Documentation
¶
Index ¶
Constants ¶
const ( DirectiveBaseUri string = "base-uri" DirectiveChildSrc string = "child-src" DirectiveConnectSrc string = "connect-src" DirectiveDefaultSrc string = "default-src" DirectiveFontSrc string = "font-src" DirectiveFormAction string = "form-action" DirectiveFrameAncestors string = "frame-ancestors" DirectiveFrameSrc string = "frame-src" DirectiveImgSrc string = "img-src" DirectiveManifestSrc string = "manifest-src" DirectiveMediaSrc string = "media-src" DirectiveObjectSrc string = "object-src" DirectiveScriptSrc string = "script-src" DirectiveStyleSrc string = "style-src" DirectiveWorkerSrc string = "worker-src" DirectiveReportUri string = "report-uri" DirectiveUpgradeInsecureRequests string = "upgrade-insecure-requests" DirectiveBlockAllMixedContent string = "block-all-mixed-content" )
Variables ¶
var AllDirectives []string = []string{DirectiveBaseUri, DirectiveChildSrc, DirectiveConnectSrc, DirectiveDefaultSrc, DirectiveFontSrc, DirectiveFormAction, DirectiveFrameAncestors, DirectiveFrameSrc, DirectiveImgSrc, DirectiveManifestSrc, DirectiveMediaSrc, DirectiveObjectSrc, DirectiveScriptSrc, DirectiveStyleSrc, DirectiveWorkerSrc, DirectiveReportUri, DirectiveUpgradeInsecureRequests, DirectiveBlockAllMixedContent}
Functions ¶
This section is empty.
Types ¶
type AllowDirective ¶
type AllowDirective struct{}
AllowDirective always allows access to the context.
func (AllowDirective) Check ¶
func (AllowDirective) Check(Policy, SourceContext) (bool, error)
Check implements Directive.
func (AllowDirective) Get ¶
func (AllowDirective) Get() string
type Directive ¶
type Directive interface {
// Check the context and return whether it's allowed.
Check(Policy, SourceContext) (bool, error)
Get() string
}
Directive is a rule for a CSP directive.
type HashSource ¶
HashSource is a SourceDirective rule that matches the hash of content.
func (HashSource) Check ¶
func (s HashSource) Check(ctx SourceContext) (bool, error)
Check if the ctx hash matches this hash.
type Policy ¶
type Policy struct {
Directives map[string]Directive
ReportUri string
UpgradeInsecureRequests bool
BlockAllMixedContent bool
}
Policy represents the entire CSP policy and its directives.
func ParsePolicy ¶
ParsePolicy parses all the directives in a CSP policy.
type Report ¶
type Report struct {
Document string
Blocked string
DirectiveName string
Directive Directive
Context SourceContext
}
Report contains information about a CSP violation.
func ValidatePage ¶
ValidatePage checks that an HTML page passes the specified CSP policy.
type SourceContext ¶
type SourceContext struct {
URL url.URL
Page url.URL
UnsafeInline bool
UnsafeEval bool
Nonce string
Body []byte
}
SourceContext is the context required by a CSP policy.
type SourceDirective ¶
type SourceDirective struct {
None bool
Nonces map[string]bool
Hashes []HashSource
UnsafeEval bool
UnsafeInline bool
Self bool
Schemes map[string]bool
Hosts []glob.Glob
// contains filtered or unexported fields
}
SourceDirective is used to enforce a CSP source policy on a URL.
func ParseSourceDirective ¶
func ParseSourceDirective(sources []string) (SourceDirective, error)
ParseSourceDirective parses a source directive arguments.
func (SourceDirective) Check ¶
func (s SourceDirective) Check(p Policy, ctx SourceContext) (bool, error)
Check that the SourceContext is allowed for this SourceDirective.
func (SourceDirective) Get ¶
func (s SourceDirective) Get() string
func (*SourceDirective) ParseSource ¶
func (s *SourceDirective) ParseSource(source string) error
ParseSource parses a source and adds it to the SourceDirective.
func (*SourceDirective) Validate ¶
func (s *SourceDirective) Validate() error
Validate checks the source policy to make sure it's valid.
Source Files