1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #ifndef nsCSPUtils_h___
8 #define nsCSPUtils_h___
11 #include "nsIContentSecurityPolicy.h"
13 #include "nsLiteralString.h"
16 #include "nsUnicharUtils.h"
17 #include "mozilla/Logging.h"
21 namespace mozilla::dom
{
24 } // namespace mozilla::dom
26 /* =============== Logging =================== */
28 void CSP_LogLocalizedStr(const char* aName
, const nsTArray
<nsString
>& aParams
,
29 const nsAString
& aSourceName
,
30 const nsAString
& aSourceLine
, uint32_t aLineNumber
,
31 uint32_t aColumnNumber
, uint32_t aFlags
,
32 const nsACString
& aCategory
, uint64_t aInnerWindowID
,
33 bool aFromPrivateWindow
);
35 void CSP_GetLocalizedStr(const char* aName
, const nsTArray
<nsString
>& aParams
,
36 nsAString
& outResult
);
38 void CSP_LogStrMessage(const nsAString
& aMsg
);
40 void CSP_LogMessage(const nsAString
& aMessage
, const nsAString
& aSourceName
,
41 const nsAString
& aSourceLine
, uint32_t aLineNumber
,
42 uint32_t aColumnNumber
, uint32_t aFlags
,
43 const nsACString
& aCategory
, uint64_t aInnerWindowID
,
44 bool aFromPrivateWindow
);
46 /* =============== Constant and Type Definitions ================== */
48 #define INLINE_STYLE_VIOLATION_OBSERVER_TOPIC \
49 "violated base restriction: Inline Stylesheets will not apply"
50 #define INLINE_SCRIPT_VIOLATION_OBSERVER_TOPIC \
51 "violated base restriction: Inline Scripts will not execute"
52 #define EVAL_VIOLATION_OBSERVER_TOPIC \
53 "violated base restriction: Code will not be created from strings"
54 #define WASM_EVAL_VIOLATION_OBSERVER_TOPIC \
55 "violated base restriction: WebAssembly code will not be created from " \
57 #define SCRIPT_NONCE_VIOLATION_OBSERVER_TOPIC "Inline Script had invalid nonce"
58 #define STYLE_NONCE_VIOLATION_OBSERVER_TOPIC "Inline Style had invalid nonce"
59 #define SCRIPT_HASH_VIOLATION_OBSERVER_TOPIC "Inline Script had invalid hash"
60 #define STYLE_HASH_VIOLATION_OBSERVER_TOPIC "Inline Style had invalid hash"
62 // these strings map to the CSPDirectives in nsIContentSecurityPolicy
63 // NOTE: When implementing a new directive, you will need to add it here but
64 // also add a corresponding entry to the constants in
65 // nsIContentSecurityPolicy.idl and also create an entry for the new directive
66 // in nsCSPDirective::toDomCSPStruct() and add it to CSPDictionaries.webidl.
