Implement CSP source list subsumption algorithm in services/network

This CL implements the part "Does source list A subsume source list B?" of the Content Security Policy: Embedded Enforcement subsumption algorithm following https://w3c.github.io/webappsec-cspee/#subsume-source-list in the services/network Content Security Policy module. This is part of a series of CL implementing the whole subsumption algorithm according to that spec. Bug: 1094909 Change-Id: Id8cecc37c12a1db79cd0a97e616e0f46c98bdc97 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2315145 Commit-Queue: Antonio Sartori <antoniosartori@chromium.org> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Cr-Commit-Position: refs/heads/master@{#803833}

Implement CSP source list subsumption algorithm in services/network
This CL implements the part "Does source list A subsume source list B?" of the Content Security Policy: Embedded Enforcement subsumption algorithm following https://w3c.github.io/webappsec-cspee/#subsume-source-list in the services/network Content Security Policy module. This is part of a series of CL implementing the whole subsumption algorithm according to that spec. Bug: 1094909 Change-Id: Id8cecc37c12a1db79cd0a97e616e0f46c98bdc97 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2315145 Commit-Queue: Antonio Sartori <antoniosartori@chromium.org> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Cr-Commit-Position: refs/heads/master@{#803833}
951ba7a0 · Antonio Sartori · Commit Bot · 1fbc53fc · 951ba7a0 · 951ba7a0
Commit 951ba7a0 authored Sep 02, 2020 by Antonio Sartori Committed by Commit Bot Sep 02, 2020
5 changed files
--- a/services/network/public/cpp/content_security_policy/csp_source.cc
+++ b/services/network/public/cpp/content_security_policy/csp_source.cc
@@ -22,10 +22,6 @@ bool HasHost(const mojom::CSPSourcePtr& source) {
  return !source->host.empty() || source->is_host_wildcard;
 }

-bool IsSchemeOnly(const mojom::CSPSourcePtr& source) {
-  return !HasHost(source);
-}
-
 bool DecodePath(const base::StringPiece& path, std::string* output) {
  url::RawCanonOutputT<base::char16> unescaped;
  url::DecodeURLEscapeSequences(path.data(), path.size(),
@@ -184,11 +180,15 @@ bool canUpgrade(const SchemeMatchingResult result) {

 }  // namespace

+bool CSPSourceIsSchemeOnly(const mojom::CSPSourcePtr& source) {
+  return !HasHost(source);
+}
+
 bool CheckCSPSource(const mojom::CSPSourcePtr& source,
                    const GURL& url,
                    CSPContext* context,
                    bool has_followed_redirect) {
-  if (IsSchemeOnly(source)) {
+  if (CSPSourceIsSchemeOnly(source)) {
    return SourceAllowScheme(source, url, context) !=
           SchemeMatchingResult::NotMatching;
  }
@@ -222,11 +222,11 @@ mojom::CSPSourcePtr CSPSourcesIntersect(const mojom::CSPSourcePtr& source_a,
    return nullptr;
  }

-  if (IsSchemeOnly(source_a)) {
+  if (CSPSourceIsSchemeOnly(source_a)) {
    auto new_result = source_b->Clone();
    new_result->scheme = result->scheme;
    return new_result;
-  } else if (IsSchemeOnly(source_b)) {
+  } else if (CSPSourceIsSchemeOnly(source_b)) {
    auto new_result = source_a->Clone();
    new_result->scheme = result->scheme;
    return new_result;
@@ -284,9 +284,9 @@ bool CSPSourceSubsumes(const mojom::CSPSourcePtr& source_a,
    return false;
  }

-  if (IsSchemeOnly(source_a))
+  if (CSPSourceIsSchemeOnly(source_a))
    return true;
-  if (IsSchemeOnly(source_b))
+  if (CSPSourceIsSchemeOnly(source_b))
    return false;

  if (!SourceAllowHost(source_a, (source_b->is_host_wildcard ? "*." : "") +
@@ -309,7 +309,7 @@ bool CSPSourceSubsumes(const mojom::CSPSourcePtr& source_a,

 std::string ToString(const mojom::CSPSourcePtr& source) {
  // scheme
-  if (IsSchemeOnly(source))
+  if (CSPSourceIsSchemeOnly(source))
    return source->scheme + ":";

  std::stringstream text;

--- a/services/network/public/cpp/content_security_policy/csp_source.h
+++ b/services/network/public/cpp/content_security_policy/csp_source.h
@@ -15,6 +15,9 @@ namespace network {

 class CSPContext;

+// Check if a CSP |source| matches the scheme-source grammar.
+bool CSPSourceIsSchemeOnly(const mojom::CSPSourcePtr& source);
+
 // Check if a |url| matches with a CSP |source| matches.
 COMPONENT_EXPORT(NETWORK_CPP)
 bool CheckCSPSource(const mojom::CSPSourcePtr& source,

--- a/services/network/public/cpp/content_security_policy/csp_source_list.cc
+++ b/services/network/public/cpp/content_security_policy/csp_source_list.cc
--- a/services/network/public/cpp/content_security_policy/csp_source_list.h
+++ b/services/network/public/cpp/content_security_policy/csp_source_list.h
@@ -13,6 +13,10 @@

 class GURL;

+namespace url {
+class Origin;
+}
+
 namespace network {
 class CSPContext;

@@ -28,5 +32,15 @@ bool CheckCSPSourceList(const mojom::CSPSourceListPtr& source_list,
                        bool has_followed_redirect = false,
                        bool is_response_check = false);

+// Check if |source_list_a| subsumes |source_list_b| with origin |origin_b| for
+// directive |directive| according to
+// https://w3c.github.io/webappsec-cspee/#subsume-source-list
+COMPONENT_EXPORT(NETWORK_CPP)
+bool CSPSourceListSubsumes(
+    const mojom::CSPSourceList& source_list_a,
+    const std::vector<const mojom::CSPSourceList*>& source_list_b,
+    mojom::CSPDirectiveName directive,
+    const url::Origin& origin_b);
+
 }  // namespace network
 #endif  // SERVICES_NETWORK_PUBLIC_CPP_CONTENT_SECURITY_POLICY_CSP_SOURCE_LIST_H_
--- a/services/network/public/cpp/content_security_policy/csp_source_list_unittest.cc
+++ b/services/network/public/cpp/content_security_policy/csp_source_list_unittest.cc