Package org.htmlunit.csp
Class Policy
- java.lang.Object
-
- org.htmlunit.csp.Policy
-
public final class Policy extends java.lang.Object
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description private static classPolicy.InlineTypeprivate static classPolicy.NamedDirectivestatic interfacePolicy.PolicyErrorConsumerstatic interfacePolicy.PolicyListErrorConsumerstatic classPolicy.Severity
-
Field Summary
Fields Modifier and Type Field Description private SourceExpressionDirectivebaseUri_private booleanblockAllMixedContent_private java.util.List<Policy.NamedDirective>directives_private java.util.EnumMap<FetchDirectiveKind,SourceExpressionDirective>fetchDirectives_private SourceExpressionDirectiveformAction_private FrameAncestorsDirectiveframeAncestors_private SourceExpressionDirectivenavigateTo_private PluginTypesDirectivepluginTypes_private FetchDirectiveKindprefetchSrc_private RFC7230TokenreportTo_private ReportUriDirectivereportUri_private SandboxDirectivesandbox_private booleanupgradeInsecureRequests_
-
Constructor Summary
Constructors Modifier Constructor Description privatePolicy()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private Directiveadd(java.lang.String name, java.util.List<java.lang.String> values, Directive.DirectiveErrorConsumer directiveErrorConsumer)booleanallowsApplicationManifest(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)booleanallowsConnection(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)booleanallowsEval()booleanallowsExternalScript(java.util.Optional<java.lang.String> nonce, java.util.Optional<java.lang.String> integrity, java.util.Optional<URLWithScheme> scriptUrl, java.util.Optional<java.lang.Boolean> parserInserted, java.util.Optional<URLWithScheme> origin)booleanallowsExternalStyle(java.util.Optional<java.lang.String> nonce, java.util.Optional<URLWithScheme> styleUrl, java.util.Optional<URLWithScheme> origin)booleanallowsFont(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)booleanallowsFormAction(java.util.Optional<URLWithScheme> to, java.util.Optional<java.lang.Boolean> redirected, java.util.Optional<URLWithScheme> redirectedTo, java.util.Optional<URLWithScheme> origin)booleanallowsFrame(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)booleanallowsFrameAncestor(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)booleanallowsImage(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)booleanallowsInlineScript(java.util.Optional<java.lang.String> nonce, java.util.Optional<java.lang.String> source, java.util.Optional<java.lang.Boolean> parserInserted)booleanallowsInlineStyle(java.util.Optional<java.lang.String> nonce, java.util.Optional<java.lang.String> source)booleanallowsJavascriptUrlNavigation(java.util.Optional<java.lang.String> source, java.util.Optional<URLWithScheme> origin)booleanallowsMedia(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)booleanallowsNavigation(java.util.Optional<URLWithScheme> to, java.util.Optional<java.lang.Boolean> redirected, java.util.Optional<URLWithScheme> redirectedTo, java.util.Optional<URLWithScheme> origin)booleanallowsObject(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)booleanallowsPlugin(java.util.Optional<MediaType> mediaType)booleanallowsPrefetch(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)booleanallowsScriptAsAttribute(java.util.Optional<java.lang.String> source)booleanallowsStyleAsAttribute(java.util.Optional<java.lang.String> source)booleanallowsWorker(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)java.util.Optional<SourceExpressionDirective>baseUri()booleanblockAllMixedContent()private static java.lang.Stringcollect(java.lang.String input, java.lang.String regex)private booleandoesElementMatchSourceListForTypeAndSource(Policy.InlineType type, java.util.Optional<java.lang.String> nonce, java.util.Optional<java.lang.String> source, java.util.Optional<java.lang.Boolean> parserInserted)static booleandoesUrlMatchSourceListInOrigin(URLWithScheme url, HostSourceDirective list, java.util.Optional<URLWithScheme> origin)(package