67 // Order of elements below important! Make sure it matches the order as in
68 // nsIContentSecurityPolicy.idl
69 static const char* CSPStrDirectives
[] = {
70 "-error-", // NO_DIRECTIVE
71 "default-src", // DEFAULT_SRC_DIRECTIVE
72 "script-src", // SCRIPT_SRC_DIRECTIVE
73 "object-src", // OBJECT_SRC_DIRECTIVE
74 "style-src", // STYLE_SRC_DIRECTIVE
75 "img-src", // IMG_SRC_DIRECTIVE
76 "media-src", // MEDIA_SRC_DIRECTIVE
77 "frame-src", // FRAME_SRC_DIRECTIVE
78 "font-src", // FONT_SRC_DIRECTIVE
79 "connect-src", // CONNECT_SRC_DIRECTIVE
80 "report-uri", // REPORT_URI_DIRECTIVE
81 "frame-ancestors", // FRAME_ANCESTORS_DIRECTIVE
82 "reflected-xss", // REFLECTED_XSS_DIRECTIVE
83 "base-uri", // BASE_URI_DIRECTIVE
84 "form-action", // FORM_ACTION_DIRECTIVE
85 "manifest-src", // MANIFEST_SRC_DIRECTIVE
86 "upgrade-insecure-requests", // UPGRADE_IF_INSECURE_DIRECTIVE
87 "child-src", // CHILD_SRC_DIRECTIVE
88 "block-all-mixed-content", // BLOCK_ALL_MIXED_CONTENT
89 "sandbox", // SANDBOX_DIRECTIVE
90 "worker-src", // WORKER_SRC_DIRECTIVE
91 "navigate-to", // NAVIGATE_TO_DIRECTIVE
92 "script-src-elem", // SCRIPT_SRC_ELEM_DIRECTIVE
93 "script-src-attr", // SCRIPT_SRC_ATTR_DIRECTIVE
94 "style-src-elem", // STYLE_SRC_ELEM_DIRECTIVE
95 "style-src-attr", // STYLE_SRC_ATTR_DIRECTIVE
98 inline const char* CSP_CSPDirectiveToString(CSPDirective aDir
) {
99 return CSPStrDirectives
[static_cast<uint32_t>(aDir
)];
102 inline CSPDirective
CSP_StringToCSPDirective(const nsAString
& aDir
) {
103 nsString lowerDir
= PromiseFlatString(aDir
);
104 ToLowerCase(lowerDir
);
106 uint32_t numDirs
= (sizeof(CSPStrDirectives
) / sizeof(CSPStrDirectives
[0]));
107 for (uint32_t i
= 1; i
< numDirs
; i
++) {
108 if (lowerDir
.EqualsASCII(CSPStrDirectives
[i
])) {
109 return static_cast<CSPDirective
>(i
);
112 return nsIContentSecurityPolicy::NO_DIRECTIVE
;
115 #define FOR_EACH_CSP_KEYWORD(MACRO) \
116 MACRO(CSP_SELF, "'self'") \
117 MACRO(CSP_UNSAFE_INLINE, "'unsafe-inline'") \
118 MACRO(CSP_UNSAFE_EVAL, "'unsafe-eval'") \
119 MACRO(CSP_NONE, "'none'") \
120 MACRO(CSP_NONCE, "'nonce-") \
121 MACRO(CSP_REPORT_SAMPLE, "'report-sample'") \
122 MACRO(CSP_STRICT_DYNAMIC, "'strict-dynamic'") \
123 MACRO(CSP_UNSAFE_ALLOW_REDIRECTS, "'unsafe-allow-redirects'") \
124 MACRO(CSP_WASM_UNSAFE_EVAL, "'wasm-unsafe-eval'")
127 #define KEYWORD_ENUM(id_, string_) id_,
128 FOR_EACH_CSP_KEYWORD(KEYWORD_ENUM
)
131 // CSP_LAST_KEYWORD_VALUE always needs to be the last element in the enum
132 // because we use it to calculate the size for the char* array.
133 CSP_LAST_KEYWORD_VALUE
,
135 // Putting CSP_HASH after the delimitor, because CSP_HASH is not a valid
136 // keyword (hash uses e.g. sha256, sha512) but we use CSP_HASH internally
137 // to identify allowed hashes in ::allows.
141 // The keywords, in UTF-8 form.
142 static const char* gCSPUTF8Keywords
[] = {
143 #define KEYWORD_UTF8_LITERAL(id_, string_) string_,
144 FOR_EACH_CSP_KEYWORD(KEYWORD_UTF8_LITERAL
)
145 #undef KEYWORD_UTF8_LITERAL
148 // The keywords, in UTF-16 form.
149 static const char16_t
* gCSPUTF16Keywords
[] = {
150 #define KEYWORD_UTF16_LITERAL(id_, string_) u"" string_,
151 FOR_EACH_CSP_KEYWORD(KEYWORD_UTF16_LITERAL
)
152 #undef KEYWORD_UTF16_LITERAL
155 #undef FOR_EACH_CSP_KEYWORD
157 inline const char* CSP_EnumToUTF8Keyword(enum CSPKeyword aKey
) {
158 // Make sure all elements in enum CSPKeyword got added to gCSPUTF8Keywords.
