diff options
Diffstat (limited to 'chromium/content/common/content_security_policy')
9 files changed, 74 insertions, 76 deletions
diff --git a/chromium/content/common/content_security_policy/content_security_policy.cc b/chromium/content/common/content_security_policy/content_security_policy.cc index 0a5565c573c..d024d304959 100644 --- a/chromium/content/common/content_security_policy/content_security_policy.cc +++ b/chromium/content/common/content_security_policy/content_security_policy.cc @@ -57,7 +57,7 @@ void ReportViolation(CSPContext* context, const CSPDirective& directive, const CSPDirective::Name directive_name, const GURL& url, - bool is_redirect, + bool has_followed_redirect, const SourceLocation& source_location) { // We should never have a violation against `child-src` or `default-src` // directly; the effective directive should always be one of the explicit @@ -71,8 +71,8 @@ void ReportViolation(CSPContext* context, // renderers. GURL safe_url = url; SourceLocation safe_source_location = source_location; - context->SanitizeDataForUseInCspViolation(is_redirect, directive_name, - &safe_url, &safe_source_location); + context->SanitizeDataForUseInCspViolation( + has_followed_redirect, directive_name, &safe_url, &safe_source_location); std::stringstream message; @@ -103,7 +103,7 @@ void ReportViolation(CSPContext* context, CSPDirective::NameToString(directive.name), CSPDirective::NameToString(directive_name), message.str(), safe_url, policy.report_endpoints, policy.use_reporting_api, - policy.header.header_value, policy.header.type, is_redirect, + policy.header.header_value, policy.header.type, has_followed_redirect, safe_source_location)); } @@ -112,16 +112,16 @@ bool AllowDirective(CSPContext* context, const CSPDirective& directive, CSPDirective::Name directive_name, const GURL& url, - bool is_redirect, + bool has_followed_redirect, bool is_response_check, const SourceLocation& source_location) { - if (CSPSourceList::Allow(directive.source_list, url, context, is_redirect, - is_response_check)) { + if (CSPSourceList::Allow(directive.source_list, url, context, + has_followed_redirect, is_response_check)) { return true; } - ReportViolation(context, policy, directive, directive_name, url, is_redirect, - source_location); + ReportViolation(context, policy, directive, directive_name, url, + has_followed_redirect, source_location); return false; } @@ -164,7 +164,7 @@ ContentSecurityPolicy::~ContentSecurityPolicy() = default; bool ContentSecurityPolicy::Allow(const ContentSecurityPolicy& policy, CSPDirective::Name directive_name, const GURL& url, - bool is_redirect, + bool has_followed_redirect, bool is_response_check, CSPContext* context, const SourceLocation& source_location, @@ -184,9 +184,9 @@ bool ContentSecurityPolicy::Allow(const ContentSecurityPolicy& policy, const CSPDirective* current_directive = FindDirective(current_directive_name, policy.directives); if (current_directive) { - bool allowed = - AllowDirective(context, policy, *current_directive, directive_name, - url, is_redirect, is_response_check, source_location); + bool allowed = AllowDirective(context, policy, *current_directive, + directive_name, url, has_followed_redirect, + is_response_check, source_location); return allowed || policy.header.type == blink::kWebContentSecurityPolicyTypeReport; } diff --git a/chromium/content/common/content_security_policy/content_security_policy.h b/chromium/content/common/content_security_policy/content_security_policy.h index abac1dead71..70113daae39 100644 --- a/chromium/content/common/content_security_policy/content_security_policy.h +++ b/chromium/content/common/content_security_policy/content_security_policy.h @@ -44,7 +44,7 @@ struct CONTENT_EXPORT ContentSecurityPolicy { static bool Allow(const ContentSecurityPolicy& policy, CSPDirective::Name directive, const GURL& url, - bool is_redirect, + bool has_followed_redirect, bool is_response_check, CSPContext* context, const SourceLocation& source_location, diff --git a/chromium/content/common/content_security_policy/content_security_policy_unittest.cc b/chromium/content/common/content_security_policy/content_security_policy_unittest.cc