servo-script 0.3.0

A component of the servo web-engine.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at https://mozilla.org/MPL/2.0/. */

use content_security_policy::{CspList, PolicyDisposition};
use http::header::HeaderMap;
use hyper_serde::Serde;
use net_traits::fetch::headers::get_decode_and_split_header_name;
use rustc_hash::FxHashSet;
use servo_url::MutableOrigin;

use crate::dom::node::NodeTraits;
use crate::dom::window::Window;

/// <https://html.spec.whatwg.org/multipage/#check-a-navigation-response%027s-adherence-to-x-frame-options>
pub(crate) fn check_a_navigation_response_adherence_to_x_frame_options(
    window: &Window,
    csp_list: Option<&CspList>,
    destination_origin: &MutableOrigin,
    headers: Option<&Serde<HeaderMap>>,
) -> bool {
    // Step 1. If navigable is not a child navigable, then return true.
    if window.window_proxy().parent().is_none() {
        return true;
    }
    // Step 2. For each policy of cspList:
    if let Some(csp_list) = csp_list {
        for policy in csp_list.0.iter() {
            // Step 2.1. If policy's disposition is not "enforce", then continue.
            if policy.disposition != PolicyDisposition::Enforce {
                continue;
            }
            // Step 2.2. If policy's directive set contains a frame-ancestors directive, then return true.
            if policy.contains_a_directive_whose_name_is("frame-ancestors") {
                return true;
            }
        }
    }
    // Step 3. Let rawXFrameOptions be the result of getting, decoding,
    // and splitting `X-Frame-Options` from response's header list.
    let Some(headers) = headers else {
        return true;
    };
    let Some(raw_xframe_options) = get_decode_and_split_header_name("X-Frame-Options", headers)
    else {
        return true;
    };
    // Step 4. Let xFrameOptions be a new set.
    // Step 5. For each value of rawXFrameOptions, append value, converted to ASCII lowercase, to xFrameOptions.
    let x_frame_options =
        FxHashSet::from_iter(raw_xframe_options.iter().map(|value| value.to_lowercase()));
    // Step 6. If xFrameOptions's size is greater than 1,
    // and xFrameOptions contains any of "deny", "allowall", or "sameorigin", then return false.
    if x_frame_options.len() > 1 &&
        x_frame_options
            .iter()
            .any(|value| value == "deny" || value == "allowall" || value == "sameorigin")
    {
        return false;
    }
    // Step 7. If xFrameOptions's size is greater than 1, then return true.
    if x_frame_options.len() > 1 {
        return true;
    }
    let Some(first_item) = x_frame_options.iter().next() else {
        return true;
    };
    // Step 8. If xFrameOptions[0] is "deny", then return false.
    if first_item == "deny" {
        return false;
    }
    // Step 9. If xFrameOptions[0] is "sameorigin", then:
    if first_item == "sameorigin" {
        let mut window_proxy = window.window_proxy();
        // Step 9.2. While containerDocument is not null:
        while let Some(container_element) = window_proxy.frame_element() {
            // Step 9.1. Let containerDocument be navigable's container document.
            let container_document = container_element.owner_document();
            // Step 9.2.1. If containerDocument's origin is not same origin with destinationOrigin, then return false.
            if !container_document.origin().same_origin(destination_origin) {
                return false;
            }
            // Step 9.2.2. Set containerDocument to containerDocument's container document.
            window_proxy = container_document.window().window_proxy()
        }
        // If the `frame_element` is None, it could be two options:
        // 1. There is no parent, in which case we are top-level. We can stop the loop
        // 2. There is a parent, but it isn't same origin. Therefore, we need to double
        //    check here that we actually cover this case.
        if window_proxy.parent().is_some() {
            return false;
        }
    }
    // Step 10. Return true.
    true
}