Extract MediaListDirective and SourceListDirective from ContentSecurityPolicy.

BUG=346642

Review URL: https://codereview.chromium.org/184343002

git-svn-id: svn://svn.chromium.org/blink/trunk@168123 bbb929c8-8fbe-4397-9dbb-9b2b20218538

third_party/WebKit/Source/core/core.gypi

@@ -1094,6 +1094,8 @@
             'frame/UseCounter.cpp',
             'frame/csp/CSPSource.cpp',
             'frame/csp/CSPSourceList.cpp',
+            'frame/csp/MediaListDirective.cpp',
+            'frame/csp/SourceListDirective.cpp',
             'inspector/AsyncCallStackTracker.cpp',
             'inspector/AsyncCallStackTracker.h',
             'inspector/BindingVisitors.h',

third_party/WebKit/Source/core/frame/ContentSecurityPolicy.cpp

@@ -37,6 +37,8 @@
 #include "core/frame/UseCounter.h"
 #include "core/frame/csp/CSPSource.h"
 #include "core/frame/csp/CSPSourceList.h"
+#include "core/frame/csp/MediaListDirective.h"
+#include "core/frame/csp/SourceListDirective.h"
 #include "core/inspector/InspectorInstrumentation.h"
 #include "core/inspector/ScriptCallStack.h"
 #include "core/loader/DocumentLoader.h"
@@ -126,131 +128,6 @@ static ReferrerPolicy mergeReferrerPolicies(ReferrerPolicy a, ReferrerPolicy b)
     return a;
 }
 
-class CSPDirective {
-public:
-    CSPDirective(const String& name, const String& value, ContentSecurityPolicy* policy)
-        : m_name(name)
-        , m_text(name + ' ' + value)
-        , m_policy(policy)
-    {
-    }
-
-    const String& text() const { return m_text; }
-
-protected:
-    const ContentSecurityPolicy* policy() const { return m_policy; }
-
-private:
-    String m_name;
-    String m_text;
-    ContentSecurityPolicy* m_policy;
-};
-
-class MediaListDirective : public CSPDirective {
-public:
-    MediaListDirective(const String& name, const String& value, ContentSecurityPolicy* policy)
-        : CSPDirective(name, value, policy)
-    {
-        Vector<UChar> characters;
-        value.appendTo(characters);
-        parse(characters.data(), characters.data() + characters.size());
-    }
-
-    bool allows(const String& type)
-    {
-        return m_pluginTypes.contains(type);
-    }
-
-private:
-    void parse(const UChar* begin, const UChar* end)
-    {
-        const UChar* position = begin;
-
-        // 'plugin-types ____;' OR 'plugin-types;'
-        if (position == end) {
-            policy()->reportInvalidPluginTypes(String());
-            return;
-        }
-
-        while (position < end) {
-            // _____ OR _____mime1/mime1
-            // ^        ^
-            skipWhile<UChar, isASCIISpace>(position, end);
-            if (position == end)
-                return;
-
-            // mime1/mime1 mime2/mime2
-            // ^
-            begin = position;
-            if (!skipExactly<UChar, isMediaTypeCharacter>(position, end)) {
-                skipWhile<UChar, isNotASCIISpace>(position, end);
-                policy()->reportInvalidPluginTypes(String(begin, position - begin));
-                continue;
-            }
-            skipWhile<UChar, isMediaTypeCharacter>(position, end);
-
-            // mime1/mime1 mime2/mime2
-            //      ^
-            if (!skipExactly<UChar>(position, end, '/')) {
-                skipWhile<UChar, isNotASCIISpace>(position, end);
-                policy()->reportInvalidPluginTypes(String(begin, position - begin));
-                continue;
-            }
-
-            // mime1/mime1 mime2/mime2
-            //       ^
-            if (!skipExactly<UChar, isMediaTypeCharacter>(position, end)) {
-                skipWhile<UChar, isNotASCIISpace>(position, end);
-                policy()->reportInvalidPluginTypes(String(begin, position - begin));
-                continue;
-            }
-            skipWhile<UChar, isMediaTypeCharacter>(position, end);
-
-            // mime1/mime1 mime2/mime2 OR mime1/mime1  OR mime1/mime1/error
-            //            ^                          ^               ^
-            if (position < end && isNotASCIISpace(*position)) {
-                skipWhile<UChar, isNotASCIISpace>(position, end);
-                policy()->reportInvalidPluginTypes(String(begin, position - begin));
-                continue;
-            }
-            m_pluginTypes.add(String(begin, position - begin));
-
-            ASSERT(position == end || isASCIISpace(*position));
-        }
-    }
-
-    HashSet<String> m_pluginTypes;
-};
-
-class SourceListDirective : public CSPDirective {
-public:
-    SourceListDirective(const String& name, const String& value, ContentSecurityPolicy* policy)
-        : CSPDirective(name, value, policy)
-        , m_sourceList(policy, name)
-    {
-        Vector<UChar> characters;
-        value.appendTo(characters);
-
-        m_sourceList.parse(characters.data(), characters.data() + characters.size());
-    }
-
-    bool allows(const KURL& url)
-    {
-        return m_sourceList.matches(url.isEmpty() ? policy()->url() : url);
-    }
-
-    bool allowInline() const { return m_sourceList.allowInline(); }
-    bool allowEval() const { return m_sourceList.allowEval(); }
-    bool allowNonce(const String& nonce) const { return m_sourceList.allowNonce(nonce.stripWhiteSpace()); }
-    bool allowHash(const CSPHashValue& hashValue) const { return m_sourceList.allowHash(hashValue); }
-    bool isHashOrNoncePresent() const { return m_sourceList.isHashOrNoncePresent(); }
-
-    uint8_t hashAlgorithmsUsed() const { return m_sourceList.hashAlgorithmsUsed(); }
-
-private:
-    CSPSourceList m_sourceList;
-};
-
 class CSPDirectiveList {
     WTF_MAKE_FAST_ALLOCATED;
 public:

