LibWeb/CSP: Implement the script-src-attr directive

Author: https://github.com/Lubrsi Commit: f50f23b19f Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/5404 Reviewed-by: https://github.com/shannonbooth ✅
2025-10-06 08:09:45 +00:00 · 2024-12-03 15:33:32 +00:00 · 2024-12-03 15:33:32 +00:00 · f50f23b19f · 2025-07-12 01:07:50 +00:00
commit f50f23b19f
parent f382bccc3d
5 changed files with 77 additions and 0 deletions
--- a/Libraries/LibWeb/ContentSecurityPolicy/Directives/ScriptSourceAttributeDirective.h
+++ b/Libraries/LibWeb/ContentSecurityPolicy/Directives/ScriptSourceAttributeDirective.h
@ -0,0 +1,27 @@
+/*
+ * Copyright (c) 2024, Luke Wilde <luke@ladybird.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#pragma once
+
+#include <LibWeb/ContentSecurityPolicy/Directives/Directive.h>
+
+namespace Web::ContentSecurityPolicy::Directives {
+
+// https://w3c.github.io/webappsec-csp/#directive-script-src-attr
+class ScriptSourceAttributeDirective final : public Directive {
+    GC_CELL(ScriptSourceAttributeDirective, Directive)
+    GC_DECLARE_ALLOCATOR(ScriptSourceAttributeDirective);
+
+public:
+    virtual ~ScriptSourceAttributeDirective() = default;
+
+    virtual Result inline_check(GC::Heap&, GC::Ptr<DOM::Element const>, InlineType, GC::Ref<Policy const>, String const&) const override;
+
+private:
+    ScriptSourceAttributeDirective(String name, Vector<String> value);
+};
+
+}