159 static_assert((sizeof(gCSPUTF8Keywords
) / sizeof(gCSPUTF8Keywords
[0]) ==
160 CSP_LAST_KEYWORD_VALUE
),
161 "CSP_LAST_KEYWORD_VALUE != length(gCSPUTF8Keywords)");
163 if (static_cast<uint32_t>(aKey
) <
164 static_cast<uint32_t>(CSP_LAST_KEYWORD_VALUE
)) {
165 return gCSPUTF8Keywords
[static_cast<uint32_t>(aKey
)];
167 return "error: invalid keyword in CSP_EnumToUTF8Keyword";
170 inline const char16_t
* CSP_EnumToUTF16Keyword(enum CSPKeyword aKey
) {
171 // Make sure all elements in enum CSPKeyword got added to gCSPUTF16Keywords.
172 static_assert((sizeof(gCSPUTF16Keywords
) / sizeof(gCSPUTF16Keywords
[0]) ==
173 CSP_LAST_KEYWORD_VALUE
),
174 "CSP_LAST_KEYWORD_VALUE != length(gCSPUTF16Keywords)");
176 if (static_cast<uint32_t>(aKey
) <
177 static_cast<uint32_t>(CSP_LAST_KEYWORD_VALUE
)) {
178 return gCSPUTF16Keywords
[static_cast<uint32_t>(aKey
)];
180 return u
"error: invalid keyword in CSP_EnumToUTF16Keyword";
183 inline CSPKeyword
CSP_UTF16KeywordToEnum(const nsAString
& aKey
) {
184 nsString lowerKey
= PromiseFlatString(aKey
);
185 ToLowerCase(lowerKey
);
187 for (uint32_t i
= 0; i
< CSP_LAST_KEYWORD_VALUE
; i
++) {
188 if (lowerKey
.Equals(gCSPUTF16Keywords
[i
])) {
189 return static_cast<CSPKeyword
>(i
);
192 NS_ASSERTION(false, "Can not convert unknown Keyword to Enum");
193 return CSP_LAST_KEYWORD_VALUE
;
196 nsresult
CSP_AppendCSPFromHeader(nsIContentSecurityPolicy
* aCsp
,
197 const nsAString
& aHeaderValue
,
200 /* =============== Helpers ================== */
204 nsCSPHostSrc
* CSP_CreateHostSrcFromSelfURI(nsIURI
* aSelfURI
);
205 bool CSP_IsEmptyDirective(const nsAString
& aValue
, const nsAString
& aDir
);
206 bool CSP_IsDirective(const nsAString
& aValue
, CSPDirective aDir
);
207 bool CSP_IsKeyword(const nsAString
& aValue
, enum CSPKeyword aKey
);
208 bool CSP_IsQuotelessKeyword(const nsAString
& aKey
);
209 CSPDirective
CSP_ContentTypeToDirective(nsContentPolicyType aType
);
211 class nsCSPSrcVisitor
;
213 void CSP_PercentDecodeStr(const nsAString
& aEncStr
, nsAString
& outDecStr
);
214 bool CSP_ShouldResponseInheritCSP(nsIChannel
* aChannel
);
216 void CSP_ApplyMetaCSPToDoc(mozilla::dom::Document
& aDoc
,
217 const nsAString
& aPolicyStr
);
219 /* =============== nsCSPSrc ================== */
224 virtual ~nsCSPBaseSrc();
226 virtual bool permits(nsIURI
* aUri
, const nsAString
& aNonce
,
227 bool aWasRedirected
, bool aReportOnly
,
228 bool aUpgradeInsecure
, bool aParserCreated
) const;
229 virtual bool allows(enum CSPKeyword aKeyword
, const nsAString
& aHashOrNonce
,
230 bool aParserCreated
) const;
231 virtual bool visit(nsCSPSrcVisitor
* aVisitor
) const = 0;
232 virtual void toString(nsAString
& outStr
) const = 0;
234 virtual void invalidate() const { mInvalidated
= true; }
236 virtual bool isReportSample() const { return false; }
239 // invalidate srcs if 'script-dynamic' is present or also invalidate
240 // unsafe-inline' if nonce- or hash-source specified
241 mutable bool mInvalidated
;
244 /* =============== nsCSPSchemeSrc ============ */
246 class nsCSPSchemeSrc
: public nsCSPBaseSrc
{
248 explicit nsCSPSchemeSrc(const nsAString
& aScheme
);
249 virtual ~nsCSPSchemeSrc();
251 bool permits(nsIURI
* aUri
, const nsAString
& aNonce
, bool aWasRedirected
,
252 bool aReportOnly
, bool aUpgradeInsecure
,
253 bool aParserCreated
) const override
