| // Copyright 2020 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| module network.mojom; |
| |
| import "mojo/public/mojom/base/time.mojom"; |
| import "services/network/public/mojom/content_security_policy.mojom"; |
| import "services/network/public/mojom/cross_origin_embedder_policy.mojom"; |
| import "services/network/public/mojom/cross_origin_opener_policy.mojom"; |
| import "services/network/public/mojom/link_header.mojom"; |
| import "services/network/public/mojom/timing_allow_origin.mojom"; |
| import "services/network/public/mojom/variants_header.mojom"; |
| import "services/network/public/mojom/web_client_hints_types.mojom"; |
| import "services/network/public/mojom/x_frame_options.mojom"; |
| |
| enum OriginAgentClusterValue { |
| kAbsent, // No Origin-Agent-Cluster header specified. |
| kTrue, // Origin-Agent-Cluster: ?1. |
| kFalse // Origin-Agent-Cluster: ?0. |
| }; |
| |
| // Holds the parsed representation of several security related HTTP headers. |
| // This struct should only be populated by network::PopulateParsedHeaders(). |
| // ParsedHeaders are used only for navigational requests and for worker and |
| // serviceworker main requests. They are ignored for subresources. |
| struct ParsedHeaders { |
| // The parsed Content-Security-Policy from the response headers. |
| array<ContentSecurityPolicy> content_security_policy; |
| |
| // The parsed value of the Allow-CSP-From response header. |
| AllowCSPFromHeaderValue? allow_csp_from; |
| |
| // The parsed representation of Cross-Origin-Embedder-Policy and |
| // Cross-Origin-Embedder-Policy-Report-Only headers. |
| CrossOriginEmbedderPolicy cross_origin_embedder_policy; |
| |
| // The parsed value of the Cross-Origin-Opener-Policy (COOP) and |
| // Cross-Origin-opener-Policy-Report-Only headers. |
| CrossOriginOpenerPolicy cross_origin_opener_policy; |
| |
| // The parsed value of the Origin-Agent-Cluster header. |
| OriginAgentClusterValue origin_agent_cluster; |
| |
| // The parsed Accept-CH from response headers. |
| // |
| // If this is missing, there is no valid accept-ch header, so client hints |
| // handling should not change. |
| // |
| // If this is present and an empty array, this means that client hints should |
| // be disabled (if updating client hint preference is valid in this context). |
| array<WebClientHintsType>? accept_ch; |
| |
| // The parsed Critical-CH response header. |
| // |
| // Should be parsed in the same way (i.e. same tokens and grammar) as the |
| // Accept-CH header. |
| // |
| // Indicates that if these headers are missing from the Client Hint |
| // preference storage but not otherwise blocked from being sent, the |
| // appropriate preferences should be stored and the request should be |
| // restarted (with the new client hint preferences taken into account). |
| // |
| // All hints present in the Critical-CH header SHOULD also be present in the |
| // Accept-CH header. |
| // |
| // An empty list means the headers value was empty (i.e. 'Critical-CH:'). A |
| // null value means the header was not present in the response. These are |
| // both functionally a no-op. |
| // |
| // For more information, see: |
| // https://tools.ietf.org/html/draft-davidben-http-client-hint-reliability#section-3 |
| array<WebClientHintsType>? critical_ch; |
| |
| // The parsed value of the X-Frame-Options header. |
| XFrameOptionsValue xfo = XFrameOptionsValue.kNone; |
| |
| // The parsed Link headers. |
| array<LinkHeader> link_headers; |
| |
| TimingAllowOrigin? timing_allow_origin; |
| |
| // TODO(crbug/1356449): Refactor this to handle Supports-Loading-Mode header |
| // more generally. |
| // Whether the parsed Supports-Loading-Mode header contains the |
| // "credential-prerender" value. |
| bool is_credentialed_prerender = false; |
| |
| // Parsed mapping of endpoint names to URLs from the Reporting-Endpoints |
| // header. Will be null if that header was not present in the response. |
| // URLs are represented here as strings, and have not been validated. |
| map<string,string>? reporting_endpoints; |
| |
| // The parsed Variants response header. |
| // |
| // Indicates that representations are available for a given resource at the |
| // time that the response is produced, by enumerating the request header |
| // fields that it varies on, along with a representation of the values that |
| // are available for each. |
| // |
| // If Structured Header parsing fails or a member's value does have the |
| // structure outlined as defined, the client MUST treat the representation as |
| // having no Variants header field. |
| // |
| // Variants header only contains Accept-Language values. Please update the |
| // description if it extends to support other header values. Also, it only be |
| // populated when kReduceAcceptLanguage feature enabled. |
| // |
| // For more information, see: |
| // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-variants-06#section-2. |
| array<VariantsHeader>? variants_headers; |
| |
| // The parsed value of the Content-Language header. |
| array<string>? content_language; |
| }; |