private) static voidenforceAscii(java.lang.String s)java.util.Optional<SourceExpressionDirective>formAction()java.util.Optional<FrameAncestorsDirective>frameAncestors()java.util.Optional<SourceExpressionDirective>getFetchDirective(FetchDirectiveKind kind)java.util.Optional<SourceExpressionDirective>getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind kind)private static booleanhostPartMatches(java.lang.String a, java.lang.String b)java.util.Optional<SourceExpressionDirective>navigateTo()private static java.lang.StringnormalizeBase64Url(java.lang.String input)static PolicyparseSerializedCSP(java.lang.String serialized, Policy.PolicyErrorConsumer policyErrorConsumer)static PolicyListparseSerializedCSPList(java.lang.String serialized, Policy.PolicyListErrorConsumer policyListErrorConsumer)private static booleanpathPartMatches(java.lang.String pathA, java.lang.String pathB)java.util.Optional<PluginTypesDirective>pluginTypes()private static booleanportPartMatches(int a, int portB, java.lang.String schemeB)java.util.Optional<FetchDirectiveKind>prefetchSrc()java.util.Optional<RFC7230Token>reportTo()java.util.Optional<ReportUriDirective>reportUri()java.util.Optional<SandboxDirective>sandbox()private static booleanschemePartMatches(java.lang.String a, java.lang.String b)private static java.lang.StringstripLeadingWhitespace(java.lang.String string)private static java.lang.StringstripTrailingWhitespace(java.lang.String string)java.lang.StringtoString()booleanupgradeInsecureRequests()
-
-
-
Field Detail
-
directives_
private java.util.List<Policy.NamedDirective> directives_
-
baseUri_
private SourceExpressionDirective baseUri_
-
blockAllMixedContent_
private boolean blockAllMixedContent_
-
formAction_
private SourceExpressionDirective formAction_
-
frameAncestors_
private FrameAncestorsDirective frameAncestors_
-
navigateTo_
private SourceExpressionDirective navigateTo_
-
pluginTypes_
private PluginTypesDirective pluginTypes_
-
prefetchSrc_
private FetchDirectiveKind prefetchSrc_
-
reportTo_
private RFC7230Token reportTo_
-
reportUri_
private ReportUriDirective reportUri_
-
sandbox_
private SandboxDirective sandbox_
-
upgradeInsecureRequests_
private boolean upgradeInsecureRequests_
-
fetchDirectives_
private final java.util.EnumMap<FetchDirectiveKind,SourceExpressionDirective> fetchDirectives_
-
-
Method Detail
-
parseSerializedCSPList
public static PolicyList parseSerializedCSPList(java.lang.String serialized, Policy.PolicyListErrorConsumer policyListErrorConsumer)
-
parseSerializedCSP
public static Policy parseSerializedCSP(java.lang.String serialized, Policy.PolicyErrorConsumer policyErrorConsumer)
-
add
private Directive add(java.lang.String name, java.util.List<java.lang.String> values, Directive.DirectiveErrorConsumer directiveErrorConsumer)
-
toString
public java.lang.String toString()
- Overrides:
toStringin classjava.lang.Object
-
baseUri
public java.util.Optional<SourceExpressionDirective> baseUri()
-
blockAllMixedContent
public boolean blockAllMixedContent()
-
formAction
public java.util.Optional<SourceExpressionDirective> formAction()
-
frameAncestors
public java.util.Optional<FrameAncestorsDirective> frameAncestors()
-
navigateTo
public java.util.Optional<SourceExpressionDirective> navigateTo()
-
pluginTypes
public java.util.Optional<PluginTypesDirective> pluginTypes()
-
prefetchSrc
public java.util.Optional<FetchDirectiveKind> prefetchSrc()
-
reportTo
public java.util.Optional<RFC7230Token> reportTo()
-
reportUri
public java.util.Optional<ReportUriDirective> reportUri()
-
sandbox
public java.util.Optional<SandboxDirective> sandbox()
-
upgradeInsecureRequests
public boolean upgradeInsecureRequests()
-
getFetchDirective
public java.util.Optional<SourceExpressionDirective> getFetchDirective(FetchDirectiveKind kind)
-
allowsExternalScript
public boolean allowsExternalScript(java.util.Optional<java.lang.String> nonce, java.util.Optional<java.lang.String> integrity, java.util.Optional<URLWithScheme> scriptUrl, java.util.Optional<java.lang.Boolean> parserInserted, java.util.Optional<URLWithScheme> origin)