third_party/WebKit/Source/core/frame/csp/CSPDirective.h

+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CSPDirective_h
+#define CSPDirective_h
+
+#include "wtf/text/WTFString.h"
+
+namespace WebCore {
+
+class ContentSecurityPolicy;
+class KURL;
+
+class CSPDirective {
+    WTF_MAKE_NONCOPYABLE(CSPDirective);
+public:
+    CSPDirective(const String& name, const String& value, ContentSecurityPolicy* policy)
+        : m_name(name)
+        , m_text(name + ' ' + value)
+        , m_policy(policy)
+    {
+    }
+
+    const String& text() const { return m_text; }
+
+protected:
+    const ContentSecurityPolicy* policy() const { return m_policy; }
+
+private:
+    String m_name;
+    String m_text;
+    ContentSecurityPolicy* m_policy;
+};
+
+} // namespace WebCore
+
+#endif

third_party/WebKit/Source/core/frame/csp/CSPSourceList.cpp

@@ -71,7 +71,7 @@ CSPSourceList::CSPSourceList(ContentSecurityPolicy* policy, const String& direct
 {
 }
 
-bool CSPSourceList::matches(const KURL& url)
+bool CSPSourceList::matches(const KURL& url) const
 {
     if (m_allowStar)
         return true;

third_party/WebKit/Source/core/frame/csp/CSPSourceList.h

@@ -5,6 +5,7 @@
 #ifndef CSPSourceList_h
 #define CSPSourceList_h
 
+#include "core/frame/csp/CSPSource.h"
 #include "platform/network/ContentSecurityPolicyParsers.h"
 #include "wtf/HashSet.h"
 #include "wtf/text/WTFString.h"
@@ -12,7 +13,6 @@
 namespace WebCore {
 
 class ContentSecurityPolicy;
-class CSPSource;
 class KURL;
 
 class CSPSourceList {
@@ -22,7 +22,7 @@ public:
 
     void parse(const UChar* begin, const UChar* end);
 
-    bool matches(const KURL&);
+    bool matches(const KURL&) const;
     bool allowInline() const;
     bool allowEval() const;
     bool allowNonce(const String&) const;

third_party/WebKit/Source/core/frame/csp/MediaListDirective.cpp

+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "config.h"
+#include "core/frame/csp/MediaListDirective.h"
+
+#include "core/frame/ContentSecurityPolicy.h"
+#include "platform/ParsingUtilities.h"
+#include "platform/network/ContentSecurityPolicyParsers.h"
+#include "wtf/HashSet.h"
+#include "wtf/text/WTFString.h"
+
+namespace WebCore {
+
+MediaListDirective::MediaListDirective(const String& name, const String& value, ContentSecurityPolicy* policy)
+    : CSPDirective(name, value, policy)
+{
+    Vector<UChar> characters;
+    value.appendTo(characters);
+    parse(characters.data(), characters.data() + characters.size());
+}
+
+bool MediaListDirective::allows(const String& type)
+{
+    return m_pluginTypes.contains(type);
+}
+
+void MediaListDirective::parse(const UChar* begin, const UChar* end)
+{
+    const UChar* position = begin;
+
+    // 'plugin-types ____;' OR 'plugin-types;'
+    if (position == end) {
+        policy()->reportInvalidPluginTypes(String());
+        return;
+    }
+
+    while (position < end) {
+        // _____ OR _____mime1/mime1
+        // ^        ^
+        skipWhile<UChar, isASCIISpace>(position, end);
+        if (position == end)
+            return;
+
+        // mime1/mime1 mime2/mime2
+        // ^
+        begin = position;
+        if (!skipExactly<UChar, isMediaTypeCharacter>(position, end)) {
+            skipWhile<UChar, isNotASCIISpace>(position, end);
+            policy()->reportInvalidPluginTypes(String(begin, position - begin));
+            continue;
+        }
+        skipWhile<UChar, isMediaTypeCharacter>(position, end);
+
+        // mime1/mime1 mime2/mime2
+        //      ^
+        if (!skipExactly<UChar>(position, end, '/')) {
+            skipWhile<UChar, isNotASCIISpace>(position, end);
+            policy()->reportInvalidPluginTypes(String(begin, position - begin));
+            continue;
+        }
+
+        // mime1/mime1 mime2/mime2
+        //       ^
+        if (!skipExactly<UChar, isMediaTypeCharacter>(position, end)) {
+            skipWhile<UChar, isNotASCIISpace>(position, end);
+            policy()->reportInvalidPluginTypes(String(begin, position - begin));
+            continue;
+        }
+        skipWhile<UChar, isMediaTypeCharacter>(position, end);
+
+        // mime1/mime1 mime2/mime2 OR mime1/mime1  OR mime1/mime1/error
+        //            ^                          ^               ^
+        if (position < end && isNotASCIISpace(*position)) {
+            skipWhile<UChar, isNotASCIISpace>(position, end);
+            policy()->reportInvalidPluginTypes(String(begin, position - begin));
+            continue;
+        }
+        m_pluginTypes.add(String(begin, position - begin));
+
+        ASSERT(position == end || isASCIISpace(*position));
+    }
+}
+
+} // namespace WebCore