;
254 bool visit(nsCSPSrcVisitor
* aVisitor
) const override
;
255 void toString(nsAString
& outStr
) const override
;
257 inline void getScheme(nsAString
& outStr
) const { outStr
.Assign(mScheme
); };
263 /* =============== nsCSPHostSrc ============== */
265 class nsCSPHostSrc
: public nsCSPBaseSrc
{
267 explicit nsCSPHostSrc(const nsAString
& aHost
);
268 virtual ~nsCSPHostSrc();
270 bool permits(nsIURI
* aUri
, const nsAString
& aNonce
, bool aWasRedirected
,
271 bool aReportOnly
, bool aUpgradeInsecure
,
272 bool aParserCreated
) const override
;
273 bool visit(nsCSPSrcVisitor
* aVisitor
) const override
;
274 void toString(nsAString
& outStr
) const override
;
276 void setScheme(const nsAString
& aScheme
);
277 void setPort(const nsAString
& aPort
);
278 void appendPath(const nsAString
& aPath
);
280 inline void setGeneratedFromSelfKeyword() const {
281 mGeneratedFromSelfKeyword
= true;
284 inline void setIsUniqueOrigin() const { mIsUniqueOrigin
= true; }
286 inline void setWithinFrameAncestorsDir(bool aValue
) const {
287 mWithinFrameAncstorsDir
= aValue
;
290 inline void getScheme(nsAString
& outStr
) const { outStr
.Assign(mScheme
); };
292 inline void getHost(nsAString
& outStr
) const { outStr
.Assign(mHost
); };
294 inline void getPort(nsAString
& outStr
) const { outStr
.Assign(mPort
); };
296 inline void getPath(nsAString
& outStr
) const { outStr
.Assign(mPath
); };
303 mutable bool mGeneratedFromSelfKeyword
;
304 mutable bool mIsUniqueOrigin
;
305 mutable bool mWithinFrameAncstorsDir
;
308 /* =============== nsCSPKeywordSrc ============ */
310 class nsCSPKeywordSrc
: public nsCSPBaseSrc
{
312 explicit nsCSPKeywordSrc(CSPKeyword aKeyword
);
313 virtual ~nsCSPKeywordSrc();
315 bool allows(enum CSPKeyword aKeyword
, const nsAString
& aHashOrNonce
,
316 bool aParserCreated
) const override
;
317 bool permits(nsIURI
* aUri
, const nsAString
& aNonce
, bool aWasRedirected
,
318 bool aReportOnly
, bool aUpgradeInsecure
,
319 bool aParserCreated
) const override
;
320 bool visit(nsCSPSrcVisitor
* aVisitor
) const override
;
321 void toString(nsAString
& outStr
) const override
;
323 inline CSPKeyword
getKeyword() const { return mKeyword
; };
325 inline void invalidate() const override
{
326 // keywords that need to invalidated
327 if (mKeyword
== CSP_SELF
|| mKeyword
== CSP_UNSAFE_INLINE
||
328 mKeyword
== CSP_REPORT_SAMPLE
) {
333 bool isReportSample() const override
{ return mKeyword
== CSP_REPORT_SAMPLE
; }
339 /* =============== nsCSPNonceSource =========== */
341 class nsCSPNonceSrc
: public nsCSPBaseSrc
{
343 explicit nsCSPNonceSrc(const nsAString
& aNonce
);
344 virtual ~nsCSPNonceSrc();
346 bool permits(nsIURI
* aUri
, const nsAString
& aNonce
, bool aWasRedirected
,
347 bool aReportOnly
, bool aUpgradeInsecure
,
348 bool aParserCreated
) const override
;
349 bool allows(enum CSPKeyword aKeyword
, const nsAString
& aHashOrNonce
,
350 bool aParserCreated
) const override
;
351 bool visit(nsCSPSrcVisitor
* aVisitor
) const override
;
352 void toString(nsAString
& outStr
) const override
;
354 inline void getNonce(nsAString
& outStr
) const { outStr
.Assign(mNonce
); };
356 inline void invalidate() const override
{
357 // overwrite nsCSPBaseSRC::invalidate() and explicitily
358 // do *not* invalidate, because 'strict-dynamic' should
359 // not invalidate nonces.
366 /* =============== nsCSPHashSource ============ */
368 class nsCSPHashSrc
: public nsCSPBaseSrc
{
370 nsCSPHashSrc(const nsAString
& algo
, const nsAString
& hash
);
371 virtual ~nsCSPHashSrc();
373 bool allows(enum CSPKeyword aKeyword
, const nsAString
& aHashOrNonce
,
374 bool aParserCreated
) const override
;
375 void toString(nsAString
& outStr
) const override
;
376 bool visit(nsCSPSrcVisitor
* aVisitor
) const override
;
378 inline void getAlgorithm(nsAString
& outStr
) const {
379 outStr
.Assign(mAlgorithm
);
382 inline void getHash(nsAString
& outStr
) const { outStr
.Assign(mHash
); };
384 inline void invalidate() const override
{
385 // overwrite nsCSPBaseSRC::invalidate() and explicitily
386 // do *not* invalidate, because 'strict-dynamic' should
387 // not invalidate hashes.
395 /* =============== nsCSPReportURI ============ */
397 class nsCSPReportURI
: public nsCSPBaseSrc
{
399 explicit nsCSPReportURI(nsIURI
* aURI
);
400 virtual ~nsCSPReportURI();
402 bool visit(nsCSPSrcVisitor
* aVisitor
) const override
;
403 void toString(nsAString
& outStr
) const override
;
406 nsCOMPtr
<nsIURI
> mReportURI
;
409 /* =============== nsCSPSandboxFlags ================== */
411 class nsCSPSandboxFlags
: public nsCSPBaseSrc
{
413 explicit nsCSPSandboxFlags(const nsAString
& aFlags
);
414 virtual ~nsCSPSandboxFlags();
416 bool visit(nsCSPSrcVisitor
* aVisitor
) const override
;
417 void toString(nsAString
& outStr
) const override
;
423 /* =============== nsCSPSrcVisitor ================== */
425 class nsCSPSrcVisitor
{
427 virtual bool visitSchemeSrc(const nsCSPSchemeSrc
& src
) = 0;
429 virtual bool visitHostSrc(const nsCSPHostSrc
& src
) = 0;
431 virtual bool visitKeywordSrc(const nsCSPKeywordSrc
& src
) = 0;
433 virtual bool visitNonceSrc(const nsCSPNonceSrc
& src
) = 0;
435 virtual bool visitHashSrc(const nsCSPHashSrc
& src
) = 0;
438 explicit nsCSPSrcVisitor() = default;
439 virtual ~nsCSPSrcVisitor() = default;
442 /* =============== nsCSPDirective ============= */
444 class nsCSPDirective
{
446 explicit nsCSPDirective(CSPDirective aDirective
);
447 virtual ~nsCSPDirective();
449 virtual bool permits(nsIURI
* aUri
, const nsAString
& aNonce
,
450 bool aWasRedirected
, bool aReportOnly
,
451 bool aUpgradeInsecure
, bool aParserCreated
) const;
452 virtual bool allows(enum CSPKeyword aKeyword
, const nsAString
& aHashOrNonce
,
453 bool aParserCreated
) const;
454 virtual void toString(nsAString
& outStr
) const;
455 void toDomCSPStruct(mozilla::dom::CSP
& outCSP
) const;
457 virtual void addSrcs(const nsTArray
<nsCSPBaseSrc
*>& aSrcs
) {
458 mSrcs
= aSrcs
.Clone();
461 inline bool isDefaultDirective() const {
462 return mDirective
== nsIContentSecurityPolicy::DEFAULT_SRC_DIRECTIVE
;
465 virtual bool equals(CSPDirective aDirective
) const;
467 void getReportURIs(nsTArray
<nsString
>& outReportURIs
) const;
469 bool visitSrcs(nsCSPSrcVisitor
* aVisitor
) const;
471 virtual void getDirName(nsAString
& outStr
) const;
473 bool hasReportSampleKeyword() const;
476 CSPDirective mDirective
;
477 nsTArray
<nsCSPBaseSrc
*> mSrcs
;
480 /* =============== nsCSPChildSrcDirective ============= */
483 * In CSP 3 child-src is deprecated. For backwards compatibility
484 * child-src needs to restrict:
485 * (*) frames, in case frame-src is not expicitly specified
486 * (*) workers, in case worker-src is not expicitly specified
488 class nsCSPChildSrcDirective
: public nsCSPDirective
{
490 explicit nsCSPChildSrcDirective(CSPDirective aDirective
);
491 virtual ~nsCSPChildSrcDirective();
493 void setRestrictFrames() { mRestrictFrames
= true; }
495 void setRestrictWorkers() { mRestrictWorkers
= true; }
497 virtual bool equals(CSPDirective aDirective
) const override
;
500 bool mRestrictFrames
;
501 bool mRestrictWorkers
;
504 /* =============== nsCSPScriptSrcDirective ============= */
507 * In CSP 3 worker-src restricts workers, for backwards compatibily
508 * script-src has to restrict workers as the ultimate fallback if
509 * neither worker-src nor child-src is present in a CSP.
511 class nsCSPScriptSrcDirective
: public nsCSPDirective
{
513 explicit nsCSPScriptSrcDirective(CSPDirective aDirective
);
514 virtual ~nsCSPScriptSrcDirective();
516 void setRestrictWorkers() { mRestrictWorkers
= true; }
517 void setRestrictScriptElem() { mRestrictScriptElem
= true; }
518 void setRestrictScriptAttr() { mRestrictScriptAttr
= true; }
520 bool equals(CSPDirective aDirective
) const override
;
523 bool mRestrictWorkers
= false;
524 bool mRestrictScriptElem
= false;
525 bool mRestrictScriptAttr
= false;
528 /* =============== nsCSPStyleSrcDirective ============= */
531 * In CSP 3 style-src is use as a fallback for style-src-elem and
534 class nsCSPStyleSrcDirective
: public nsCSPDirective
{
536 explicit nsCSPStyleSrcDirective(CSPDirective aDirective
);
537 virtual ~nsCSPStyleSrcDirective();
539 void setRestrictStyleElem() { mRestrictStyleElem
= true; }
540 void setRestrictStyleAttr() { mRestrictStyleAttr
= true; }
542 bool equals(CSPDirective aDirective
) const override
;
545 bool mRestrictStyleElem
= false;
546 bool mRestrictStyleAttr
= false;
549 /* =============== nsBlockAllMixedContentDirective === */
551 class nsBlockAllMixedContentDirective
: public nsCSPDirective
{
553 explicit nsBlockAllMixedContentDirective(CSPDirective aDirective
);
554 ~nsBlockAllMixedContentDirective();
556 bool permits(nsIURI
* aUri
, const nsAString
& aNonce
, bool aWasRedirected
,
557 bool aReportOnly
, bool aUpgradeInsecure
,
558 bool aParserCreated
) const override
{
562 bool permits(nsIURI
* aUri
) const { return false; }
564 bool allows(enum CSPKeyword aKeyword
, const nsAString
& aHashOrNonce
,
565 bool aParserCreated
) const override
{
569 void toString(nsAString
& outStr
) const override
;
571 void addSrcs(const nsTArray
<nsCSPBaseSrc
*>& aSrcs
) override
{
572 MOZ_ASSERT(false, "block-all-mixed-content does not hold any srcs");
575 void getDirName(nsAString
& outStr
) const override
;
578 /* =============== nsUpgradeInsecureDirective === */
581 * Upgrading insecure requests includes the following actors:
583 * The CSP implementation allowlists the http-request
584 * in case the policy is executed in enforcement mode.
