summaryrefslogtreecommitdiff
path: root/chromium/third_party/blink/renderer/core/execution_context/security_context_init.h
blob: e6157437da63bda404c12834c9a051d5439679c5 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118

// Copyright 2020 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef THIRD_PARTY_BLINK_RENDERER_CORE_EXECUTION_CONTEXT_SECURITY_CONTEXT_INIT_H_
#define THIRD_PARTY_BLINK_RENDERER_CORE_EXECUTION_CONTEXT_SECURITY_CONTEXT_INIT_H_

#include "services/network/public/mojom/web_sandbox_flags.mojom-blink.h"
#include "third_party/blink/public/common/feature_policy/feature_policy.h"
#include "third_party/blink/public/mojom/feature_policy/feature_policy_feature.mojom-blink.h"
#include "third_party/blink/renderer/core/execution_context/execution_context.h"
#include "third_party/blink/renderer/core/feature_policy/feature_policy_parser_delegate.h"
#include "third_party/blink/renderer/core/frame/web_feature.h"
#include "third_party/blink/renderer/platform/heap/handle.h"
#include "third_party/blink/renderer/platform/wtf/hash_set.h"
#include "third_party/blink/renderer/platform/wtf/vector.h"

namespace blink {
class Agent;
class ContentSecurityPolicy;
class Document;
class DocumentInit;
class Frame;
class LocalFrame;
class OriginTrialContext;
class SecurityOrigin;

class CORE_EXPORT SecurityContextInit : public FeaturePolicyParserDelegate {
  STACK_ALLOCATED();

 public:
  SecurityContextInit();
  SecurityContextInit(scoped_refptr<SecurityOrigin>,
                      OriginTrialContext*,
                      Agent*);
  explicit SecurityContextInit(const DocumentInit&);

  const scoped_refptr<SecurityOrigin>& GetSecurityOrigin() const {
    return security_origin_;
  }

  network::mojom::blink::WebSandboxFlags GetSandboxFlags() const {
    return sandbox_flags_;
  }

  ContentSecurityPolicy* GetCSP() const { return csp_; }

  // Returns nullptr if SecurityContext is used for non-Document contexts(i.e.,
  // workers and tests).
  std::unique_ptr<FeaturePolicy> CreateFeaturePolicy() const;
  // Returns nullptr if SecurityContext is used for non-Document contexts(i.e.,
  // workers and tests).
  // Returns nullptr if there is no 'Feature-Policy-Report-Only' header present
  // in http response.
  std::unique_ptr<FeaturePolicy> CreateReportOnlyFeaturePolicy() const;

  std::unique_ptr<DocumentPolicy> CreateDocumentPolicy() const;
  std::unique_ptr<DocumentPolicy> CreateReportOnlyDocumentPolicy() const;

  const ParsedFeaturePolicy& FeaturePolicyHeader() const {
    return feature_policy_header_;
  }

  OriginTrialContext* GetOriginTrialContext() const { return origin_trials_; }

  Agent* GetAgent() const { return agent_; }
  SecureContextMode GetSecureContextMode() const {
    DCHECK(secure_context_mode_.has_value());
    return secure_context_mode_.value();
  }

  void CountFeaturePolicyUsage(mojom::WebFeature feature) override {
    feature_count_.insert(feature);
  }

  bool FeaturePolicyFeatureObserved(
      mojom::blink::FeaturePolicyFeature) override;
  bool FeatureEnabled(OriginTrialFeature feature) const override;

  void ApplyPendingDataToDocument(Document&) const;

  bool BindCSPImmediately() const { return bind_csp_immediately_; }

 private:
  void InitializeContentSecurityPolicy(const DocumentInit&);
  void InitializeOrigin(const DocumentInit&);
  void InitializeSandboxFlags(const DocumentInit&);
  void InitializeDocumentPolicy(const DocumentInit&);
  void InitializeFeaturePolicy(const DocumentInit&);
  void InitializeSecureContextMode(const DocumentInit&);
  void InitializeOriginTrials(const DocumentInit&);
  void InitializeAgent(const DocumentInit&);

  scoped_refptr<SecurityOrigin> security_origin_;
  network::mojom::blink::WebSandboxFlags sandbox_flags_ =
      network::mojom::blink::WebSandboxFlags::kNone;
  DocumentPolicy::ParsedDocumentPolicy document_policy_;
  DocumentPolicy::ParsedDocumentPolicy report_only_document_policy_;
  bool initialized_feature_policy_state_ = false;
  Vector<String> feature_policy_parse_messages_;
  Vector<String> report_only_feature_policy_parse_messages_;
  ParsedFeaturePolicy feature_policy_header_;
  ParsedFeaturePolicy report_only_feature_policy_header_;
  LocalFrame* frame_for_opener_feature_state_ = nullptr;
  Frame* parent_frame_ = nullptr;
  ParsedFeaturePolicy container_policy_;
  ContentSecurityPolicy* csp_ = nullptr;
  OriginTrialContext* origin_trials_ = nullptr;
  Agent* agent_ = nullptr;
  HashSet<mojom::blink::FeaturePolicyFeature> parsed_feature_policies_;
  HashSet<mojom::WebFeature> feature_count_;
  bool bind_csp_immediately_ = false;
  base::Optional<SecureContextMode> secure_context_mode_;
};

}  // namespace blink

#endif  // THIRD_PARTY_BLINK_RENDERER_CORE_EXECUTION_CONTEXT_SECURITY_CONTEXT_INIT_H_
View Lorry Controller Status