1 /* 2 * Copyright (C) 2009 Google Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are 6 * met: 7 * 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above 11 * copyright notice, this list of conditions and the following disclaimer 12 * in the documentation and/or other materials provided with the 13 * distribution. 14 * * Neither the name of Google Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived from 16 * this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #ifndef WebSecurityPolicy_h 32 #define WebSecurityPolicy_h 33 34 #include "../platform/WebCommon.h" 35 #include "../platform/WebReferrerPolicy.h" 36 37 namespace blink { 38 39 class WebString; 40 class WebURL; 41 42 class WebSecurityPolicy { 43 public: 44 // Registers a URL scheme to be treated as a local scheme (i.e., with the 45 // same security rules as those applied to "file" URLs). This means that 46 // normal pages cannot link to or access URLs of this scheme. 47 BLINK_EXPORT static void registerURLSchemeAsLocal(const WebString&); 48 49 // Registers a URL scheme to be treated as a noAccess scheme. This means 50 // that pages loaded with this URL scheme cannot access pages loaded with 51 // any other URL scheme. 52 BLINK_EXPORT static void registerURLSchemeAsNoAccess(const WebString&); 53 54 // Registers a URL scheme to be treated as display-isolated. This means 55 // that pages cannot display these URLs unless they are from the same 56 // scheme. For example, pages in other origin cannot create iframes or 57 // hyperlinks to URLs with the scheme. 58 BLINK_EXPORT static void registerURLSchemeAsDisplayIsolated(const WebString&); 59 60 // Registers a URL scheme to not generate mixed content warnings when 61 // included by an HTTPS page. 62 BLINK_EXPORT static void registerURLSchemeAsSecure(const WebString&); 63 64 // Registers a non-HTTP URL scheme which can be sent CORS requests. 65 BLINK_EXPORT static void registerURLSchemeAsCORSEnabled(const WebString&); 66 67 // Registers a URL scheme whose resources can be loaded regardless of a page's Content Security Policy. 68 BLINK_EXPORT static void registerURLSchemeAsBypassingContentSecurityPolicy(const WebString&); 69 70 // Registers a URL scheme as strictly empty documents, allowing them to 71 // commit synchronously. 72 BLINK_EXPORT static void registerURLSchemeAsEmptyDocument(const WebString&); 73 74 // Support for whitelisting access to origins beyond the same-origin policy. 75 BLINK_EXPORT static void addOriginAccessWhitelistEntry( 76 const WebURL& sourceOrigin, const WebString& destinationProtocol, 77 const WebString& destinationHost, bool allowDestinationSubdomains); 78 BLINK_EXPORT static void removeOriginAccessWhitelistEntry( 79 const WebURL& sourceOrigin, const WebString& destinationProtocol, 80 const WebString& destinationHost, bool allowDestinationSubdomains); 81 BLINK_EXPORT static void resetOriginAccessWhitelists(); 82 83 // Returns the referrer modified according to the referrer policy for a 84 // navigation to a given URL. If the referrer returned is empty, the 85 // referrer header should be omitted. 86 BLINK_EXPORT static WebString generateReferrerHeader(WebReferrerPolicy, const WebURL&, const WebString& referrer); 87 88 // Registers an URL scheme to not allow manipulation of the loaded page 89 // by bookmarklets or javascript: URLs typed in the omnibox. 90 BLINK_EXPORT static void registerURLSchemeAsNotAllowingJavascriptURLs(const WebString&); 91 92 private: 93 WebSecurityPolicy(); 94 }; 95 96 } // namespace blink 97 98 #endif 99