR 'plugin-types;'
+    if (value.isEmpty()) {
+        m_policy->reportInvalidPluginTypes(value);
+        m_pluginTypesDirective = "";
+        return;
+    }
+    while (position < end) {
+        // _____ OR _____mime1/mime1
+        // ^        ^
+        skipWhile<isASCIISpace>(position, end);
+        if (position == end)
+            return;
+        // mime1/mime1 mime2/mime2
+        // ^
+        begin = position;
+        if (!skipExactly<isMediaTypeCharacter>(position, end)) {
+            skipWhile<isNotASCIISpace>(position, end);
+            m_policy->reportInvalidPluginTypes(String(begin, position - begin));
+            continue;
+        }
+        skipWhile<isMediaTypeCharacter>(position, end);
+        // mime1/mime1 mime2/mime2
+        //      ^
+        if (!skipExactly(position, end, '/')) {
+            skipWhile<isNotASCIISpace>(position, end);
+            m_policy->reportInvalidPluginTypes(String(begin, position - begin));
+            continue;
+        }
+        // mime1/mime1 mime2/mime2
+        //       ^
+        if (!skipExactly<isMediaTypeCharacter>(position, end)) {
+            skipWhile<isNotASCIISpace>(position, end);
+            m_policy->reportInvalidPluginTypes(String(begin, position - begin));
+            continue;
+        }
+        skipWhile<isMediaTypeCharacter>(position, end);
+        // mime1/mime1 mime2/mime2 OR mime1/mime1  OR mime1/mime1/error
+        //            ^                          ^               ^
+        if (position < end && isNotASCIISpace(*position)) {
+            skipWhile<isNotASCIISpace>(position, end);
+            m_policy->reportInvalidPluginTypes(String(begin, position - begin));
+            continue;
+        }
+        m_pluginTypes.add(String(begin, position - begin));
+        ASSERT(position == end || isASCIISpace(*position));
+    }
+}
 void CSPDirectiveList::setCSPDirective(const String& name, const String& value, OwnPtr<CSPDirective>& directive)
+{
 …
     DEFINE_STATIC_LOCAL(String, defaultSrc, ("default-src"));
     DEFINE_STATIC_LOCAL(String, scriptSrc, ("script-src"));
-#if ENABLE(CSP_NEXT)
-    DEFINE_STATIC_LOCAL(String, scriptNonce, ("script-nonce"));
-#endif
     DEFINE_STATIC_LOCAL(String, objectSrc, ("object-src"));
     DEFINE_STATIC_LOCAL(String, frameSrc, ("frame-src"));
 …
     DEFINE_STATIC_LOCAL(String, sandbox, ("sandbox"));
     DEFINE_STATIC_LOCAL(String, reportURI, ("report-uri"));
+#if ENABLE(CSP_NEXT)
+    DEFINE_STATIC_LOCAL(String, scriptNonce, ("script-nonce"));
+    DEFINE_STATIC_LOCAL(String, pluginTypes, ("plugin-types"));
+#endif
     ASSERT(!name.isEmpty());
 …
     else if (equalIgnoringCase(name, scriptNonce))
         parseScriptNonce(name, value);
+    else if (equalIgnoringCase(name, pluginTypes))
+        parsePluginTypes(name, value);
 #endif
     else
 …
+{
     return isAllowedByAllWithNonce<&CSPDirectiveList::allowScriptNonce>(m_policies, nonce, contextURL, contextLine, url);
+}
+bool ContentSecurityPolicy::allowPluginType(const String& type, const String& typeAttribute, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    for (size_t i = 0; i < m_policies.size(); ++i) {
+        if (!m_policies[i].get()->allowPluginType(type, typeAttribute, url, reportingStatus))
+            return false;
+    }
+    return true;
+}
 …
+}
+void ContentSecurityPolicy::reportInvalidPluginTypes(const String& pluginType) const
+{
+    String message;
+    if (pluginType.isNull())
+        message = "'plugin-types' Content Security Policy directive is empty; all plugins will be blocked.\n";
+    else
+        message = makeString("Invalid plugin type in 'plugin-types' Content Security Policy directive: '", pluginType, "'.\n");
+    logToConsole(message);
+}
 void ContentSecurityPolicy::reportInvalidNonce(const String& nonce) const
+{

trunk/Source/WebCore/page/ContentSecurityPolicy.h

-                      r125213
+                      r125531
     bool allowEval(PassRefPtr<ScriptCallStack>, ReportingStatus = SendReport) const;
     bool allowScriptNonce(const String& nonce, const String& contextURL, const WTF::OrdinalNumber& contextLine, const KURL& = KURL()) const;
+    bool allowPluginType(const String& type, const String& typeAttribute, const KURL&, ReportingStatus = SendReport) const;
     bool allowScriptFromSource(const KURL&, ReportingStatus = SendReport) const;
 …
     void reportIgnoredPathComponent(const String& directiveName, const String& completeSource, const String& path) const;
     void reportInvalidNonce(const String&) const;
+    void reportInvalidPluginTypes(const String&) const;
     void reportInvalidSourceExpression(const String& directiveName, const String& source) const;
     void reportUnrecognizedDirective(const String&) const;

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 125531 in webkit

Legend:

Download in other formats: