CSP, PlzNavigate: make clear what happens with unique origins.

content/common/content_security_policy/csp_context.h

 // Copyright 2017 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_
 #define CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_
 
 #include <vector>
 
+#include "base/optional.h"
 #include "content/common/content_export.h"
 #include "content/common/content_security_policy/content_security_policy.h"
 #include "content/common/content_security_policy_header.h"
 #include "content/common/navigation_params.h"
 #include "url/gurl.h"
 #include "url/origin.h"
 
 namespace content {
 
 struct CSPViolationParams;
@@ skipping 32 matching lines @@
                       CheckCSPDisposition check_csp_disposition);
 
   // Returns true if the request URL needs to be modified (e.g. upgraded to
   // HTTPS) according to the CSP. If true, |new_url| will contain the new URL
   // that should be used instead of |url|.
   bool ShouldModifyRequestUrlForCsp(const GURL& url,
                                     bool is_suresource_or_form_submssion,
                                     GURL* new_url);
 
   void SetSelf(const url::Origin origin);
-  bool AllowSelf(const GURL& url);
-  bool ProtocolIsSelf(const GURL& url);
-  const std::string& GetSelfScheme();
+
+  // When a CSPSourceList contains 'self', the url is allowed when it match the
+  // CSPSource returned by this function.
+  // Sometimes there is no 'self' source. It means that the current origin is
+  // unique and no urls will match 'self' whatever they are.
+  // Note: When there is a 'self' source, its scheme is guaranteed to be
+  // non-empty.
+  const base::Optional<CSPSource>& self_source() { return self_source_; }
 
   virtual void ReportContentSecurityPolicyViolation(
       const CSPViolationParams& violation_params);
 
-  bool SelfSchemeShouldBypassCsp();
-
   void ResetContentSecurityPolicies() { policies_.clear(); }
   void AddContentSecurityPolicy(const ContentSecurityPolicy& policy) {
     policies_.push_back(policy);
   }
 
   virtual bool SchemeShouldBypassCSP(const base::StringPiece& scheme);
 
   // For security reasons, some urls must not be disclosed cross-origin in
   // violation reports. This includes the blocked url and the url of the
   // initiator of the navigation. This information is potentially transmitted
   // between different renderer processes.
   // TODO(arthursonzogni): Stop hiding sensitive parts of URLs in console error
   // messages as soon as there is a way to send them to the devtools process
   // without the round trip in the renderer process.
   // See https://crbug.com/721329
   virtual void SanitizeDataForUseInCspViolation(
       bool is_redirect,
       CSPDirective::Name directive,
       GURL* blocked_url,
       SourceLocation* source_location) const;
 
  private:
-  bool has_self_ = false;
-  std::string self_scheme_;
-  CSPSource self_source_;
-
+  base::Optional<CSPSource> self_source_;
   std::vector<ContentSecurityPolicy> policies_;
 
   DISALLOW_COPY_AND_ASSIGN(CSPContext);
 };
 
 // Used in CSPContext::ReportViolation()
 struct CONTENT_EXPORT CSPViolationParams {
   CSPViolationParams();
   CSPViolationParams(const std::string& directive,
                      const std::string& effective_directive,
@@ skipping 33 matching lines @@
 
   // Whether or not the violation happens after a redirect.
   bool after_redirect;
 
   // The source code location that triggered the blocked navigation.
   SourceLocation source_location;
 };
 
 }  // namespace content
 #endif  // CONTENT_COMMON_CONTENT_SECURITY_POLICY_CSP_CONTEXT_H_