#pragma once
#include <memory>
#include <wtf/Forward.h>
#include <wtf/RefPtr.h>
namespace WebCore {
class SecurityOrigin;
class SecurityOriginPolicy;
class ContentSecurityPolicy;
class URL;
enum SandboxFlag {
SandboxNone = 0,
SandboxNavigation = 1,
SandboxPlugins = 1 << 1,
SandboxOrigin = 1 << 2,
SandboxForms = 1 << 3,
SandboxScripts = 1 << 4,
SandboxTopNavigation = 1 << 5,
SandboxPopups = 1 << 6, SandboxAutomaticFeatures = 1 << 7,
SandboxPointerLock = 1 << 8,
SandboxPropagatesToAuxiliaryBrowsingContexts = 1 << 9,
SandboxAll = -1 };
typedef int SandboxFlags;
class SecurityContext {
public:
SandboxFlags sandboxFlags() const { return m_sandboxFlags; }
ContentSecurityPolicy* contentSecurityPolicy() { return m_contentSecurityPolicy.get(); }
bool isSecureTransitionTo(const URL&) const;
void enforceSandboxFlags(SandboxFlags mask);
bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; }
SecurityOriginPolicy* securityOriginPolicy() const { return m_securityOriginPolicy.get(); }
void setSecurityOriginPolicy(RefPtr<SecurityOriginPolicy>&&);
WEBCORE_EXPORT SecurityOrigin* securityOrigin() const;
static SandboxFlags parseSandboxPolicy(const String& policy, String& invalidTokensErrorMessage);
static bool isSupportedSandboxPolicy(StringView);
bool foundMixedContent() const { return m_foundMixedContent; }
void setFoundMixedContent() { m_foundMixedContent = true; }
bool geolocationAccessed() const { return m_geolocationAccessed; }
void setGeolocationAccessed() { m_geolocationAccessed = true; }
bool isStrictMixedContentMode() const { return m_isStrictMixedContentMode; }
void setStrictMixedContentMode(bool strictMixedContentMode) { m_isStrictMixedContentMode = strictMixedContentMode; }
virtual bool isSecureContext() const = 0;
protected:
SecurityContext();
virtual ~SecurityContext();
void setContentSecurityPolicy(std::unique_ptr<ContentSecurityPolicy>);
void disableSandboxFlags(SandboxFlags mask) { m_sandboxFlags &= ~mask; }
void didFailToInitializeSecurityOrigin() { m_haveInitializedSecurityOrigin = false; }
bool haveInitializedSecurityOrigin() const { return m_haveInitializedSecurityOrigin; }
private:
RefPtr<SecurityOriginPolicy> m_securityOriginPolicy;
std::unique_ptr<ContentSecurityPolicy> m_contentSecurityPolicy;
SandboxFlags m_sandboxFlags { SandboxNone };
bool m_haveInitializedSecurityOrigin { false };
bool m_foundMixedContent { false };
bool m_geolocationAccessed { false };
bool m_isStrictMixedContentMode { false };
};
}