summaryrefslogtreecommitdiff
path: root/Source/WebCore/dom/SecurityContext.h
diff options
context:
space:
mode:
Diffstat (limited to 'Source/WebCore/dom/SecurityContext.h')
-rw-r--r--Source/WebCore/dom/SecurityContext.h44
1 files changed, 26 insertions, 18 deletions
diff --git a/Source/WebCore/dom/SecurityContext.h b/Source/WebCore/dom/SecurityContext.h
index 2db5d0d29..23976f66d 100644
--- a/Source/WebCore/dom/SecurityContext.h
+++ b/Source/WebCore/dom/SecurityContext.h
@@ -13,7 +13,7 @@
* THIS SOFTWARE IS PROVIDED BY GOOGLE, INC. ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
@@ -24,16 +24,16 @@
*
*/
-#ifndef SecurityContext_h
-#define SecurityContext_h
+#pragma once
-#include <wtf/PassRefPtr.h>
+#include <memory>
+#include <wtf/Forward.h>
#include <wtf/RefPtr.h>
-#include <wtf/text/WTFString.h>
namespace WebCore {
class SecurityOrigin;
+class SecurityOriginPolicy;
class ContentSecurityPolicy;
class URL;
@@ -48,8 +48,7 @@ enum SandboxFlag {
SandboxTopNavigation = 1 << 5,
SandboxPopups = 1 << 6, // See https://www.w3.org/Bugs/Public/show_bug.cgi?id=12393
SandboxAutomaticFeatures = 1 << 7,
- SandboxSeamlessIframes = 1 << 8,
- SandboxPointerLock = 1 << 9,
+ SandboxPointerLock = 1 << 8,
SandboxAll = -1 // Mask with all bits set to 1.
};
@@ -57,7 +56,6 @@ typedef int SandboxFlags;
class SecurityContext {
public:
- SecurityOrigin* securityOrigin() const { return m_securityOrigin.get(); }
SandboxFlags sandboxFlags() const { return m_sandboxFlags; }
ContentSecurityPolicy* contentSecurityPolicy() { return m_contentSecurityPolicy.get(); }
@@ -66,33 +64,43 @@ public:
void enforceSandboxFlags(SandboxFlags mask);
bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; }
+ SecurityOriginPolicy* securityOriginPolicy() const { return m_securityOriginPolicy.get(); }
+
// Explicitly override the security origin for this security context.
// Note: It is dangerous to change the security origin of a script context
// that already contains content.
- void setSecurityOrigin(PassRefPtr<SecurityOrigin>);
+ void setSecurityOriginPolicy(RefPtr<SecurityOriginPolicy>&&);
+
+ WEBCORE_EXPORT SecurityOrigin* securityOrigin() const;
static SandboxFlags parseSandboxPolicy(const String& policy, String& invalidTokensErrorMessage);
+ static bool isSupportedSandboxPolicy(StringView);
+
+ bool foundMixedContent() const { return m_foundMixedContent; }
+ void setFoundMixedContent() { m_foundMixedContent = true; }
+ bool geolocationAccessed() const { return m_geolocationAccessed; }
+ void setGeolocationAccessed() { m_geolocationAccessed = true; }
+
+ bool isStrictMixedContentMode() const { return m_isStrictMixedContentMode; }
+ void setStrictMixedContentMode(bool strictMixedContentMode) { m_isStrictMixedContentMode = strictMixedContentMode; }
protected:
SecurityContext();
virtual ~SecurityContext();
- void setContentSecurityPolicy(PassOwnPtr<ContentSecurityPolicy>);
+ void setContentSecurityPolicy(std::unique_ptr<ContentSecurityPolicy>);
void didFailToInitializeSecurityOrigin() { m_haveInitializedSecurityOrigin = false; }
bool haveInitializedSecurityOrigin() const { return m_haveInitializedSecurityOrigin; }
- // Set in Document::initSecurityContext() at Document creation, per:
- // http://www.whatwg.org/specs/web-apps/current-work/#attr-iframe-seamless
- bool m_mayDisplaySeamlesslyWithParent;
-
private:
bool m_haveInitializedSecurityOrigin;
SandboxFlags m_sandboxFlags;
- RefPtr<SecurityOrigin> m_securityOrigin;
- OwnPtr<ContentSecurityPolicy> m_contentSecurityPolicy;
+ RefPtr<SecurityOriginPolicy> m_securityOriginPolicy;
+ std::unique_ptr<ContentSecurityPolicy> m_contentSecurityPolicy;
+ bool m_foundMixedContent { false };
+ bool m_geolocationAccessed { false };
+ bool m_isStrictMixedContentMode { false };
};
} // namespace WebCore
-
-#endif // SecurityContext_h
View Lorry Controller Status