CSP: Use mojo enum for 'require-trusted-types-for' directive in blink

In the Blink Content Security Policy code, we switch from using the internal blink type blink::RequireTrustedTypesForDirective to using the mojo enum network::mojom::blink::CSPRequireTrustedTypesFor for parsing the directive 'require-trusted-types-for'. This is part of a project to harmonize the CSP code in Blink and in services/network, and will make it easier to synchronize Content Security Policies between the two. Bug: 1021462,1149272 Change-Id: I7e4107df7fb34126a90222b7a5d7b301f5d989b1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2572841 Commit-Queue: Antonio Sartori <antoniosartori@chromium.org> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#837541}

CSP: Use mojo enum for 'require-trusted-types-for' directive in blink
In the Blink Content Security Policy code, we switch from using the internal blink type blink::RequireTrustedTypesForDirective to using the mojo enum network::mojom::blink::CSPRequireTrustedTypesFor for parsing the directive 'require-trusted-types-for'. This is part of a project to harmonize the CSP code in Blink and in services/network, and will make it easier to synchronize Content Security Policies between the two. Bug: 1021462,1149272 Change-Id: I7e4107df7fb34126a90222b7a5d7b301f5d989b1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2572841 Commit-Queue: Antonio Sartori <antoniosartori@chromium.org> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#837541}
a09dd2ab · Antonio Sartori · Chromium LUCI CQ · 9a5541b1 · a09dd2ab · a09dd2ab
Commit a09dd2ab authored Dec 16, 2020 by Antonio Sartori Committed by Chromium LUCI CQ Dec 16, 2020
5 changed files
--- a/third_party/blink/renderer/core/frame/csp/csp_directive_list.cc
+++ b/third_party/blink/renderer/core/frame/csp/csp_directive_list.cc
@@ -14,7 +14,6 @@
 #include "third_party/blink/renderer/core/dom/document.h"
 #include "third_party/blink/renderer/core/dom/space_split_string.h"
 #include "third_party/blink/renderer/core/execution_context/security_context.h"
-#include "third_party/blink/renderer/core/frame/csp/source_list_directive.h"
 #include "third_party/blink/renderer/core/frame/deprecation.h"
 #include "third_party/blink/renderer/core/frame/local_frame.h"
 #include "third_party/blink/renderer/core/html/html_script_element.h"
@@ -344,11 +343,16 @@ void CSPDirectiveList::ReportMixedContent(
  }
 }
+bool CSPDirectiveList::RequiresTrustedTypes() const {
+  return require_trusted_types_for_ ==
+         network::mojom::blink::CSPRequireTrustedTypesFor::Script;
+}
 bool CSPDirectiveList::AllowTrustedTypeAssignmentFailure(
    const String& message,
    const String& sample,
    const String& sample_prefix) const {
-  if (!require_trusted_types_for_ || !require_trusted_types_for_->require())
+  if (!RequiresTrustedTypes())
    return true;
  ReportViolation(ContentSecurityPolicy::GetDirectiveName(
@@ -1140,19 +1144,6 @@ void CSPDirectiveList::AddTrustedTypes(const String& name,
      MakeGarbageCollected<StringListDirective>(name, value, policy_);
 }
-void CSPDirectiveList::RequireTrustedTypesFor(const String& name,
-                                              const String& value) {
-  if (require_trusted_types_for_) {
-    policy_->ReportDuplicateDirective(name);
-    return;
-  }
-  require_trusted_types_for_ =
-      MakeGarbageCollected<RequireTrustedTypesForDirective>(name, value,
-                                                            policy_);
-  if (require_trusted_types_for_->require())
-    policy_->RequireTrustedTypes();
-}
 void CSPDirectiveList::EnforceStrictMixedContentChecking(const String& name,
                                                         const String& value) {
  if (strict_mixed_content_checking_enforced_) {
@@ -1271,7 +1262,10 @@ void CSPDirectiveList::AddDirective(const String& name, const String& value) {
      ParseReportURI(name, value);
      return;
    case CSPDirectiveName::RequireTrustedTypesFor:
-      RequireTrustedTypesFor(name, value);
+      require_trusted_types_for_ =
+          CSPRequireTrustedTypesForParse(value, policy_);
+      if (RequiresTrustedTypes())
+        policy_->RequireTrustedTypes();
      return;
    case CSPDirectiveName::Sandbox:
      ApplySandboxPolicy(name, value);
@@ -1528,7 +1522,6 @@ bool CSPDirectiveList::IsScriptRestrictionReasonable() const {
 void CSPDirectiveList::Trace(Visitor* visitor) const {
  visitor->Trace(policy_);
  visitor->Trace(trusted_types_);
-  visitor->Trace(require_trusted_types_for_);
 }
 }  // namespace blink
--- a/third_party/blink/renderer/core/frame/csp/csp_directive_list.h
+++ b/third_party/blink/renderer/core/frame/csp/csp_directive_list.h
@@ -165,9 +165,8 @@ class CORE_EXPORT CSPDirectiveList final
  // this judgement.
