1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "config.h" 6 #include "core/frame/csp/SourceListDirective.h" 7 8 #include "core/frame/csp/CSPSourceList.h" 9 #include "core/frame/csp/ContentSecurityPolicy.h" 10 #include "platform/network/ContentSecurityPolicyParsers.h" 11 #include "platform/weborigin/KURL.h" 12 #include "wtf/text/WTFString.h" 13 14 namespace WebCore { 15 16 SourceListDirective::SourceListDirective(const String& name, const String& value, ContentSecurityPolicy* policy) 17 : CSPDirective(name, value, policy) 18 , m_sourceList(policy, name) 19 { 20 Vector<UChar> characters; 21 value.appendTo(characters); 22 23 m_sourceList.parse(characters.data(), characters.data() + characters.size()); 24 } 25 26 bool SourceListDirective::allows(const KURL& url) const 27 { 28 return m_sourceList.matches(url.isEmpty() ? policy()->url() : url); 29 } 30 31 bool SourceListDirective::allowInline() const 32 { 33 return m_sourceList.allowInline(); 34 } 35 36 bool SourceListDirective::allowEval() const 37 { 38 return m_sourceList.allowEval(); 39 } 40 41 bool SourceListDirective::allowNonce(const String& nonce) const 42 { 43 return m_sourceList.allowNonce(nonce.stripWhiteSpace()); 44 } 45 46 bool SourceListDirective::allowHash(const CSPHashValue& hashValue) const 47 { 48 return m_sourceList.allowHash(hashValue); 49 } 50 51 bool SourceListDirective::isHashOrNoncePresent() const 52 { 53 return m_sourceList.isHashOrNoncePresent(); 54 } 55 56 uint8_t SourceListDirective::hashAlgorithmsUsed() const 57 { 58 return m_sourceList.hashAlgorithmsUsed(); 59 } 60 61 } // namespace WebCore 62 63