Changeset 78569 in webkit
- Timestamp:
- Feb 15, 2011 8:47:38 AM (13 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r78567 r78569 1 2011-02-15 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Eric Seidel. 4 5 Sketch script-src for Content Security Policy 6 https://bugs.webkit.org/show_bug.cgi?id=54381 7 8 * http/tests/security/contentSecurityPolicy/script-loads-with-img-src-expected.txt: Added. 9 * http/tests/security/contentSecurityPolicy/script-loads-with-img-src.html: Added. 10 - Test that we don't block scripts when the policy is just img-src. 11 * http/tests/security/contentSecurityPolicy/script-src-in-iframe.html: 12 * http/tests/security/contentSecurityPolicy/script-src-none.html: 13 * http/tests/security/contentSecurityPolicy/script-src-redirect.html: 14 - Turns out we need to escape the ; character in order for it to be 15 echoed back correctly in the header. 16 1 17 2011-02-15 Mario Sanchez Prada <msanchez@igalia.com> 2 18 -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-in-iframe.html
r78058 r78569 13 13 Loads an iframe (a) which loads an iframe (b) which in turns tries to load an external script. The iframe (a) has a content security policy disabling external scripts. As this policy does not apply to (b), the script should be executed. 14 14 </p> 15 <iframe src="http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-iframe.pl?q=http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script-src.html&csp=allow%20* ;%20script-src%20'none'"></iframe>15 <iframe src="http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-iframe.pl?q=http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script-src.html&csp=allow%20*%3B%20script-src%20'none'"></iframe> 16 16 </body> 17 17 </html> -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-none.html
r78058 r78569 13 13 Loads an iframe which in turns tries to load an external script. The iframe has a content security policy disabling external scripts. So the script should not get executed. 14 14 </p> 15 <iframe src="http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-script-src.pl?should_run=no&q=http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js&csp=allow%20* ;%20script-src%20'none'"></iframe>15 <iframe src="http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-script-src.pl?should_run=no&q=http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js&csp=allow%20*%3B%20script-src%20'none'"></iframe> 16 16 </body> 17 17 </html> -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-redirect.html
r78058 r78569 13 13 Loads an iframe which in turns tries to load an external script. The request for the script is redirected to 'localhost'. The iframe has a content security policy disabling external scripts from hosts other than 'localhost'. So the script should be allowed to run. 14 14 </p> 15 <iframe src="http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-script-src.pl?should_run=yes&csp=allow%20* ;%20script-src%20'localhost'&q=http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redir.php%3furl=http://localhost:8000/security/contentSecurityPolicy/resources/script.js"></iframe>15 <iframe src="http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-script-src.pl?should_run=yes&csp=allow%20*%3B%20script-src%20'localhost'&q=http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redir.php%3furl=http://localhost:8000/security/contentSecurityPolicy/resources/script.js"></iframe> 16 16 </body> 17 17 </html> -
trunk/Source/WebCore/ChangeLog
r78568 r78569 1 2011-02-15 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Eric Seidel. 4 5 Sketch script-src for Content Security Policy 6 https://bugs.webkit.org/show_bug.cgi?id=54381 7 8 This patch provides a sketch of the script-src directive. We still do 9 not parse the value of the directive, and the wiring into the rest of 10 WebCore is incorrect, but those are things we can fix in future 11 patches. For the momemnt, this patch lets us test what we're doing. 12 13 Test: http/tests/security/contentSecurityPolicy/script-loads-with-img-src.html 14 15 * page/ContentSecurityPolicy.cpp: 16 (WebCore::CSPDirective::CSPDirective): 17 (WebCore::CSPDirective::allows): 18 (WebCore::ContentSecurityPolicy::didReceiveHeader): 19 (WebCore::ContentSecurityPolicy::canLoadExternalScriptFromSrc): 20 (WebCore::ContentSecurityPolicy::parse): 21 (WebCore::ContentSecurityPolicy::emitDirective): 22 * page/ContentSecurityPolicy.h: 23 1 24 2011-02-15 Antti Koivisto <antti@apple.com> 2 25 -
