mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-10-17 13:39:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9
ladybird/Libraries/LibWeb/HTML/PolicyContainers.h
Kenneth Myhra 1228063a85 LibWeb: Enforce Integrity Policy on Fetch requests
2025-08-14 13:37:38 +01:00

76 lines
3.2 KiB
C++
Raw Blame History

/*
* Copyright (c) 2022, Linus Groh <linusg@serenityos.org>
* Copyright (c) 2025, Luke Wilde <luke@ladybird.org>
*
* SPDX-License-Identifier: BSD-2-Clause
*/
#pragma once
#include <LibGC/CellAllocator.h>
#include <LibJS/Heap/Cell.h>
#include <LibURL/Forward.h>
#include <LibWeb/Fetch/Infrastructure/HTTP/Requests.h>
#include <LibWeb/Forward.h>
#include <LibWeb/HTML/EmbedderPolicy.h>
#include <LibWeb/ReferrerPolicy/ReferrerPolicy.h>
namespace Web::HTML {
// https://w3c.github.io/webappsec-subresource-integrity/#integrity-policy
struct IntegrityPolicy {
Vector<String> sources;
Vector<Fetch::Infrastructure::Request::Destination> blocked_destinations;
Vector<String> endpoints;
bool is_empty() const { return sources.is_empty() && blocked_destinations.is_empty() && endpoints.is_empty(); }
};
// https://html.spec.whatwg.org/multipage/origin.html#policy-container
// A policy container is a struct containing policies that apply to a Document, a WorkerGlobalScope, or a WorkletGlobalScope. It has the following items:
struct PolicyContainer : public GC::Cell {
GC_CELL(PolicyContainer, GC::Cell)
GC_DECLARE_ALLOCATOR(PolicyContainer);
public:
virtual ~PolicyContainer() = default;
// https://html.spec.whatwg.org/multipage/origin.html#policy-container-csp-list
// A CSP list, which is a CSP list. It is initially empty.
GC::Ref<ContentSecurityPolicy::PolicyList> csp_list;
// https://html.spec.whatwg.org/multipage/origin.html#policy-container-embedder-policy
// An embedder policy, which is an embedder policy. It is initially a new embedder policy.
EmbedderPolicy embedder_policy {};
// https://html.spec.whatwg.org/multipage/origin.html#policy-container-referrer-policy
// A referrer policy, which is a referrer policy. It is initially the default referrer policy.
ReferrerPolicy::ReferrerPolicy referrer_policy { ReferrerPolicy::DEFAULT_REFERRER_POLICY };
// https://html.spec.whatwg.org/multipage/browsers.html#policy-container-integrity-policy
// An integrity policy, which is an integrity policy, initially a new integrity policy.
IntegrityPolicy integrity_policy {};
// https://html.spec.whatwg.org/multipage/browsers.html#policy-container-report-only-integrity-policy
// A report only integrity policy, which is an integrity policy, initially a new integrity policy.
IntegrityPolicy report_only_integrity_policy {};
[[nodiscard]] GC::Ref<PolicyContainer> clone(GC::Heap&) const;
[[nodiscard]] SerializedPolicyContainer serialize() const;
protected:
virtual void visit_edges(Cell::Visitor&) override;
private:
PolicyContainer(GC::Heap&);
};
// https://html.spec.whatwg.org/multipage/browsers.html#requires-storing-the-policy-container-in-history
[[nodiscard]] bool url_requires_storing_the_policy_container_in_history(URL::URL const& url);
// https://html.spec.whatwg.org/multipage/browsers.html#creating-a-policy-container-from-a-fetch-response
[[nodiscard]] GC::Ref<PolicyContainer> create_a_policy_container_from_a_fetch_response(GC::Heap&, GC::Ref<Fetch::Infrastructure::Response const> response, GC::Ptr<Environment> environment);
[[nodiscard]] GC::Ref<PolicyContainer> create_a_policy_container_from_serialized_policy_container(GC::Heap&, SerializedPolicyContainer const&);
}
Reference in a new issue View git blame Copy permalink