  bool IsScriptRestrictionReasonable() const;
-  bool RequiresTrustedTypes() const {
+  bool RequiresTrustedTypes() const;
-    return require_trusted_types_for_ && require_trusted_types_for_->require();
-  }
  bool TrustedTypesAllowDuplicates() const {
    return trusted_types_ && trusted_types_->IsAllowDuplicates();
  }
@@ -193,7 +192,6 @@ class CORE_EXPORT CSPDirectiveList final
                                         const String& value);
  void EnableInsecureRequestsUpgrade(const String& name, const String& value);
  void AddTrustedTypes(const String& name, const String& value);
-  void RequireTrustedTypesFor(const String& name, const String& value);
  CSPDirectiveName FallbackDirective(CSPDirectiveName current_directive,
                                     CSPDirectiveName original_directive) const;
@@ -324,7 +322,7 @@ class CORE_EXPORT CSPDirectiveList final
  network::mojom::blink::CSPSourceListPtr worker_src_;
  network::mojom::blink::CSPSourceListPtr navigate_to_;
  Member<StringListDirective> trusted_types_;
-  Member<RequireTrustedTypesForDirective> require_trusted_types_for_;
+  network::mojom::blink::CSPRequireTrustedTypesFor require_trusted_types_for_;
  // If a "report-to" directive is used:
  // - |report_endpoints_| is a list of token parsed from the "report-to"

--- a/third_party/blink/renderer/core/frame/csp/require_trusted_types_for_directive.cc
+++ b/third_party/blink/renderer/core/frame/csp/require_trusted_types_for_directive.cc
@@ -2,41 +2,33 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
-#include "require_trusted_types_for_directive.h"
+#include "third_party/blink/renderer/core/frame/csp/require_trusted_types_for_directive.h"
-#include "third_party/blink/renderer/core/frame/csp/content_security_policy.h"
 namespace blink {
-RequireTrustedTypesForDirective::RequireTrustedTypesForDirective(
+network::mojom::blink::CSPRequireTrustedTypesFor CSPRequireTrustedTypesForParse(
-    const String& name,
    const String& value,
-    ContentSecurityPolicy* policy)
+    ContentSecurityPolicy* policy) {
-    : CSPDirective(name, value, policy),
-      require_trusted_types_for_script_(false) {
  Vector<String> list;
  value.SimplifyWhiteSpace().Split(' ', false, list);
+  network::mojom::blink::CSPRequireTrustedTypesFor result =
+      network::mojom::blink::CSPRequireTrustedTypesFor::None;
  for (const String& v : list) {
    // The only value in the sink group is 'script'.