third_party/WebKit/Source/core/frame/csp/MediaListDirective.h

+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef MediaListDirective_h
+#define MediaListDirective_h
+
+#include "core/frame/csp/CSPDirective.h"
+#include "platform/network/ContentSecurityPolicyParsers.h"
+#include "wtf/HashSet.h"
+#include "wtf/text/WTFString.h"
+
+namespace WebCore {
+
+class ContentSecurityPolicy;
+
+class MediaListDirective FINAL : public CSPDirective {
+    WTF_MAKE_NONCOPYABLE(MediaListDirective);
+public:
+    MediaListDirective(const String& name, const String& value, ContentSecurityPolicy*);
+    bool allows(const String& type);
+
+private:
+    void parse(const UChar* begin, const UChar* end);
+
+    HashSet<String> m_pluginTypes;
+};
+
+} // namespace WebCore
+
+#endif

third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp

+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "config.h"
+#include "core/frame/csp/SourceListDirective.h"
+
+#include "core/frame/ContentSecurityPolicy.h"
+#include "core/frame/csp/CSPSourceList.h"
+#include "platform/network/ContentSecurityPolicyParsers.h"
+#include "platform/weborigin/KURL.h"
+#include "wtf/text/WTFString.h"
+
+namespace WebCore {
+
+SourceListDirective::SourceListDirective(const String& name, const String& value, ContentSecurityPolicy* policy)
+    : CSPDirective(name, value, policy)
+    , m_sourceList(policy, name)
+{
+    Vector<UChar> characters;
+    value.appendTo(characters);
+
+    m_sourceList.parse(characters.data(), characters.data() + characters.size());
+}
+
+bool SourceListDirective::allows(const KURL& url) const
+{
+    return m_sourceList.matches(url.isEmpty() ? policy()->url() : url);
+}
+
+bool SourceListDirective::allowInline() const
+{
+    return m_sourceList.allowInline();
+}
+
+bool SourceListDirective::allowEval() const
+{
+    return m_sourceList.allowEval();
+}
+
+bool SourceListDirective::allowNonce(const String& nonce) const
+{
+    return m_sourceList.allowNonce(nonce.stripWhiteSpace());
+}
+
+bool SourceListDirective::allowHash(const CSPHashValue& hashValue) const
+{
+    return m_sourceList.allowHash(hashValue);
+}
+
+bool SourceListDirective::isHashOrNoncePresent() const
+{
+    return m_sourceList.isHashOrNoncePresent();
+}
+
+uint8_t SourceListDirective::hashAlgorithmsUsed() const
+{
+    return m_sourceList.hashAlgorithmsUsed();
+}
+
+} // namespace WebCore
+

third_party/WebKit/Source/core/frame/csp/SourceListDirective.h

+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef SourceListDirective_h
+#define SourceListDirective_h
+
+#include "core/frame/csp/CSPDirective.h"
+#include "core/frame/csp/CSPSourceList.h"
+#include "platform/network/ContentSecurityPolicyParsers.h"
+#include "wtf/HashSet.h"
+#include "wtf/text/WTFString.h"
+
+namespace WebCore {
+
+class ContentSecurityPolicy;
+class KURL;
+
+class SourceListDirective FINAL : public CSPDirective {
+    WTF_MAKE_NONCOPYABLE(SourceListDirective);
+public:
+    SourceListDirective(const String& name, const String& value, ContentSecurityPolicy*);
+
+    bool allows(const KURL&) const;
+    bool allowInline() const;
+    bool allowEval() const;
+    bool allowNonce(const String& nonce) const;
+    bool allowHash(const CSPHashValue&) const;
+    bool isHashOrNoncePresent() const;
+    uint8_t hashAlgorithmsUsed() const;
+
+private:
+    CSPSourceList m_sourceList;
+};
+
+} // namespace WebCore
+
+#endif