Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(273)

Side by Side Diff: Source/WebCore/page/ContentSecurityPolicy.cpp

Issue 10690118: Merge 120617 (Closed) Base URL: http://svn.webkit.org/repository/webkit/branches/chromium/1180/
Patch Set: Created 8 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-malformed-meta-expected.txt ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2011 Google, Inc. All rights reserved. 2 * Copyright (C) 2011 Google, Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
(...skipping 296 matching lines...) Expand 10 before | Expand all | Expand 10 after
307 const UChar* beginPort = 0; 307 const UChar* beginPort = 0;
308 308
309 skipWhile<isNotColonOrSlash>(position, end); 309 skipWhile<isNotColonOrSlash>(position, end);
310 310
311 if (position == end) { 311 if (position == end) {
312 // host 312 // host
313 // ^ 313 // ^
314 return parseHost(beginHost, position, host, hostHasWildcard); 314 return parseHost(beginHost, position, host, hostHasWildcard);
315 } 315 }
316 316
317 if (*position == '/') { 317 if (position < end && *position == '/') {
318 // host/path || host/ || / 318 // host/path || host/ || /
319 // ^ ^ ^ 319 // ^ ^ ^
320 if (!parseHost(beginHost, position, host, hostHasWildcard) 320 if (!parseHost(beginHost, position, host, hostHasWildcard)
321 || !parsePath(position, end, path) 321 || !parsePath(position, end, path)
322 || position != end) 322 || position != end)
323 return false; 323 return false;
324 return true; 324 return true;
325 } 325 }
326 326
327 if (*position == ':') { 327 if (position < end && *position == ':') {
328 if (end - position == 1) { 328 if (end - position == 1) {
329 // scheme: 329 // scheme:
330 // ^ 330 // ^
331 return parseScheme(begin, position, scheme); 331 return parseScheme(begin, position, scheme);
332 } 332 }
333 333
334 if (position[1] == '/') { 334 if (position[1] == '/') {
335 // scheme://host || scheme:// 335 // scheme://host || scheme://
336 // ^ ^ 336 // ^ ^
337 if (!parseScheme(begin, position, scheme) 337 if (!parseScheme(begin, position, scheme)
338 || !skipExactly(position, end, ':') 338 || !skipExactly(position, end, ':')
339 || !skipExactly(position, end, '/') 339 || !skipExactly(position, end, '/')
340 || !skipExactly(position, end, '/')) 340 || !skipExactly(position, end, '/'))
341 return false; 341 return false;
342 if (position == end) 342 if (position == end)
343 return true; 343 return true;
344 beginHost = position; 344 beginHost = position;
345 skipWhile<isNotColonOrSlash>(position, end); 345 skipWhile<isNotColonOrSlash>(position, end);
346 } 346 }
347 347
348 if (*position == ':') { 348 if (position < end && *position == ':') {
349 // host:port || scheme://host:port 349 // host:port || scheme://host:port
350 // ^ ^ 350 // ^ ^
351 beginPort = position; 351 beginPort = position;
352 skipUntil(position, end, '/'); 352 skipUntil(position, end, '/');
353 } 353 }
354 } 354 }
355 355
356 if (*position == '/') { 356 if (position < end && *position == '/') {
357 // scheme://host/path || scheme://host:port/path 357 // scheme://host/path || scheme://host:port/path
358 // ^ ^ 358 // ^ ^
359 if (position == beginHost) 359 if (position == beginHost)
360 return false; 360 return false;
361 361
362 beginPath = position; 362 beginPath = position;
363 } 363 }
364 364
365 if (!parseHost(beginHost, beginPort ? beginPort : beginPath, host, hostHasWi ldcard)) 365 if (!parseHost(beginHost, beginPort ? beginPort : beginPath, host, hostHasWi ldcard))
366 return false; 366 return false;
(...skipping 719 matching lines...) Expand 10 before | Expand all | Expand 10 after
1086 { 1086 {
1087 return isAllowedByAllWithURL<&CSPDirectiveList::allowMediaFromSource>(m_poli cies, url); 1087 return isAllowedByAllWithURL<&CSPDirectiveList::allowMediaFromSource>(m_poli cies, url);
1088 } 1088 }
1089 1089
1090 bool ContentSecurityPolicy::allowConnectToSource(const KURL& url) const 1090 bool ContentSecurityPolicy::allowConnectToSource(const KURL& url) const
1091 { 1091 {
1092 return isAllowedByAllWithURL<&CSPDirectiveList::allowConnectToSource>(m_poli cies, url); 1092 return isAllowedByAllWithURL<&CSPDirectiveList::allowConnectToSource>(m_poli cies, url);
1093 } 1093 }
1094 1094
1095 } 1095 }
OLDNEW
« no previous file with comments | « LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-malformed-meta-expected.txt ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698