chromium/third_party/blink/renderer/core/trustedtypes/trusted_type_policy_factory.cc


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124

// Copyright 2018 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "third_party/blink/renderer/core/trustedtypes/trusted_type_policy_factory.h"

#include "third_party/blink/renderer/bindings/core/v8/script_value.h"
#include "third_party/blink/renderer/bindings/core/v8/v8_trusted_html.h"
#include "third_party/blink/renderer/bindings/core/v8/v8_trusted_script.h"
#include "third_party/blink/renderer/bindings/core/v8/v8_trusted_script_url.h"
#include "third_party/blink/renderer/bindings/core/v8/v8_trusted_url.h"
#include "third_party/blink/renderer/core/dom/document.h"
#include "third_party/blink/renderer/core/frame/csp/content_security_policy.h"
#include "third_party/blink/renderer/core/frame/local_frame.h"
#include "third_party/blink/renderer/core/trustedtypes/trusted_type_policy.h"
#include "third_party/blink/renderer/platform/bindings/exception_state.h"
#include "third_party/blink/renderer/platform/runtime_enabled_features.h"
#include "third_party/blink/renderer/platform/wtf/text/string_hash.h"

namespace blink {

TrustedTypePolicy* TrustedTypePolicyFactory::createPolicy(
    const String& policy_name,
    const TrustedTypePolicyOptions* policy_options,
    bool exposed,
    ExceptionState& exception_state) {
  if (!GetFrame()
           ->GetDocument()
           ->GetContentSecurityPolicy()
           ->AllowTrustedTypePolicy(policy_name)) {
    exception_state.ThrowTypeError("Policy " + policy_name + " disallowed.");
    return nullptr;
  }
  // TODO(orsibatiz): After policy naming rules are estabilished, check for the
  // policy_name to be according to them.
  if (policy_map_.Contains(policy_name)) {
    exception_state.ThrowTypeError("Policy with name " + policy_name +
                                   " already exists.");
    return nullptr;
  }
  if (policy_name == "default" && !exposed) {
    exception_state.ThrowDOMException(DOMExceptionCode::kInvalidStateError,
                                      "The default policy must be exposed.");
    return nullptr;
  }
  TrustedTypePolicy* policy = TrustedTypePolicy::Create(
      policy_name, const_cast<TrustedTypePolicyOptions*>(policy_options),
      exposed);
  policy_map_.insert(policy_name, policy);
  return policy;
}

TrustedTypePolicy* TrustedTypePolicyFactory::getExposedPolicy(
    const String& policy_name) {
  TrustedTypePolicy* p = policy_map_.at(policy_name);
  if (p && p->exposed()) {
    return p;
  }
  return nullptr;
}

TrustedTypePolicyFactory::TrustedTypePolicyFactory(LocalFrame* frame)
    : DOMWindowClient(frame) {}

Vector<String> TrustedTypePolicyFactory::getPolicyNames() const {
  Vector<String> policyNames;
  for (const String name : policy_map_.Keys()) {
    policyNames.push_back(name);
  }
  return policyNames;
}

const WrapperTypeInfo*
TrustedTypePolicyFactory::GetWrapperTypeInfoFromScriptValue(
    ScriptState* script_state,
    const ScriptValue& script_value) {
  v8::Local<v8::Value> value = script_value.V8Value();
  v8::Isolate* isolate = script_state->GetIsolate();
  if (value.IsEmpty() || !value->IsObject() ||
      !V8DOMWrapper::IsWrapper(isolate, value))
    return nullptr;
  v8::Local<v8::Object> object = script_value.V8Value()->ToObject(isolate);
  return ToWrapperTypeInfo(object);
}

bool TrustedTypePolicyFactory::isHTML(ScriptState* script_state,
                                      const ScriptValue& script_value) {
  const WrapperTypeInfo* wrapper_type_info =
      GetWrapperTypeInfoFromScriptValue(script_state, script_value);
  return wrapper_type_info &&
         wrapper_type_info->Equals(&V8TrustedHTML::wrapper_type_info);
}

bool TrustedTypePolicyFactory::isScript(ScriptState* script_state,
                                        const ScriptValue& script_value) {
  const WrapperTypeInfo* wrapper_type_info =
      GetWrapperTypeInfoFromScriptValue(script_state, script_value);
  return wrapper_type_info &&
         wrapper_type_info->Equals(&V8TrustedScript::wrapper_type_info);
}

bool TrustedTypePolicyFactory::isScriptURL(ScriptState* script_state,
                                           const ScriptValue& script_value) {
  const WrapperTypeInfo* wrapper_type_info =
      GetWrapperTypeInfoFromScriptValue(script_state, script_value);
  return wrapper_type_info &&
         wrapper_type_info->Equals(&V8TrustedScriptURL::wrapper_type_info);
}

bool TrustedTypePolicyFactory::isURL(ScriptState* script_state,
                                     const ScriptValue& script_value) {
  const WrapperTypeInfo* wrapper_type_info =
      GetWrapperTypeInfoFromScriptValue(script_state, script_value);
  return wrapper_type_info &&
         wrapper_type_info->Equals(&V8TrustedURL::wrapper_type_info);
}

void TrustedTypePolicyFactory::Trace(blink::Visitor* visitor) {
  ScriptWrappable::Trace(visitor);
  DOMWindowClient::Trace(visitor);
  visitor->Trace(policy_map_);
}

}  // namespace blink