diff options
Diffstat (limited to 'chromium/third_party/blink/renderer/bindings/core/v8/isolated_world_csp.h')
-rw-r--r-- | chromium/third_party/blink/renderer/bindings/core/v8/isolated_world_csp.h | 34 |
1 files changed, 26 insertions, 8 deletions
diff --git a/chromium/third_party/blink/renderer/bindings/core/v8/isolated_world_csp.h b/chromium/third_party/blink/renderer/bindings/core/v8/isolated_world_csp.h index 99c61b6fdc7..615cf1d1868 100644 --- a/chromium/third_party/blink/renderer/bindings/core/v8/isolated_world_csp.h +++ b/chromium/third_party/blink/renderer/bindings/core/v8/isolated_world_csp.h @@ -7,11 +7,15 @@ #include "base/macros.h" #include "third_party/blink/renderer/core/core_export.h" +#include "third_party/blink/renderer/platform/weborigin/security_origin.h" #include "third_party/blink/renderer/platform/wtf/hash_map.h" #include "third_party/blink/renderer/platform/wtf/text/wtf_string.h" namespace blink { +class ContentSecurityPolicy; +class Document; + // A singleton storing content security policy for each isolated world. class CORE_EXPORT IsolatedWorldCSP { public: @@ -19,21 +23,35 @@ class CORE_EXPORT IsolatedWorldCSP { // Associated an isolated world with a Content Security Policy. Resources // embedded into the main world's DOM from script executed in an isolated - // world should be restricted based on the isolated world's DOM, not the + // world should be restricted based on the isolated world's CSP, not the // main world's. // - // FIXME: Right now, resource injection simply bypasses the main world's - // DOM. More work is necessary to allow the isolated world's policy to be - // applied correctly. - void SetContentSecurityPolicy(int world_id, const String& policy); + // TODO(crbug.com/896041): Right now, resource injection simply bypasses the + // main world's CSP. More work is necessary to allow the isolated world's + // policy to be applied correctly. + // Note: If |policy| is null, the PolicyInfo for |world_id| is cleared. If + // |policy| is specified, |self_origin| must not be null. + void SetContentSecurityPolicy(int world_id, + const String& policy, + scoped_refptr<SecurityOrigin> self_origin); bool HasContentSecurityPolicy(int world_id) const; + // Creates a ContentSecurityPolicy instance for the given isolated |world_id| + // and |document|. Returns null if no ContentSecurityPolicy is defined for the + // given isolated |world_id|. + ContentSecurityPolicy* CreateIsolatedWorldCSP(Document& document, + int world_id); + private: + struct PolicyInfo { + String policy; + scoped_refptr<SecurityOrigin> self_origin; + }; + IsolatedWorldCSP(); - // Map from the isolated world |world_id| to a bool denoting if it has a CSP - // defined. - HashMap<int, bool> csp_map_; + // Map from the isolated world |world_id| to its PolicyInfo. + HashMap<int, PolicyInfo> csp_map_; DISALLOW_COPY_AND_ASSIGN(IsolatedWorldCSP); }; |