CSPSourceList::CSPSourceList(ContentSecurityPolicy* policy, const String& directiveName)
: m_policy(policy)
, m_directiveName(directiveName)
+ , m_allowSelf(false)
, m_allowStar(false)
, m_allowInline(false)
, m_allowEval(false)
KURL effectiveURL = SecurityOrigin::shouldUseInnerURL(url) ? SecurityOrigin::extractInnerURL(url) : url;
+ if (m_allowSelf && m_policy->urlMatchesSelf(effectiveURL))
+ return true;
+
for (size_t i = 0; i < m_list.size(); ++i) {
if (m_list[i].matches(effectiveURL))
return true;
String scheme, host, path;
int port = 0;
- bool hostHasWildcard = false;
- bool portHasWildcard = false;
+ CSPSource::WildcardDisposition hostWildcard = CSPSource::NoWildcard;
+ CSPSource::WildcardDisposition portWildcard = CSPSource::NoWildcard;
- if (parseSource(beginSource, position, scheme, host, port, path, hostHasWildcard, portHasWildcard)) {
+ if (parseSource(beginSource, position, scheme, host, port, path, hostWildcard, portWildcard)) {
// Wildcard hosts and keyword sources ('self', 'unsafe-inline',
// etc.) aren't stored in m_list, but as attributes on the source
// list itself.
continue;
if (m_policy->isDirectiveName(host))
m_policy->reportDirectiveAsSourceExpression(m_directiveName, host);
- m_list.append(CSPSource(m_policy, scheme, host, port, path, hostHasWildcard, portHasWildcard));
+ m_list.append(CSPSource(m_policy, scheme, host, port, path, hostWildcard, portWildcard));
} else {
m_policy->reportInvalidSourceExpression(m_directiveName, String(beginSource, position - beginSource));
}
// source = scheme ":"
// / ( [ scheme "://" ] host [ port ] [ path ] )
// / "'self'"
-bool CSPSourceList::parseSource(const UChar* begin, const UChar* end, String& scheme, String& host, int& port, String& path, bool& hostHasWildcard, bool& portHasWildcard)
+bool CSPSourceList::parseSource(const UChar* begin, const UChar* end, String& scheme, String& host, int& port, String& path, CSPSource::WildcardDisposition& hostWildcard, CSPSource::WildcardDisposition& portWildcard)
{
if (begin == end)
return false;
if (position == end) {
// host
// ^
- return parseHost(beginHost, position, host, hostHasWildcard);
+ return parseHost(beginHost, position, host, hostWildcard);
}
if (position < end && *position == '/') {
// host/path || host/ || /
// ^ ^ ^
- return parseHost(beginHost, position, host, hostHasWildcard) && parsePath(position, end, path);
+ return parseHost(beginHost, position, host, hostWildcard) && parsePath(position, end, path);
}
if (position < end && *position == ':') {
|| !skipExactly<UChar>(position, end, '/'))
return false;
if (position == end)
- return true;
+ return false;
beginHost = position;
skipWhile<UChar, isNotColonOrSlash>(position, end);
}
beginPath = position;
}
- if (!parseHost(beginHost, beginPort ? beginPort : beginPath, host, hostHasWildcard))
+ if (!parseHost(beginHost, beginPort ? beginPort : beginPath, host, hostWildcard))
return false;
if (beginPort) {
- if (!parsePort(beginPort, beginPath, port, portHasWildcard))
+ if (!parsePort(beginPort, beginPath, port, portWildcard))
return false;
} else {
port = 0;
// / "*"
// host-char = ALPHA / DIGIT / "-"
//
-bool CSPSourceList::parseHost(const UChar* begin, const UChar* end, String& host, bool& hostHasWildcard)
+bool CSPSourceList::parseHost(const UChar* begin, const UChar* end, String& host, CSPSource::WildcardDisposition& hostWildcard)
{
ASSERT(begin <= end);
ASSERT(host.isEmpty());
- ASSERT(!hostHasWildcard);
+ ASSERT(hostWildcard == CSPSource::NoWildcard);
if (begin == end)
return false;
const UChar* position = begin;
if (skipExactly<UChar>(position, end, '*')) {
- hostHasWildcard = true;
+ hostWildcard = CSPSource::HasWildcard;
if (position == end)
return true;
// port = ":" ( 1*DIGIT / "*" )
//
-bool CSPSourceList::parsePort(const UChar* begin, const UChar* end, int& port, bool& portHasWildcard)
+bool CSPSourceList::parsePort(const UChar* begin, const UChar* end, int& port, CSPSource::WildcardDisposition& portWildcard)
{
ASSERT(begin <= end);
ASSERT(!port);
- ASSERT(!portHasWildcard);
+ ASSERT(portWildcard == CSPSource::NoWildcard);
if (!skipExactly<UChar>(begin, end, ':'))
ASSERT_NOT_REACHED();
if (end - begin == 1 && *begin == '*') {
port = 0;
- portHasWildcard = true;
+ portWildcard = CSPSource::HasWildcard;
return true;
}
void CSPSourceList::addSourceSelf()
{
- m_list.append(CSPSource(m_policy, m_policy->securityOrigin()->protocol(), m_policy->securityOrigin()->host(), m_policy->securityOrigin()->port(), String(), false, false));
+ m_allowSelf = true;
}
void CSPSourceList::addSourceStar()