    // https://w3c.github.io/webappsec-trusted-types/dist/spec/#trusted-types-sink-group
    if (v == "'script'") {
-      require_trusted_types_for_script_ = true;
+      result = network::mojom::blink::CSPRequireTrustedTypesFor::Script;
    } else {
      policy->ReportInvalidRequireTrustedTypesFor(v);
    }
  }
-  if (!require_trusted_types_for_script_) {
+  if (result == network::mojom::blink::CSPRequireTrustedTypesFor::None) {
    policy->ReportInvalidRequireTrustedTypesFor(String());
  }
-}
-bool RequireTrustedTypesForDirective::require() const {
-  return require_trusted_types_for_script_;
-}
-void RequireTrustedTypesForDirective::Trace(Visitor* visitor) const {
+  return result;
-  CSPDirective::Trace(visitor);
 }
 }  // namespace blink
--- a/third_party/blink/renderer/core/frame/csp/require_trusted_types_for_directive.h
+++ b/third_party/blink/renderer/core/frame/csp/require_trusted_types_for_directive.h
@@ -5,23 +5,17 @@
 #ifndef THIRD_PARTY_BLINK_RENDERER_CORE_FRAME_CSP_REQUIRE_TRUSTED_TYPES_FOR_DIRECTIVE_H_
 #define THIRD_PARTY_BLINK_RENDERER_CORE_FRAME_CSP_REQUIRE_TRUSTED_TYPES_FOR_DIRECTIVE_H_
-#include "third_party/blink/renderer/core/frame/csp/csp_directive.h"
+#include "services/network/public/mojom/content_security_policy.mojom-blink.h"
+#include "third_party/blink/renderer/core/core_export.h"
+#include "third_party/blink/renderer/core/frame/csp/content_security_policy.h"
+#include "third_party/blink/renderer/platform/wtf/text/wtf_string.h"
 namespace blink {
-class ContentSecurityPolicy;
+CORE_EXPORT
+network::mojom::blink::CSPRequireTrustedTypesFor CSPRequireTrustedTypesForParse(
-class CORE_EXPORT RequireTrustedTypesForDirective final : public CSPDirective {
+    const String& value,
- public:
+    ContentSecurityPolicy* policy);
-  RequireTrustedTypesForDirective(const String& name,
-                                  const String& value,
-                                  ContentSecurityPolicy*);
-  void Trace(Visitor*) const override;
-  bool require() const;
- private:
-  bool require_trusted_types_for_script_;
-};
 }  // namespace blink

--- a/third_party/blink/renderer/core/frame/csp/require_trusted_types_for_directive_test.cc
+++ b/third_party/blink/renderer/core/frame/csp/require_trusted_types_for_directive_test.cc
@@ -8,25 +8,29 @@
 namespace blink {
-TEST(RequireTrustedTypesForDirectiveTest, TestSinks) {
+TEST(CSPRequireTrustedTypesForTest, Parse) {
  struct {
    const char* directive;
-    const bool result;
+    network::mojom::blink::CSPRequireTrustedTypesFor result;
-  } test_cases[] = {{"'script'", true},
+  } test_cases[] = {
-                    {"*", false},
+      {"'script'", network::mojom::blink::CSPRequireTrustedTypesFor::Script},
-                    {"", false},
+      {"*", network::mojom::blink::CSPRequireTrustedTypesFor::None},
-                    {"''", false},
+      {"", network::mojom::blink::CSPRequireTrustedTypesFor::None},
-                    {"script", false},
+      {"''", network::mojom::blink::CSPRequireTrustedTypesFor::None},
-                    {"'script' 'css'", true},
+      {"script", network::mojom::blink::CSPRequireTrustedTypesFor::None},
-                    {"'script' 'script'", true}};
+      {"'script' 'css'",
+       network::mojom::blink::CSPRequireTrustedTypesFor::Script},
+      {"'script' 'script'",
+       network::mojom::blink::CSPRequireTrustedTypesFor::Script}};
  for (const auto& test_case : test_cases) {
-    RequireTrustedTypesForDirective directive(
-        "require-trusted-types-for", test_case.directive,
-        MakeGarbageCollected<ContentSecurityPolicy>());
    SCOPED_TRACE(testing::Message() << " require-trusted-types-for "
                                    << test_case.directive << ";");
-    EXPECT_EQ(directive.require(), test_case.result);
+    EXPECT_EQ(
+        CSPRequireTrustedTypesForParse(
+            test_case.directive, MakeGarbageCollected<ContentSecurityPolicy>()),
+        test_case.result);
  }
 }
 }  // namespace blink