Stowage/ladybird
2
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-10-31 13:20:59 +00:00
Code Issues Projects Releases Packages Wiki Activity
ladybird/Libraries/LibWeb/ContentSecurityPolicy/Directives/FormActionDirective.cpp

38 lines
1.4 KiB
C++
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*
* Copyright (c) 2024, Luke Wilde <luke@ladybird.org>
*
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <LibWeb/ContentSecurityPolicy/Directives/DirectiveOperations.h>
#include <LibWeb/ContentSecurityPolicy/Directives/FormActionDirective.h>
#include <LibWeb/ContentSecurityPolicy/Directives/Names.h>
#include <LibWeb/Fetch/Infrastructure/HTTP/Requests.h>
namespace Web::ContentSecurityPolicy::Directives {
GC_DEFINE_ALLOCATOR(FormActionDirective);
FormActionDirective::FormActionDirective(String name, Vector<String> value)
: Directive(move(name), move(value))
{
}
Directive::Result FormActionDirective::pre_navigation_check(GC::Ref<Fetch::Infrastructure::Request const> request, NavigationType navigation_type, GC::Ref<Policy const> policy) const
{
// 1. Assert: policy is unused in this algorithm.
// FIXME: File spec issue, because this is not the case. The policy is required to resolve 'self'.
// 2. If navigation type is "form-submission":
if (navigation_type == NavigationType::FormSubmission) {
// 1. If the result of executing § 6.7.2.5 Does request match source list? on request, this directives value,
// and a policy, is "Does Not Match", return "Blocked".
if (does_request_match_source_list(request, value(), policy) == MatchResult::DoesNotMatch)
return Result::Blocked;
}
// 3. Return "Allowed".
return Result::Allowed;
}
}
Reference in a new issue View git blame Copy permalink