[−][src]Crate content_security_policy
Parse and validate Web Content-Security-Policy level 3
Example
extern crate content_security_policy; use content_security_policy::*; fn main() { let csp_list = CspList::parse("script-src *.notriddle.com", PolicySource::Header, PolicyDisposition::Enforce); let (check_result, _) = csp_list.should_request_be_blocked(&Request { url: Url::parse("https://www.notriddle.com/script.js").unwrap(), origin: Origin::Tuple("https".to_string(), url::Host::Domain("notriddle.com".to_owned()), 443), redirect_count: 0, destination: Destination::Script, initiator: Initiator::None, nonce: String::new(), integrity_metadata: String::new(), parser_metadata: ParserMetadata::None, }); assert_eq!(check_result, CheckResult::Allowed); let (check_result, _) = csp_list.should_request_be_blocked(&Request { url: Url::parse("https://www.evil.example/script.js").unwrap(), origin: Origin::Tuple("https".to_string(), url::Host::Domain("notriddle.com".to_owned()), 443), redirect_count: 0, destination: Destination::Script, initiator: Initiator::None, nonce: String::new(), integrity_metadata: String::new(), parser_metadata: ParserMetadata::None, }); assert_eq!(check_result, CheckResult::Blocked); }
Re-exports
pub extern crate url; |
pub use url::percent_encoding; |
Modules
| sandboxing_directive | |
| text_util |
Structs
| CspList | |
| Directive | |
| Element | |
| HashFunction | |
| Policy | A single parsed content security policy |
| Request | request to be validated |
| Response | response to be validated |
| Url | A parsed URL record. |
| Violation | violation information |
Enums
| CheckResult | |
| Destination | |
| HashAlgorithm | |
| Initiator | |
| InlineCheckType | |
| MatchResult | |
| Origin | The origin of an URL |
| ParserMetadata | |
| PolicyDisposition | |
| PolicySource | |
| SubresourceIntegrityMetadata | |
| Violates | |
| ViolationResource |
Functions
| parse_subresource_integrity_metadata |