自学教程：C++ CSPUTILSLOG函数代码示例

boolnsCSPKeywordSrc::allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce) const{  CSPUTILSLOG(("nsCSPKeywordSrc::allows, aKeyWord: %s, a HashOrNonce: %s",              CSP_EnumToKeyword(aKeyword), NS_ConvertUTF16toUTF8(aHashOrNonce).get()));  return mKeyword == aKeyword;}

// ::permits is only called for external load requests, therefore:// nsCSPKeywordSrc and nsCSPHashSource fall back to this base class// implementation which will never allow the load.boolnsCSPBaseSrc::permits(nsIURI* aUri, const nsAString& aNonce, bool aWasRedirected) const{  if (CSPUTILSLOGENABLED()) {    nsAutoCString spec;    aUri->GetSpec(spec);    CSPUTILSLOG(("nsCSPBaseSrc::permits, aUri: %s", spec.get()));  }  return false;}

boolnsCSPSchemeSrc::permits(nsIURI* aUri, const nsAString& aNonce, bool aWasRedirected,                        bool aReportOnly, bool aUpgradeInsecure) const{  if (CSPUTILSLOGENABLED()) {    nsAutoCString spec;    aUri->GetSpec(spec);    CSPUTILSLOG(("nsCSPSchemeSrc::permits, aUri: %s", spec.get()));  }  MOZ_ASSERT((!mScheme.EqualsASCII("")), "scheme can not be the empty string");  return permitsScheme(mScheme, aUri, aReportOnly, aUpgradeInsecure);}

boolnsCSPPolicy::permits(CSPDirective aDir,                     nsIURI* aUri,                     const nsAString& aNonce,                     bool aWasRedirected,                     bool aSpecific,                     nsAString& outViolatedDirective) const{#ifdef PR_LOGGING  {    nsAutoCString spec;    aUri->GetSpec(spec);    CSPUTILSLOG(("nsCSPPolicy::permits, aUri: %s, aDir: %d, aSpecific: %s",                 spec.get(), aDir, aSpecific ? "true" : "false"));  }#endif  NS_ASSERTION(aUri, "permits needs an uri to perform the check!");  nsCSPDirective* defaultDir = nullptr;  // Try to find a relevant directive  // These directive arrays are short (1-5 elements), not worth using a hashtable.  for (uint32_t i = 0; i < mDirectives.Length(); i++) {    if (mDirectives[i]->equals(aDir)) {      if (!mDirectives[i]->permits(aUri, aNonce, aWasRedirected)) {        mDirectives[i]->toString(outViolatedDirective);        return false;      }      return true;    }    if (mDirectives[i]->isDefaultDirective()) {      defaultDir = mDirectives[i];    }  }  // If the above loop runs through, we haven't found a matching directive.  // Avoid relooping, just store the result of default-src while looping.  if (!aSpecific && defaultDir) {    if (!defaultDir->permits(aUri, aNonce, aWasRedirected)) {      defaultDir->toString(outViolatedDirective);      return false;    }    return true;  }  // Nothing restricts this, so we're allowing the load  // See bug 764937  return true;}

nsresultCSP_AppendCSPFromHeader(nsIContentSecurityPolicy* aCsp,                        const nsAString& aHeaderValue,                        bool aReportOnly){  NS_ENSURE_ARG(aCsp);  // Need to tokenize the header value since multiple headers could be  // concatenated into one comma-separated list of policies.  // See RFC2616 section 4.2 (last paragraph)  nsresult rv = NS_OK;  nsCharSeparatedTokenizer tokenizer(aHeaderValue, ',');  while (tokenizer.hasMoreTokens()) {    const nsSubstring& policy = tokenizer.nextToken();    rv = aCsp->AppendPolicy(policy, aReportOnly, false);    NS_ENSURE_SUCCESS(rv, rv);    {      CSPUTILSLOG(("CSP refined with policy: /"%s/"",                   NS_ConvertUTF16toUTF8(policy).get()));    }  }  return NS_OK;}