index a7e57115ffc..a8b5be93ab8 100644 --- a/chromium/content/common/content_security_policy/content_security_policy_unittest.cc +++ b/chromium/content/common/content_security_policy/content_security_policy_unittest.cc @@ -269,7 +269,6 @@ TEST(ContentSecurityPolicy, NavigateToChecks) { struct TestCase { const CSPSourceList& navigate_to_list; const GURL& url; - bool is_redirect; bool is_response_check; bool expected; bool is_form_submission; @@ -277,48 +276,45 @@ TEST(ContentSecurityPolicy, NavigateToChecks) { } cases[] = { // Basic source matching. {none_source_list, GURL("https://example.test"), false, false, false, - false, nullptr}, - {example_source_list, GURL("https://example.test"), false, false, true, - false, nullptr}, + nullptr}, + {example_source_list, GURL("https://example.test"), false, true, false, + nullptr}, {example_source_list, GURL("https://not-example.test"), false, false, - false, false, nullptr}, - {self_source_list, GURL("https://example.test"), false, false, true, false, nullptr}, + {self_source_list, GURL("https://example.test"), false, true, false, + nullptr}, // Checking allow_redirect flag interactions. - {redirects_source_list, GURL("https://example.test"), false, false, true, - false, nullptr}, - {redirects_source_list, GURL("https://example.test"), true, false, true, - false, nullptr}, - {redirects_source_list, GURL("https://example.test"), true, true, true, - false, nullptr}, {redirects_source_list, GURL("https://example.test"), false, true, false, - false, nullptr}, + nullptr}, + {redirects_source_list, GURL("https://example.test"), true, false, false, + nullptr}, {redirects_example_source_list, GURL("https://example.test"), false, true, - true, false, nullptr}, + false, nullptr}, + {redirects_example_source_list, GURL("https://example.test"), true, true, + false, nullptr}, // Interaction with form-action // Form submission without form-action present - {none_source_list, GURL("https://example.test"), false, false, false, - true, nullptr}, - {example_source_list, GURL("https://example.test"), false, false, true, - true, nullptr}, + {none_source_list, GURL("https://example.test"), false, false, true, + nullptr}, + {example_source_list, GURL("https://example.test"), false, true, true, + nullptr}, {example_source_list, GURL("https://not-example.test"), false, false, - false, true, nullptr}, - {self_source_list, GURL("https://example.test"), false, false, true, true, + true, nullptr}, + {self_source_list, GURL("https://example.test"), false, true, true, nullptr}, // Form submission with form-action present - {none_source_list, GURL("https://example.test"), false, false, true, true, + {none_source_list, GURL("https://example.test"), false, true, true, &example_source_list}, - {example_source_list, GURL("https://example.test"), false, false, true, - true, &example_source_list}, - {example_source_list, GURL("https://not-example.test"), false, false, - true, true, &example_source_list}, - {self_source_list, GURL("https://example.test"), false, false, true, true, + {example_source_list, GURL("https://example.test"), false, true, true, + &example_source_list}, + {example_source_list, GURL("https://not-example.test"), false, true, true, + &example_source_list}, + {self_source_list, GURL("https://example.test"), false, true, true, &example_source_list}, - }; for (const auto& test : cases) { @@ -333,11 +329,14 @@ TEST(ContentSecurityPolicy, NavigateToChecks) { ContentSecurityPolicy policy(EmptyCspHeader(), directives, report_end_points, false); - EXPECT_EQ(test.expected, - ContentSecurityPolicy::Allow( - policy, CSPDirective::NavigateTo, test.url, test.is_redirect, - test.is_response_check, &context, SourceLocation(), - test.is_form_submission)); + EXPECT_EQ(test.expected, ContentSecurityPolicy::Allow( + policy, CSPDirective::NavigateTo, test.url, + true, test.is_response_check, &context, + SourceLocation(), test.is_form_submission)); + EXPECT_EQ(test.expected, ContentSecurityPolicy::Allow( + policy, CSPDirective::NavigateTo, test.url, + false, test.is_response_check, &context, + SourceLocation(), test.is_form_submission)); } } diff --git