[−][src]Crate content_security_policy
Parse and validate Web Content-Security-Policy level 3
Example
extern crate content_security_policy; use content_security_policy::*; fn main() { let csp_list = CspList::parse("script-src *.notriddle.com", PolicySource::Header, PolicyDisposition::Enforce); let (check_result, _) = csp_list.should_request_be_blocked(&Request { url: Url::parse("https://www.notriddle.com/script.js").unwrap(), origin: Origin::Tuple("https".to_string(), url::Host::Domain("notriddle.com".to_owned()), 443), redirect_count: 0, destination: Destination::Script, initiator: Initiator::None, nonce: String::new(), integrity_metadata: String::new(), parser_metadata: ParserMetadata::None, }); assert_eq!(check_result, CheckResult::Allowed); let (check_result, _) = csp_list.should_request_be_blocked(&Request { url: Url::parse("https://www.evil.example/script.js").unwrap(), origin: Origin::Tuple("https".to_string(), url::Host::Domain("notriddle.com".to_owned()), 443), redirect_count: 0, destination: Destination::Script, initiator: Initiator::None, nonce: String::new(), integrity_metadata: String::new(), parser_metadata: ParserMetadata::None, }); assert_eq!(check_result, CheckResult::Blocked); }
Re-exports
pub extern crate url; |
pub use url::percent_encoding; |
Modules
sandboxing_directive | |
text_util |
Structs
CspList | |
Directive | |
Element | |
HashFunction | |
Policy | A single parsed content security policy |
Request | request to be validated |
Response | response to be validated |
Url | A parsed URL record. |
Violation | violation information |
Enums
CheckResult | |
Destination | |
HashAlgorithm | |
Initiator | |
InlineCheckType | |
MatchResult | |
Origin | The origin of an URL |
ParserMetadata | |
PolicyDisposition | |
PolicySource | |
SubresourceIntegrityMetadata | |
Violates | |
ViolationResource |
Functions
parse_subresource_integrity_metadata |