Home | History | Annotate | Download | only in csp

Lines Matching refs:ContentSecurityPolicy

27 #include "core/frame/csp/ContentSecurityPolicy.h"
70 const char ContentSecurityPolicy::ConnectSrc[] = "connect-src";
71 const char ContentSecurityPolicy::DefaultSrc[] = "default-src";
72 const char ContentSecurityPolicy::FontSrc[] = "font-src";
73 const char ContentSecurityPolicy::FrameSrc[] = "frame-src";
74 const char ContentSecurityPolicy::ImgSrc[] = "img-src";
75 const char ContentSecurityPolicy::MediaSrc[] = "media-src";
76 const char ContentSecurityPolicy::ObjectSrc[] = "object-src";
77 const char ContentSecurityPolicy::ReportURI[] = "report-uri";
78 const char ContentSecurityPolicy::Sandbox[] = "sandbox";
79 const char ContentSecurityPolicy::ScriptSrc[] = "script-src";
80 const char ContentSecurityPolicy::StyleSrc[] = "style-src";
83 const char ContentSecurityPolicy::BaseURI[] = "base-uri";
84 const char ContentSecurityPolicy::ChildSrc[] = "child-src";
85 const char ContentSecurityPolicy::FormAction[] = "form-action";
86 const char ContentSecurityPolicy::FrameAncestors[] = "frame-ancestors";
87 const char ContentSecurityPolicy::PluginTypes[] = "plugin-types";
88 const char ContentSecurityPolicy::ReflectedXSS[] = "reflected-xss";
89 const char ContentSecurityPolicy::Referrer[] = "referrer";
91 bool ContentSecurityPolicy::isDirectiveName(const String& name)
118         return UseCounter::ContentSecurityPolicy;
133 ContentSecurityPolicy::ContentSecurityPolicy(ExecutionContext* executionContext)
141 ContentSecurityPolicy::~ContentSecurityPolicy()
145 void ContentSecurityPolicy::copyStateFrom(const ContentSecurityPolicy* other)
152 void ContentSecurityPolicy::didReceiveHeaders(const ContentSecurityPolicyResponseHeaders& headers)
154     if (!headers.contentSecurityPolicy().isEmpty())
155         didReceiveHeader(headers.contentSecurityPolicy(), ContentSecurityPolicyHeaderTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP);
160 void ContentSecurityPolicy::didReceiveHeader(const String& header, ContentSecurityPolicyHeaderType type, ContentSecurityPolicyHeaderSource source)
165 void ContentSecurityPolicy::addPolicyFromHeaderValue(const String& header, ContentSecurityPolicyHeaderType type, ContentSecurityPolicyHeaderSource source)
215 void ContentSecurityPolicy::setOverrideAllowInlineStyle(bool value)
220 const String& ContentSecurityPolicy::deprecatedHeader() const
225 ContentSecurityPolicyHeaderType ContentSecurityPolicy::deprecatedHeaderType() const
230 template<bool (CSPDirectiveList::*allowed)(ContentSecurityPolicy::ReportingStatus) const>
231 bool isAllowedByAll(const CSPDirectiveListVector& policies, ContentSecurityPolicy::ReportingStatus reportingStatus)
240 template<bool (CSPDirectiveList::*allowed)(ScriptState* scriptState, ContentSecurityPolicy::ReportingStatus) const>
241 bool isAllowedByAllWithState(const CSPDirectiveListVector& policies, ScriptState* scriptState, ContentSecurityPolicy::ReportingStatus reportingStatus)
250 template<bool (CSPDirectiveList::*allowed)(const String&, const WTF::OrdinalNumber&, ContentSecurityPolicy::ReportingStatus) const>
251 bool isAllowedByAllWithContext(const CSPDirectiveListVector& policies, const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus)
280 template<bool (CSPDirectiveList::*allowFromURL)(const KURL&, ContentSecurityPolicy::ReportingStatus) const>
281 bool isAllowedByAllWithURL(const CSPDirectiveListVector& policies, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus)
293 template<bool (CSPDirectiveList::*allowed)(LocalFrame*, ContentSecurityPolicy::ReportingStatus) const>
294 bool isAllowedByAllWithFrame(const CSPDirectiveListVector& policies, LocalFrame* frame, ContentSecurityPolicy::ReportingStatus reportingStatus)
339 bool ContentSecurityPolicy::allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
344 bool ContentSecurityPolicy::allowInlineEventHandlers(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
349 bool ContentSecurityPolicy::allowInlineScript(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
354 bool ContentSecurityPolicy::allowInlineStyle(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
361 bool ContentSecurityPolicy::allowEval(ScriptState* scriptState, ContentSecurityPolicy::ReportingStatus reportingStatus) const
366 String ContentSecurityPolicy::evalDisabledErrorMessage() const
