| // Copyright 2019 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| module network.mojom; |
| |
| import "url/mojom/url.mojom"; |
| import "mojo/public/mojom/base/unguessable_token.mojom"; |
| import "services/network/public/mojom/source_location.mojom"; |
| |
| enum CoopAccessReportType { |
| kAccessFromCoopPageToOpener, |
| kAccessFromCoopPageToOpenee, |
| kAccessFromCoopPageToOther, |
| kAccessToCoopPageFromOpener, |
| kAccessToCoopPageFromOpenee, |
| kAccessToCoopPageFromOther, |
| }; |
| |
| // Reports potential COOP violations. Implemented in the browser process. |
| interface CrossOriginOpenerPolicyReporter { |
| // Sends a report when two browsing contexts from different virtual browsing |
| // context groups tries to access each other. |
| // - |property| is the name of the access property (postMessage, open, ...). |
| // - |source_location| represents the line of code that triggered the access. |
| // - |reported_window_url| the sanitized URL of the second window. Empty when |
| // cross-origin with the reporting window. |
| QueueAccessReport(CoopAccessReportType report_type, string property, |
| SourceLocation source_location, |
| string reported_window_url); |
| }; |
| |
| // Used to configure AccessMonitors in the renderer process that will report |
| // accesses to a CrossOriginOpenerPolicyReporter. |
| struct CrossOriginOpenerPolicyReporterParams { |
| // The type of report generated by the reporter. |
| network.mojom.CoopAccessReportType report_type; |
| |
| // The interface used to queue reports. |
| pending_remote<network.mojom.CrossOriginOpenerPolicyReporter> reporter; |
| |
| // Whether the COOP header has at least defines one endpoint defined. When |
| // there are none, no ReportingObserver event will be emitted since the |
| // developer of the document is likely not interested in receiving them. |
| bool endpoint_defined; |
| |
| // The reported window's sanitized URL. This corresponds to openerURL, |
| // openeeURL or otherDocumentURL depending on the |report_type|. |
| string reported_window_url; |
| }; |
| |
| // Cross-Origin-Opener-Policy enum representing parsed values. |
| enum CrossOriginOpenerPolicyValue { |
| // No restriction is applied, the relationship is kept with openers and |
| // opened documents. |
| kUnsafeNone, |
| |
| // Severs the opener relationship with openers that are not same-origin while |
| // keeping the relationship with opened documents, provided they don't have a |
| // Cross-Origin-Opener-Policy themselves. |
| kSameOriginAllowPopups, |
| |
| // Severs the opener relationship with openers/opened documents that are not |
| // same-origin. |
| kSameOrigin, |
| |
| // COOP: same-origin with a COEP value compatible with crossOriginIsolation. |
| kSameOriginPlusCoep, |
| |
| // Restrict which window properties other pages can interact with and vice |
| // versa. Access of "closed" and "postMessage" remains possible across |
| // openers. |
| kRestrictProperties, |
| |
| // COOP: restrict-properties with a COEP value compatible with |
| // crossOriginIsolation. |
| kRestrictPropertiesPlusCoep, |
| }; |
| |
| // Cross-Origin-Opener-Policy enum representing parsed values. |
| // Following spec draft: |
| // https://gist.github.com/annevk/6f2dd8c79c77123f39797f6bdac43f3e |
| struct CrossOriginOpenerPolicy { |
| // The value of the policy. |
| CrossOriginOpenerPolicyValue value = |
| CrossOriginOpenerPolicyValue.kUnsafeNone; |
| // The reporting endpoint for the policy. |
| string? reporting_endpoint; |
| // The value for the "report only" mode. |
| CrossOriginOpenerPolicyValue report_only_value = |
| CrossOriginOpenerPolicyValue.kUnsafeNone; |
| // The reporting endpoint for the "report only" mode. |
| string? report_only_reporting_endpoint; |
| // The value of the policy when the default value of COOP is |
| // same-origin-allow-popups. |
| CrossOriginOpenerPolicyValue soap_by_default_value = |
| CrossOriginOpenerPolicyValue.kUnsafeNone; |
| }; |