1/* 2 * Copyright (C) 2009 Google Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are 6 * met: 7 * 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above 11 * copyright notice, this list of conditions and the following disclaimer 12 * in the documentation and/or other materials provided with the 13 * distribution. 14 * * Neither the name of Google Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived from 16 * this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31#include "config.h" 32#include "public/web/WebSecurityPolicy.h" 33 34#include "core/loader/FrameLoader.h" 35#include "platform/weborigin/SchemeRegistry.h" 36#include "platform/weborigin/SecurityOrigin.h" 37#include "platform/weborigin/SecurityPolicy.h" 38#include "public/platform/WebString.h" 39#include "public/platform/WebURL.h" 40 41namespace blink { 42 43void WebSecurityPolicy::registerURLSchemeAsLocal(const WebString& scheme) 44{ 45 SchemeRegistry::registerURLSchemeAsLocal(scheme); 46} 47 48void WebSecurityPolicy::registerURLSchemeAsNoAccess(const WebString& scheme) 49{ 50 SchemeRegistry::registerURLSchemeAsNoAccess(scheme); 51} 52 53void WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(const WebString& scheme) 54{ 55 SchemeRegistry::registerURLSchemeAsDisplayIsolated(scheme); 56} 57 58void WebSecurityPolicy::registerURLSchemeAsSecure(const WebString& scheme) 59{ 60 SchemeRegistry::registerURLSchemeAsSecure(scheme); 61} 62 63void WebSecurityPolicy::registerURLSchemeAsCORSEnabled(const WebString& scheme) 64{ 65 SchemeRegistry::registerURLSchemeAsCORSEnabled(scheme); 66} 67 68void WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(const WebString& scheme) 69{ 70 SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(scheme); 71} 72 73void WebSecurityPolicy::registerURLSchemeAsEmptyDocument(const WebString& scheme) 74{ 75 SchemeRegistry::registerURLSchemeAsEmptyDocument(scheme); 76} 77 78void WebSecurityPolicy::addOriginAccessWhitelistEntry( 79 const WebURL& sourceOrigin, 80 const WebString& destinationProtocol, 81 const WebString& destinationHost, 82 bool allowDestinationSubdomains) 83{ 84 SecurityPolicy::addOriginAccessWhitelistEntry( 85 *SecurityOrigin::create(sourceOrigin), destinationProtocol, 86 destinationHost, allowDestinationSubdomains); 87} 88 89void WebSecurityPolicy::removeOriginAccessWhitelistEntry( 90 const WebURL& sourceOrigin, 91 const WebString& destinationProtocol, 92 const WebString& destinationHost, 93 bool allowDestinationSubdomains) 94{ 95 SecurityPolicy::removeOriginAccessWhitelistEntry( 96 *SecurityOrigin::create(sourceOrigin), destinationProtocol, 97 destinationHost, allowDestinationSubdomains); 98} 99 100void WebSecurityPolicy::resetOriginAccessWhitelists() 101{ 102 SecurityPolicy::resetOriginAccessWhitelists(); 103} 104 105WebString WebSecurityPolicy::generateReferrerHeader(WebReferrerPolicy referrerPolicy, const WebURL& url, const WebString& referrer) 106{ 107 return SecurityPolicy::generateReferrerHeader(static_cast<ReferrerPolicy>(referrerPolicy), url, referrer); 108} 109 110void WebSecurityPolicy::registerURLSchemeAsNotAllowingJavascriptURLs(const WebString& scheme) 111{ 112 SchemeRegistry::registerURLSchemeAsNotAllowingJavascriptURLs(scheme); 113} 114 115} // namespace blink 116