third_party/WebKit/Source/core/loader/MixedContentChecker.h

   1 /*
   2  * Copyright (C) 2012 Google Inc. All rights reserved.
   3  *
   4  * Redistribution and use in source and binary forms, with or without
   5  * modification, are permitted provided that the following conditions are
   6  * met:
   7  *
   8  *     * Redistributions of source code must retain the above copyright
   9  * notice, this list of conditions and the following disclaimer.
  10  *     * Redistributions in binary form must reproduce the above
  11  * copyright notice, this list of conditions and the following disclaimer
  12  * in the documentation and/or other materials provided with the
  13  * distribution.
  14  *     * Neither the name of Google Inc. nor the names of its
  15  * contributors may be used to endorse or promote products derived from
  16  * this software without specific prior written permission.
  17  *
  18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29  */
  30
  31 #ifndef MixedContentChecker_h
  32 #define MixedContentChecker_h
  33
  34 #include "core/CoreExport.h"
  35 #include "platform/heap/Handle.h"
  36 #include "platform/network/ResourceRequest.h"
  37 #include "public/platform/WebURLRequest.h"
  38 #include "wtf/text/WTFString.h"
  39
  40 namespace blink {
  41
  42 class FrameLoaderClient;
  43 class LocalFrame;
  44 class KURL;
  45 class SecurityOrigin;
  46
  47 class CORE_EXPORT MixedContentChecker final {
  48     WTF_MAKE_NONCOPYABLE(MixedContentChecker);
  49     DISALLOW_ALLOCATION();
  50 public:
  51     enum ContextType {
  52         ContextTypeNotMixedContent,
  53         ContextTypeBlockable,
  54         ContextTypeOptionallyBlockable,
  55         ContextTypeShouldBeBlockable,
  56     };
  57
  58     enum ReportingStatus { SendReport, SuppressReport };
  59     static bool shouldBlockFetch(LocalFrame*, WebURLRequest::RequestContext, WebURLRequest::FrameType, const KURL&, ReportingStatus = SendReport);
  60     static bool shouldBlockFetch(LocalFrame* frame, const ResourceRequest& request, const KURL& url, ReportingStatus status = SendReport)
  61     {
  62         return shouldBlockFetch(frame, request.requestContext(), request.frameType(), url, status);
  63     }
  64
  65     static bool shouldBlockWebSocket(LocalFrame*, const KURL&, ReportingStatus = SendReport);
  66
  67     static bool isMixedContent(SecurityOrigin*, const KURL&);
  68     static bool isMixedFormAction(LocalFrame*, const KURL&, ReportingStatus = SendReport);
  69
  70     static void checkMixedPrivatePublic(LocalFrame*, const AtomicString& resourceIPAddress);
  71
  72     static ContextType contextTypeForInspector(LocalFrame*, const ResourceRequest&);
  73
  74     // Returns the frame that should be considered the effective frame
  75     // for a mixed content check for the given frame type.
  76     static LocalFrame* effectiveFrameForFrameType(LocalFrame*, WebURLRequest::FrameType);
  77
  78 private:
  79     enum MixedContentType {
  80         Display,
  81         Execution,
  82         WebSocket,
  83         Submission
  84     };
  85
  86     static LocalFrame* inWhichFrameIsContentMixed(LocalFrame*, WebURLRequest::FrameType, const KURL&);
  87
  88     static ContextType contextTypeFromContext(WebURLRequest::RequestContext, LocalFrame*);
  89     static const char* typeNameFromContext(WebURLRequest::RequestContext);
  90     static void logToConsoleAboutFetch(LocalFrame*, const KURL&, WebURLRequest::RequestContext, bool allowed);
  91     static void logToConsoleAboutWebSocket(LocalFrame*, const KURL&, bool allowed);
  92     static void count(LocalFrame*, WebURLRequest::RequestContext);
  93 };
  94
  95 } // namespace blink
  96
  97 #endif // MixedContentChecker_h