LibWeb/CSP: Implement the frame-src directive

Author: https://github.com/Lubrsi Commit: 1689353beb Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/5276 Reviewed-by: https://github.com/shannonbooth ✅
2025-07-28 11:49:44 +00:00 · 2024-11-29 11:08:12 +00:00 · 2024-11-29 11:08:12 +00:00 · 1689353beb · 2025-07-05 09:23:00 +00:00
commit 1689353beb
parent e899438907
5 changed files with 95 additions and 0 deletions
--- a/Libraries/LibWeb/ContentSecurityPolicy/Directives/FrameSourceDirective.h
+++ b/Libraries/LibWeb/ContentSecurityPolicy/Directives/FrameSourceDirective.h
@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2024, Luke Wilde <luke@ladybird.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#pragma once
+
+#include <LibWeb/ContentSecurityPolicy/Directives/Directive.h>
+
+namespace Web::ContentSecurityPolicy::Directives {
+
+// https://w3c.github.io/webappsec-csp/#directive-frame-src
+class FrameSourceDirective final : public Directive {
+    GC_CELL(FrameSourceDirective, Directive)
+    GC_DECLARE_ALLOCATOR(FrameSourceDirective);
+
+public:
+    virtual ~FrameSourceDirective() = default;
+
+    [[nodiscard]] virtual Result pre_request_check(GC::Heap&, GC::Ref<Fetch::Infrastructure::Request const>, GC::Ref<Policy const>) const override;
+    [[nodiscard]] virtual Result post_request_check(GC::Heap&, GC::Ref<Fetch::Infrastructure::Request const>, GC::Ref<Fetch::Infrastructure::Response const>, GC::Ref<Policy const>) const override;
+
+private:
+    FrameSourceDirective(String name, Vector<String> value);
+};
+
+}