585 * The CSP implementation however does not allow http
586 * requests to succeed if executed in report-only mode.
587 * In such a case the CSP implementation reports the
588 * error back to the page.
591 * The evalution of MixedContent allowlists all http
592 * requests with the promise that the http requests
593 * gets upgraded to https before any data is fetched
597 * Does not consider the http request to be of a
598 * different origin in case the scheme is the only
599 * difference in otherwise matching URIs.
602 * Before connecting, the channel gets redirected
605 * (5) WebSocketChannel:
606 * Similar to the httpChannel, the websocketchannel
607 * gets upgraded from ws to wss.
609 class nsUpgradeInsecureDirective
: public nsCSPDirective
{
611 explicit nsUpgradeInsecureDirective(CSPDirective aDirective
);
612 ~nsUpgradeInsecureDirective();
614 bool permits(nsIURI
* aUri
, const nsAString
& aNonce
, bool aWasRedirected
,
615 bool aReportOnly
, bool aUpgradeInsecure
,
616 bool aParserCreated
) const override
{
620 bool permits(nsIURI
* aUri
) const { return false; }
622 bool allows(enum CSPKeyword aKeyword
, const nsAString
& aHashOrNonce
,
623 bool aParserCreated
) const override
{
627 void toString(nsAString
& outStr
) const override
;
629 void addSrcs(const nsTArray
<nsCSPBaseSrc
*>& aSrcs
) override
{
630 MOZ_ASSERT(false, "upgrade-insecure-requests does not hold any srcs");
633 void getDirName(nsAString
& outStr
) const override
;
636 /* =============== nsCSPPolicy ================== */
641 virtual ~nsCSPPolicy();
643 bool permits(CSPDirective aDirective
, nsIURI
* aUri
, const nsAString
& aNonce
,
644 bool aWasRedirected
, bool aSpecific
, bool aParserCreated
,
645 nsAString
& outViolatedDirective
) const;
646 bool allows(CSPDirective aDirective
, enum CSPKeyword aKeyword
,
647 const nsAString
& aHashOrNonce
, bool aParserCreated
) const;
648 void toString(nsAString
& outStr
) const;
649 void toDomCSPStruct(mozilla::dom::CSP
& outCSP
) const;
651 inline void addDirective(nsCSPDirective
* aDir
) {
652 mDirectives
.AppendElement(aDir
);
655 inline void addUpgradeInsecDir(nsUpgradeInsecureDirective
* aDir
) {
656 mUpgradeInsecDir
= aDir
;
660 bool hasDirective(CSPDirective aDir
) const;
662 inline void setDeliveredViaMetaTagFlag(bool aFlag
) {
663 mDeliveredViaMetaTag
= aFlag
;
666 inline bool getDeliveredViaMetaTagFlag() const {
667 return mDeliveredViaMetaTag
;
670 inline void setReportOnlyFlag(bool aFlag
) { mReportOnly
= aFlag
; }
672 inline bool getReportOnlyFlag() const { return mReportOnly
; }
674 void getReportURIs(nsTArray
<nsString
>& outReportURIs
) const;
676 void getDirectiveStringAndReportSampleForContentType(
677 CSPDirective aDirective
, nsAString
& outDirective
,
678 bool* aReportSample
) const;
680 void getDirectiveAsString(CSPDirective aDir
, nsAString
& outDirective
) const;
682 uint32_t getSandboxFlags() const;
684 inline uint32_t getNumDirectives() const { return mDirectives
.Length(); }
686 bool visitDirectiveSrcs(CSPDirective aDir
, nsCSPSrcVisitor
* aVisitor
) const;
688 bool allowsNavigateTo(nsIURI
* aURI
, bool aWasRedirected
,
689 bool aEnforceAllowlist
) const;
692 nsUpgradeInsecureDirective
* mUpgradeInsecDir
;
693 nsTArray
<nsCSPDirective
*> mDirectives
;
695 bool mDeliveredViaMetaTag
;
698 #endif /* nsCSPUtils_h___ */