script/dom/html/
htmlheadelement.rs

1/* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
4
5use content_security_policy::{CspList, PolicyDisposition, PolicySource};
6use dom_struct::dom_struct;
7use html5ever::{LocalName, Prefix, local_name, ns};
8use js::rust::HandleObject;
9
10use crate::dom::bindings::codegen::Bindings::DocumentBinding::DocumentMethods;
11use crate::dom::bindings::inheritance::Castable;
12use crate::dom::bindings::root::DomRoot;
13use crate::dom::document::Document;
14use crate::dom::element::Element;
15use crate::dom::html::htmlelement::HTMLElement;
16use crate::dom::html::htmlmetaelement::HTMLMetaElement;
17use crate::dom::node::{BindContext, Node, NodeTraits, ShadowIncluding};
18use crate::dom::userscripts::load_script;
19use crate::dom::virtualmethods::VirtualMethods;
20use crate::script_runtime::CanGc;
21
22#[dom_struct]
23pub(crate) struct HTMLHeadElement {
24    htmlelement: HTMLElement,
25}
26
27impl HTMLHeadElement {
28    fn new_inherited(
29        local_name: LocalName,
30        prefix: Option<Prefix>,
31        document: &Document,
32    ) -> HTMLHeadElement {
33        HTMLHeadElement {
34            htmlelement: HTMLElement::new_inherited(local_name, prefix, document),
35        }
36    }
37
38    pub(crate) fn new(
39        local_name: LocalName,
40        prefix: Option<Prefix>,
41        document: &Document,
42        proto: Option<HandleObject>,
43        can_gc: CanGc,
44    ) -> DomRoot<HTMLHeadElement> {
45        let n = Node::reflect_node_with_proto(
46            Box::new(HTMLHeadElement::new_inherited(local_name, prefix, document)),
47            document,
48            proto,
49            can_gc,
50        );
51
52        n.upcast::<Node>().set_weird_parser_insertion_mode();
53        n
54    }
55
56    /// <https://html.spec.whatwg.org/multipage/#attr-meta-http-equiv-content-security-policy>
57    pub(crate) fn set_content_security_policy(&self) {
58        let doc = self.owner_document();
59
60        if doc.GetHead().as_deref() != Some(self) {
61            return;
62        }
63
64        let mut csp_list: Option<CspList> = None;
65        let node = self.upcast::<Node>();
66        let candidates = node
67            .traverse_preorder(ShadowIncluding::No)
68            .filter_map(DomRoot::downcast::<Element>)
69            .filter(|elem| elem.is::<HTMLMetaElement>())
70            .filter(|elem| {
71                elem.get_string_attribute(&local_name!("http-equiv"))
72                    .to_ascii_lowercase() ==
73                    *"content-security-policy"
74            })
75            .filter(|elem| {
76                elem.get_attribute(&ns!(), &local_name!("content"))
77                    .is_some()
78            });
79
80        for meta in candidates {
81            if let Some(ref content) = meta.get_attribute(&ns!(), &local_name!("content")) {
82                let content = content.value();
83                let content_val = content.trim();
84                if !content_val.is_empty() {
85                    let policies =
86                        CspList::parse(content_val, PolicySource::Meta, PolicyDisposition::Enforce);
87                    match csp_list {
88                        Some(ref mut csp_list) => csp_list.append(policies),
89                        None => csp_list = Some(policies),
90                    }
91                }
92            }
93        }
94
95        doc.set_csp_list(csp_list);
96    }
97}
98
99impl VirtualMethods for HTMLHeadElement {
100    fn super_type(&self) -> Option<&dyn VirtualMethods> {
101        Some(self.upcast::<HTMLElement>() as &dyn VirtualMethods)
102    }
103    fn bind_to_tree(&self, context: &BindContext, can_gc: CanGc) {
104        if let Some(s) = self.super_type() {
105            s.bind_to_tree(context, can_gc);
106        }
107        load_script(self);
108    }
109}