a/chromium/content/common/content_security_policy/csp_context.cc b/chromium/content/common/content_security_policy/csp_context.cc index 94b0a96ce6e..f83e3166ba5 100644 --- a/chromium/content/common/content_security_policy/csp_context.cc +++ b/chromium/content/common/content_security_policy/csp_context.cc @@ -32,7 +32,7 @@ CSPContext::~CSPContext() {} bool CSPContext::IsAllowedByCsp(CSPDirective::Name directive_name, const GURL& url, - bool is_redirect, + bool has_followed_redirect, bool is_response_check, const SourceLocation& source_location, CheckCSPDisposition check_csp_disposition, @@ -44,8 +44,8 @@ bool CSPContext::IsAllowedByCsp(CSPDirective::Name directive_name, for (const auto& policy : policies_) { if (ShouldCheckPolicy(policy, check_csp_disposition)) { allow &= ContentSecurityPolicy::Allow( - policy, directive_name, url, is_redirect, is_response_check, this, - source_location, is_form_submission); + policy, directive_name, url, has_followed_redirect, is_response_check, + this, source_location, is_form_submission); } } @@ -80,7 +80,7 @@ void CSPContext::SetSelf(const url::Origin origin) { // When the origin is unique, no URL should match with 'self'. That's why // |self_source_| stays undefined here. - if (origin.unique()) + if (origin.opaque()) return; if (origin.scheme() == url::kFileScheme) { @@ -105,7 +105,7 @@ bool CSPContext::SchemeShouldBypassCSP(const base::StringPiece& scheme) { } void CSPContext::SanitizeDataForUseInCspViolation( - bool is_redirect, + bool has_followed_redirect, CSPDirective::Name directive, GURL* blocked_url, SourceLocation* source_location) const { diff --git a/chromium/content/common/content_security_policy/csp_context.h b/chromium/content/common/content_security_policy/csp_context.h index e7f1ceedbe9..fb86c02fc4c 100644 --- a/chromium/content/common/content_security_policy/csp_context.h +++ b/chromium/content/common/content_security_policy/csp_context.h @@ -48,7 +48,7 @@ class CONTENT_EXPORT CSPContext { // Returns true when the request can proceed, false otherwise. bool IsAllowedByCsp(CSPDirective::Name directive_name, const GURL& url, - bool is_redirect, + bool has_followed_redirect, bool is_response_check, const SourceLocation& source_location, CheckCSPDisposition check_csp_disposition, @@ -92,7 +92,7 @@ class CONTENT_EXPORT CSPContext { // without the round trip in the renderer process. // See https://crbug.com/721329 virtual void SanitizeDataForUseInCspViolation( - bool is_redirect, + bool has_followed_redirect, CSPDirective::Name directive, GURL* blocked_url, SourceLocation* source_location) const; diff --git a/chromium/content/common/content_security_policy/csp_source.cc b/chromium/content/common/content_security_policy/csp_source.cc index 69b7db2ca28..9ada01e8dbb 100644 --- a/chromium/content/common/content_security_policy/csp_source.cc +++ b/chromium/content/common/content_security_policy/csp_source.cc @@ -103,8 +103,8 @@ PortMatchingResult SourceAllowPort(const CSPSource& source, const GURL& url) { bool SourceAllowPath(const CSPSource& source, const GURL& url, - bool is_redirect) { - if (is_redirect) + bool has_followed_redirect) { + if (has_followed_redirect) return true; if (source.path.empty() || url.path().empty()) @@ -174,7 +174,7 @@ CSPSource::~CSPSource() = default; bool CSPSource::Allow(const CSPSource& source, const GURL& url, CSPContext* context, - bool is_redirect) { + bool has_followed_redirect) { if (source.IsSchemeOnly()) return SourceAllowScheme(source, url, context) != SchemeMatchingResult::NotMatching; @@ -190,7 +190,7 @@ bool CSPSource::Allow(const CSPSource& source, return schemeResult != SchemeMatchingResult::NotMatching && SourceAllowHost(source, url) && portResult != PortMatchingResult::NotMatching && - SourceAllowPath(source, url, is_redirect); + SourceAllowPath(source, url, has_followed_redirect); } std::string CSPSource::ToString() const { diff --git a/chromium/content/common/content_security_policy/csp_source.h b/chromium/content/common/content_security_policy/csp_source.h index 62670ed77f8..de2c051945c 100644 --- a/chromium/content/common/content_security_policy/csp_source.h +++ b/chromium/content/common/content_security_policy/csp_source.h @@ -59,7 +59,7 @@ struct CONTENT_EXPORT CSPSource { static bool Allow(const CSPSource& source, const GURL& url, CSPContext* context, - bool is_redirect = false); + bool has_followed_redirect = false); }; } // namespace content diff --git a/chromium/content/common/content_security_policy/csp_source_list.cc b/chromium/content/common/content_security_policy/csp_source_list.cc index 4bf358daa1d..343c4c1bb07 100644 --- a/chromium/content/common/content_security_policy/csp_source_list.cc +++ b/chromium/content/common/content_security_policy/csp_source_list.cc @@ -11,9 +11,9 @@ namespace { bool AllowFromSources(const GURL& url, const std::vector<CSPSource>& sources, CSPContext* context, - bool is_redirect) { + bool has_followed_redirect) { for (const CSPSource& source : sources) { - if (CSPSource::Allow(source, url, context, is_redirect)) + if (CSPSource::Allow(source, url, context, has_followed_redirect)) return true; } return false; @@ -22,15 +22,18 @@ bool AllowFromSources(const GURL& url, }; // namespace CSPSourceList::CSPSourceList() - : allow_self(false), allow_star(false), allow_redirects(false), sources() {} + : allow_self(false), + allow_star(false), + allow_response_redirects(false), + sources() {} CSPSourceList::CSPSourceList(bool allow_self, bool allow_star, - bool allow_redirects, + bool allow_response_redirects, std::vector<CSPSource> sources) : allow_self(allow_self), allow_star(allow_star), - allow_redirects(allow_redirects), + allow_response_redirects(allow_response_redirects), sources(sources) {} CSPSourceList::CSPSourceList(const CSPSourceList&) = default; @@ -40,21 +43,16 @@ CSPSourceList::~CSPSourceList() = default; bool CSPSourceList::Allow(const CSPSourceList& source_list, const GURL& url, CSPContext* context, - bool is_redirect, + bool has_followed_redirect, bool is_response_check) { // If the source list allows all redirects, the decision can't be made until // the response is received. - if (source_list.allow_redirects && !is_response_check) + if (source_list.allow_response_redirects && !is_response_check) return true; // If the source list does not allow all redirects, the decision has already // been made when checking the request. - if (!source_list.allow_redirects && is_response_check) - return true; - - // If the source list allows all redirects, all responses that are a redirect - // are allowed. - if (source_list.allow_redirects && is_response_check && is_redirect) + if (!source_list.allow_response_redirects && is_response_check) return true; // Wildcards match network schemes ('http', 'https', 'ftp', 'ws', 'wss'), and @@ -73,11 +71,12 @@ bool CSPSourceList::Allow(const CSPSourceList& source_list, if (source_list.allow_self && context->self_source() && CSPSource::Allow(context->self_source().value(), url, context, - is_redirect)) { + has_followed_redirect)) { return true; } - return AllowFromSources(url, source_list.sources, context, is_redirect); + return AllowFromSources(url, source_list.sources, context, + has_followed_redirect); } std::string CSPSourceList::ToString() const { diff --git a/chromium/content/common/content_security_policy/csp_source_list.h b/chromium/content/common/content_security_policy/csp_source_list.h index 94af77554dd..a1ce31f83c0 100644 --- a/chromium/content/common/content_security_policy/csp_source_list.h +++ b/chromium/content/common/content_security_policy/csp_source_list.h @@ -18,7 +18,7 @@ struct CONTENT_EXPORT CSPSourceList { CSPSourceList(); CSPSourceList(bool allow_self, bool allow_star, - bool allow_redirects, + bool allow_response_redirects, std::vector<CSPSource> source_list); CSPSourceList(const CSPSourceList&); ~CSPSourceList(); @@ -27,7 +27,7 @@ struct CONTENT_EXPORT CSPSourceList { // on the source list itself. bool allow_self; bool allow_star; - bool allow_redirects; + bool allow_response_redirects; std::vector<CSPSource> sources; std::string ToString() const; @@ -39,7 +39,7 @@ struct CONTENT_EXPORT CSPSourceList { static bool Allow(const CSPSourceList& source_list, const GURL& url, CSPContext* context, - bool is_redirect = false, + bool has_followed_redirect = false, bool is_response_check = false); }; |