375 bool ContentSecurityPolicy::allowPluginType(const String& type, const String& typeAttribute, const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
384 bool ContentSecurityPolicy::allowScriptFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
389 bool ContentSecurityPolicy::allowScriptNonce(const String& nonce) const
394 bool ContentSecurityPolicy::allowStyleNonce(const String& nonce) const
399 bool ContentSecurityPolicy::allowScriptHash(const String& source) const
404 bool ContentSecurityPolicy::allowStyleHash(const String& source) const
409 void ContentSecurityPolicy::usesScriptHashAlgorithms(uint8_t algorithms)
414 void ContentSecurityPolicy::usesStyleHashAlgorithms(uint8_t algorithms)
419 bool ContentSecurityPolicy::allowObjectFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
424 bool ContentSecurityPolicy::allowChildFrameFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
429 bool ContentSecurityPolicy::allowImageFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
434 bool ContentSecurityPolicy::allowStyleFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
439 bool ContentSecurityPolicy::allowFontFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
444 bool ContentSecurityPolicy::allowMediaFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
449 bool ContentSecurityPolicy::allowConnectToSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
454 bool ContentSecurityPolicy::allowFormAction(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
459 bool ContentSecurityPolicy::allowBaseURI(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
464 bool ContentSecurityPolicy::allowAncestors(LocalFrame* frame, ContentSecurityPolicy::ReportingStatus reportingStatus) const
469 bool ContentSecurityPolicy::allowChildContextFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
474 bool ContentSecurityPolicy::allowWorkerContextFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
489 bool ContentSecurityPolicy::isActive() const
494 ReflectedXSSDisposition ContentSecurityPolicy::reflectedXSSDisposition() const
504 ReferrerPolicy ContentSecurityPolicy::referrerPolicy() const
519 bool ContentSecurityPolicy::didSetReferrerPolicy() const
528 SecurityOrigin* ContentSecurityPolicy::securityOrigin() const
533 const KURL ContentSecurityPolicy::url() const
538 KURL ContentSecurityPolicy::completeURL(const String& url) const
543 void ContentSecurityPolicy::enforceSandboxFlags(SandboxFlags mask) const
588 void ContentSecurityPolicy::reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL>& reportURIs, const String& header)
648 void ContentSecurityPolicy::reportInvalidReferrer(const String& invalidValue) const
653 void ContentSecurityPolicy::reportReportOnlyInMeta(const String& header) const
658 void ContentSecurityPolicy::reportMetaOutsideHead(const String& header) const
663 void ContentSecurityPolicy::reportInvalidInReportOnly(const String& name) const
668 void ContentSecurityPolicy::reportUnsupportedDirective(const String& name) const
688 void ContentSecurityPolicy::reportDirectiveAsSourceExpression(const String& directiveName, const String& sourceExpression) const
694 void ContentSecurityPolicy::reportDuplicateDirective(const String& name) const
700 void ContentSecurityPolicy::reportInvalidPluginTypes(const String& pluginType) const
710 void ContentSecurityPolicy::reportInvalidSandboxFlags(const String& invalidFlags) const
715 void ContentSecurityPolicy::reportInvalidReflectedXSS(const String& invalidValue) const
720 void ContentSecurityPolicy::reportInvalidDirectiveValueCharacter(const String& directiveName, const String& value) const
726 void ContentSecurityPolicy::reportInvalidPathCharacter(const String& directiveName, const String& value, const char invalidChar) const
737 void ContentSecurityPolicy::reportInvalidSourceExpression(const String& directiveName, const String& source) const
745 void ContentSecurityPolicy::reportMissingReportURI(const String& policy) const
750 void ContentSecurityPolicy::logToConsole(const String& message) const
755 void ContentSecurityPolicy::reportBlockedScriptExecutionToInspector(const String& directiveText) const
760 bool ContentSecurityPolicy::experimentalFeaturesEnabled() const
765 bool ContentSecurityPolicy::shouldBypassMainWorld(ExecutionContext* context)
775 bool ContentSecurityPolicy::shouldSendViolationReport(const String& report) const
781 void ContentSecurityPolicy::didSendViolationReport(const String& report)