-
allowsInlineScript
public boolean allowsInlineScript(java.util.Optional<java.lang.String> nonce, java.util.Optional<java.lang.String> source, java.util.Optional<java.lang.Boolean> parserInserted)
-
allowsScriptAsAttribute
public boolean allowsScriptAsAttribute(java.util.Optional<java.lang.String> source)
-
allowsEval
public boolean allowsEval()
-
allowsNavigation
public boolean allowsNavigation(java.util.Optional<URLWithScheme> to, java.util.Optional<java.lang.Boolean> redirected, java.util.Optional<URLWithScheme> redirectedTo, java.util.Optional<URLWithScheme> origin)
-
allowsFormAction
public boolean allowsFormAction(java.util.Optional<URLWithScheme> to, java.util.Optional<java.lang.Boolean> redirected, java.util.Optional<URLWithScheme> redirectedTo, java.util.Optional<URLWithScheme> origin)
-
allowsJavascriptUrlNavigation
public boolean allowsJavascriptUrlNavigation(java.util.Optional<java.lang.String> source, java.util.Optional<URLWithScheme> origin)
-
allowsExternalStyle
public boolean allowsExternalStyle(java.util.Optional<java.lang.String> nonce, java.util.Optional<URLWithScheme> styleUrl, java.util.Optional<URLWithScheme> origin)
-
allowsInlineStyle
public boolean allowsInlineStyle(java.util.Optional<java.lang.String> nonce, java.util.Optional<java.lang.String> source)
-
allowsStyleAsAttribute
public boolean allowsStyleAsAttribute(java.util.Optional<java.lang.String> source)
-
allowsFrame
public boolean allowsFrame(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)
-
allowsFrameAncestor
public boolean allowsFrameAncestor(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)
-
allowsConnection
public boolean allowsConnection(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)
-
allowsFont
public boolean allowsFont(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)
-
allowsImage
public boolean allowsImage(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)
-
allowsApplicationManifest
public boolean allowsApplicationManifest(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)
-
allowsMedia
public boolean allowsMedia(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)
-
allowsObject
public boolean allowsObject(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)
-
allowsPrefetch
public boolean allowsPrefetch(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)
-
allowsWorker
public boolean allowsWorker(java.util.Optional<URLWithScheme> source, java.util.Optional<URLWithScheme> origin)
-
allowsPlugin
public boolean allowsPlugin(java.util.Optional<MediaType> mediaType)
-
getGoverningDirectiveForEffectiveDirective
public java.util.Optional<SourceExpressionDirective> getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind kind)
-
doesElementMatchSourceListForTypeAndSource
private boolean doesElementMatchSourceListForTypeAndSource(Policy.InlineType type, java.util.Optional<java.lang.String> nonce, java.util.Optional<java.lang.String> source, java.util.Optional<java.lang.Boolean> parserInserted)
-
normalizeBase64Url
private static java.lang.String normalizeBase64Url(java.lang.String input)
-
doesUrlMatchSourceListInOrigin
public static boolean doesUrlMatchSourceListInOrigin(URLWithScheme url, HostSourceDirective list, java.util.Optional<URLWithScheme> origin)
-
schemePartMatches
private static boolean schemePartMatches(java.lang.String a, java.lang.String b)
-
hostPartMatches
private static boolean hostPartMatches(java.lang.String a, java.lang.String b)
-
portPartMatches
private static boolean portPartMatches(int a, int portB, java.lang.String schemeB)
-
pathPartMatches
private static boolean pathPartMatches(java.lang.String pathA, java.lang.String pathB)
-
enforceAscii
static void enforceAscii(java.lang.String s)
-
stripLeadingWhitespace
private static java.lang.String stripLeadingWhitespace(java.lang.String string)
-
stripTrailingWhitespace
private static java.lang.String stripTrailingWhitespace(java.lang.String string)
-
collect
private static java.lang.String collect(java.lang.String input, java.lang.String regex)
-
-