trunk/Source/WebCore/page/ContentSecurityPolicy.cpp
r78497 r78569 32 32 class CSPDirective { 33 33 public: 34 CSPDirective(const String& name, const String& value) 35 : m_name(name) 36 , m_value(value) 34 explicit CSPDirective(const String& value) 35 : m_value(value) 37 36 { 38 37 } 39 38 40 const String& name() const { return m_name; } 41 const String& value() const { return m_value; } 39 bool allows(const KURL&) 40 { 41 return false; 42 } 42 43 43 44 private: 44 String m_name;45 45 String m_value; 46 46 }; 47 47 48 48 ContentSecurityPolicy::ContentSecurityPolicy() 49 : m_ isEnabled(false)49 : m_havePolicy(false) 50 50 { 51 51 } … … 57 57 void ContentSecurityPolicy::didReceiveHeader(const String& header) 58 58 { 59 if ( !m_directives.isEmpty())59 if (m_havePolicy) 60 60 return; // The first policy wins. 61 61 62 m_isEnabled = true;63 62 parse(header); 63 m_havePolicy = true; 64 64 } 65 65 66 bool ContentSecurityPolicy::canLoadExternalScriptFromSrc(const String& ) const66 bool ContentSecurityPolicy::canLoadExternalScriptFromSrc(const String& url) const 67 67 { 68 return !m_ isEnabled;68 return !m_scriptSrc || m_scriptSrc->allows(KURL(ParsedURLString, url)); 69 69 } 70 70 71 71 void ContentSecurityPolicy::parse(const String& policy) 72 72 { 73 ASSERT( m_directives.isEmpty());73 ASSERT(!m_havePolicy); 74 74 75 75 if (policy.isEmpty()) 76 76 return; 77 78 const UChar* pos = policy.characters(); 79 const UChar* end = pos + policy.length(); 80 81 while (pos < end) { 82 Vector<UChar, 32> name; 83 Vector<UChar, 64> value; 84 85 parseDirective(pos, end, name, value); 86 if (name.isEmpty()) 87 continue; 88 89 // We use a copy here instead of String::adopt because we expect 90 // the name and the value to be relatively short, so the copy will 91 // be cheaper than the extra malloc. 92 emitDirective(String(name), String(value)); 93 } 94 } 95 96 void ContentSecurityPolicy::parseDirective(const UChar*& pos, const UChar* end, Vector<UChar, 32>& name, Vector<UChar, 64>& value) 97 { 98 ASSERT(pos < end); 99 ASSERT(name.isEmpty()); 100 ASSERT(value.isEmpty()); 77 101 78 102 enum { … … 82 106 DirectiveValue, 83 107 } state = BeforeDirectiveName; 84 85 const UChar* pos = policy.characters();86 const UChar* end = pos + policy.length();87 88 Vector<UChar, 32> name;89 Vector<UChar, 64> value;90 108 91 109 while (pos < end) { … … 114 132 continue; 115 133 } 116 // We use a copy here instead of String::adopt because we expect 117 // the name and the value to be relatively short, so the copy will 118 // be cheaper than the extra malloc. 119 // FIXME: Perform directive-specific parsing of the value. 120 m_directives.append(CSPDirective(String(name), String(value))); 121 name.clear(); 122 value.clear(); 123 state = BeforeDirectiveName; 124 continue; 134 return; 125 135 } 126 136 } 127 137 } 128 138 139 void ContentSecurityPolicy::emitDirective(const String& name, const String& value) 140 { 141 DEFINE_STATIC_LOCAL(String, scriptSrc, ("script-src")); 142 143 ASSERT(!name.isEmpty()); 144 145 if (!m_scriptSrc && equalIgnoringCase(name, scriptSrc)) 146 m_scriptSrc = adoptPtr(new CSPDirective(value)); 129 147 } 148 149 } -
trunk/Source/WebCore/page/ContentSecurityPolicy.h
r78497 r78569 44 44 45 45 private: 46 typedef Vector<CSPDirective> DirectiveList; 46 void parse(const String&); 47 void parseDirective(const UChar*& pos, const UChar* end, Vector<UChar, 32>& name, Vector<UChar, 64>& value); 48 void emitDirective(const String& name, const String& value); 47 49 48 void parse(const String&); 49 50 bool m_isEnabled; 51 DirectiveList m_directives; 50 bool m_havePolicy; 51 OwnPtr<CSPDirective> m_scriptSrc; 52 52 }; 53 53
Note: See TracChangeset
for help on using the changeset viewer.