Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(5645)

Unified Diff: chrome/common/extensions/csp_validator.h

Issue 10458063: Add sanbdoxed_pages to allow extension/app pages to be served in a sandboxed, unique origin (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: CheckCurrentContextAccessToExtensionAPI Created 8 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: chrome/common/extensions/csp_validator.h
diff --git a/chrome/common/extensions/csp_validator.h b/chrome/common/extensions/csp_validator.h
index 640efd59f2385b03d1d35d7288bef2cb8de4992d..347ef27d32caf18c569f15cbb61c25fe4304f174 100644
--- a/chrome/common/extensions/csp_validator.h
+++ b/chrome/common/extensions/csp_validator.h
@@ -8,6 +8,8 @@
#include <string>
+#include "chrome/common/extensions/extension.h"
+
namespace extensions {
namespace csp_validator {
@@ -26,6 +28,15 @@ bool ContentSecurityPolicyIsLegal(const std::string& policy);
// forbidden for scripts and objects.
bool ContentSecurityPolicyIsSecure(const std::string& policy);
+// Checks whether the given |policy| enforces a unique origin sandbox as
+// defined by http://www.whatwg.org/specs/web-apps/current-work/multipage/
+// the-iframe-element.html#attr-iframe-sandbox. The policy must have the
+// "sandbox" directive, and the sandbox tokens must not include
+// "allow-same-origin". Additional restrictions may be imposed depending on
+// |type|.
+bool ContentSecurityPolicyIsSandboxed(
+ const std::string& policy, Extension::Type type);
+
} // namespace csp_validator
} // namespace extensions

Powered by Google App Engine
This is Rietveld 408576698