void SecurityContext::applySandboxFlags(SandboxFlags mask) { m_sandboxFlags |= mask; if (isSandboxed(SandboxOrigin) && getSecurityOrigin() && !getSecurityOrigin()->isUnique()) { setSecurityOrigin(SecurityOrigin::createUnique()); didUpdateSecurityOrigin(); } }
void SecurityContext::enforceSandboxFlags(SandboxFlags mask) { m_sandboxFlags |= mask; // The SandboxOrigin is stored redundantly in the security origin. if (isSandboxed(SandboxOrigin) && securityOrigin() && !securityOrigin()->isUnique()) { setSecurityOrigin(SecurityOrigin::createUnique()); didUpdateSecurityOrigin(); } }
// Enforces the given suborigin as part of the security origin for this // security context. |name| must not be empty, although it may be null. A null // name represents a lack of a suborigin. // See: https://w3c.github.io/webappsec-suborigins/index.html void SecurityContext::enforceSuborigin(const Suborigin& suborigin) { if (!RuntimeEnabledFeatures::suboriginsEnabled()) return; DCHECK(!suborigin.name().isEmpty()); DCHECK(RuntimeEnabledFeatures::suboriginsEnabled()); DCHECK(m_securityOrigin.get()); DCHECK(!m_securityOrigin->hasSuborigin() || m_securityOrigin->suborigin()->name() == suborigin.name()); m_securityOrigin->addSuborigin(suborigin); didUpdateSecurityOrigin(); }