// Copyright 2018 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "services/network/orb/orb_mimetypes.h" #include <stddef.h> #include <set> #include <string> #include <unordered_set> #include <vector> #include "base/check_op.h" #include "base/command_line.h" #include "base/containers/contains.h" #include "base/containers/fixed_flat_set.h" #include "base/feature_list.h" #include "base/lazy_instance.h" #include "base/metrics/histogram_macros.h" #include "base/notreached.h" #include "base/ranges/algorithm.h" #include "base/strings/string_util.h" #include "net/base/mime_sniffer.h" #include "net/base/registry_controlled_domains/registry_controlled_domain.h" #include "net/http/http_response_headers.h" #include "services/network/public/cpp/cross_origin_embedder_policy.h" #include "services/network/public/cpp/features.h" #include "services/network/public/cpp/initiator_lock_compatibility.h" #include "services/network/public/mojom/network_context.mojom.h" #include "services/network/public/mojom/network_service.mojom.h" #include "services/network/public/mojom/url_response_head.mojom.h" namespace network::orb { namespace { // MIME types const char kTextHtml[] = …; const char kTextXml[] = …; const char kAppXml[] = …; const char kAppJson[] = …; const char kImageSvg[] = …; const char kDashVideo[] = …; // https://crbug.com/947498 const char kTextJson[] = …; const char kTextPlain[] = …; // Javascript MIME type suffixes for use in CORB protection logging. See also // https://mimesniff.spec.whatwg.org/#javascript-mime-type. const char* kJavaScriptSuffixes[] = …; // TODO(lukasza): Remove kJsonProtobuf once this MIME type is not used in // practice. See also https://crbug.com/826756#c3 const char kJsonProtobuf[] = …; // MIME type suffixes const char kJsonSuffix[] = …; const char kXmlSuffix[] = …; // The function below returns a set of MIME types below may be blocked by CORB // without any confirmation sniffing (in contrast to HTML/JSON/XML which require // confirmation sniffing because images, scripts, etc. are frequently // mislabelled by http servers as HTML/JSON/XML). // // CORB cannot block images, scripts, stylesheets and other resources that the // web standards allows to be fetched in `no-cors` mode. CORB cannot block // these resources even if they are not explicitly labeled with their type - in // practice http servers may serve images as application/octet-stream or even as // text/html. OTOH, CORB *can* block all Content-Types that are very unlikely // to represent images, scripts, stylesheets, etc. - such Content-Types are // returned by GetNeverSniffedMimeTypes. // // Some of the Content-Types returned below might seem like a layering violation // (e.g. why would //services/network care about application/zip or // application/pdf or application/msword), but note that the decision to list a // Content-Type below is not driven by whether the type is handled above or // below //services/network layer. Instead the decision to list a Content-Type // below is driven by whether the Content-Type is unlikely to be attached to an // image, script, stylesheet or other subresource type that web standards // require to be fetched in `no-cors` mode. In particular, CORB would still // want to prevent cross-site disclosure of "application/msword" even if Chrome // did not support this type (AFAIK today this support is only present on // ChromeOS) in one of Chrome's many layers. Similarly, CORB wants to prevent // disclosure of "application/zip" even though Chrome doesn't have built-in // support for this resource type. And CORB also wants to protect // "application/pdf" even though Chrome happens to support this resource type. const auto& GetNeverSniffedMimeTypes() { … } } // namespace bool IsJavascriptMimeType(std::string_view mime_type) { … } MimeType GetCanonicalMimeType(std::string_view mime_type) { … } } // namespace network::orb
Codebase Browser
chromium