diff options
author | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2017-08-25 09:18:29 +0200 |
---|---|---|
committer | wolfbeast <mcwerewolf@gmail.com> | 2018-02-22 11:15:23 +0100 |
commit | 62d535967977ea64884e4418d78f1dc245e682e1 (patch) | |
tree | 0b2bc214e7f77ac74a646987d6b22d18e2cdee9f /docshell/base/nsDSURIContentListener.h | |
parent | 6f96569b4499be07c210ca6c38739bbbc7ebdee7 (diff) | |
download | UXP-62d535967977ea64884e4418d78f1dc245e682e1.tar UXP-62d535967977ea64884e4418d78f1dc245e682e1.tar.gz UXP-62d535967977ea64884e4418d78f1dc245e682e1.tar.lz UXP-62d535967977ea64884e4418d78f1dc245e682e1.tar.xz UXP-62d535967977ea64884e4418d78f1dc245e682e1.zip |
CSP 2 - ignore (x-)frame-options if CSP with frame-ancestors directive exists
Diffstat (limited to 'docshell/base/nsDSURIContentListener.h')
-rw-r--r-- | docshell/base/nsDSURIContentListener.h | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/docshell/base/nsDSURIContentListener.h b/docshell/base/nsDSURIContentListener.h index f33d1c045..432813471 100644 --- a/docshell/base/nsDSURIContentListener.h +++ b/docshell/base/nsDSURIContentListener.h @@ -28,6 +28,12 @@ public: nsresult Init(); + // Determine if X-Frame-Options allows content to be framed + // as a subdocument + static bool CheckFrameOptions(nsIChannel* aChannel, + nsIDocShell* aDocShell, + nsIPrincipal* aPrincipal); + protected: explicit nsDSURIContentListener(nsDocShell* aDocShell); virtual ~nsDSURIContentListener(); @@ -39,12 +45,9 @@ protected: mExistingJPEGStreamListener = nullptr; } - // Determine if X-Frame-Options allows content to be framed - // as a subdocument - bool CheckFrameOptions(nsIRequest* aRequest); - bool CheckOneFrameOptionsPolicy(nsIHttpChannel* aHttpChannel, - const nsAString& aPolicy); - + static bool CheckOneFrameOptionsPolicy(nsIHttpChannel* aHttpChannel, + const nsAString& aPolicy, + nsIDocShell* aDocShell); enum XFOHeader { eDENY, @@ -52,9 +55,9 @@ protected: eALLOWFROM }; - void ReportXFOViolation(nsIDocShellTreeItem* aTopDocShellItem, - nsIURI* aThisURI, - XFOHeader aHeader); + static void ReportXFOViolation(nsIDocShellTreeItem* aTopDocShellItem, + nsIURI* aThisURI, + XFOHeader aHeader); protected: nsDocShell* mDocShell; |