boolnsCSPHostSrc::permits(nsIURI* aUri, const nsAString& aNonce, bool aWasRedirected) const{#ifdef PR_LOGGING  {    nsAutoCString spec;    aUri->GetSpec(spec);    CSPUTILSLOG(("nsCSPHostSrc::permits, aUri: %s", spec.get()));  }#endif  // we are following the enforcement rules from the spec, see:  // http://www.w3.org/TR/CSP11/#match-source-expression  // 4.3) scheme matching: Check if the scheme matches.  nsAutoCString scheme;  nsresult rv = aUri->GetScheme(scheme);  NS_ENSURE_SUCCESS(rv, false);  if (!mScheme.IsEmpty() &&      !mScheme.EqualsASCII(scheme.get())) {    // We should not return false for scheme-less sources where the protected resource    // is http and the load is https, see:    // http://www.w3.org/TR/CSP2/#match-source-expression    bool isHttpsScheme =      (NS_SUCCEEDED(aUri->SchemeIs("https", &isHttpsScheme)) && isHttpsScheme);    if (!(isHttpsScheme && mAllowHttps)) {      return false;    }  }  // The host in nsCSpHostSrc should never be empty. In case we are enforcing  // just a specific scheme, the parser should generate a nsCSPSchemeSource.  NS_ASSERTION((!mHost.IsEmpty()), "host can not be the empty string");  // 2) host matching: Enforce a single *  if (mHost.EqualsASCII("*")) {    return true;  }  // Before we can check if the host matches, we have to  // extract the host part from aUri.  nsAutoCString uriHost;  rv = aUri->GetHost(uriHost);  NS_ENSURE_SUCCESS(rv, false);  // 4.5) host matching: Check if the allowed host starts with a wilcard.  if (mHost.First() == '*') {    NS_ASSERTION(mHost[1] == '.', "Second character needs to be '.' whenever host starts with '*'");    // Eliminate leading "*", but keeping the FULL STOP (.) thereafter before checking    // if the remaining characters match    nsString wildCardHost = mHost;    wildCardHost = Substring(wildCardHost, 1, wildCardHost.Length() - 1);    if (!StringEndsWith(NS_ConvertUTF8toUTF16(uriHost), wildCardHost)) {      return false;    }  }  // 4.6) host matching: Check if hosts match.  else if (!mHost.Equals(NS_ConvertUTF8toUTF16(uriHost))) {    return false;  }  // 4.9) Path matching: If there is a path, we have to enforce  // path-level matching, unless the channel got redirected, see:  // http://www.w3.org/TR/CSP11/#source-list-paths-and-redirects  if (!aWasRedirected && !mPath.IsEmpty()) {    // cloning uri so we can ignore the ref    nsCOMPtr<nsIURI> uri;    aUri->CloneIgnoringRef(getter_AddRefs(uri));    nsAutoCString uriPath;    rv = uri->GetPath(uriPath);    NS_ENSURE_SUCCESS(rv, false);    // check if the last character of mPath is '/'; if so    // we just have to check loading resource is within    // the allowed path.    if (mPath.Last() == '/') {      if (!StringBeginsWith(NS_ConvertUTF8toUTF16(uriPath), mPath)) {        return false;      }    }    // otherwise mPath whitelists a specific file, and we have to    // check if the loading resource matches that whitelisted file.    else {      if (!mPath.Equals(NS_ConvertUTF8toUTF16(uriPath))) {        return false;      }    }  }  // 4.8) Port matching: If port uses wildcard, allow the load.  if (mPort.EqualsASCII("*")) {    return true;  }  // Before we can check if the port matches, we have to  // query the port from aUri.  int32_t uriPort;//.........这里部分代码省略.........

nsCSPPolicy::nsCSPPolicy()  : mReportOnly(false){  CSPUTILSLOG(("nsCSPPolicy::nsCSPPolicy"));}

nsCSPPolicy::nsCSPPolicy()  : mUpgradeInsecDir(nullptr)  , mReportOnly(false){  CSPUTILSLOG(("nsCSPPolicy::nsCSPPolicy"));}