Index: Source/platform/weborigin/SecurityPolicy.cpp |
diff --git a/Source/platform/weborigin/SecurityPolicy.cpp b/Source/platform/weborigin/SecurityPolicy.cpp |
index 75508c58fafa23b70d4cdbf8b5b300142ecc14be..3251a694b1e77964a096b8289fb62145591fa4a4 100644 |
--- a/Source/platform/weborigin/SecurityPolicy.cpp |
+++ b/Source/platform/weborigin/SecurityPolicy.cpp |
@@ -34,6 +34,7 @@ |
#include "platform/weborigin/OriginAccessEntry.h" |
#include "platform/weborigin/SecurityOrigin.h" |
#include "wtf/HashMap.h" |
+#include "wtf/HashSet.h" |
#include "wtf/MainThread.h" |
#include "wtf/OwnPtr.h" |
#include "wtf/PassOwnPtr.h" |
@@ -42,8 +43,9 @@ |
namespace blink { |
-typedef Vector<OriginAccessEntry> OriginAccessWhiteList; |
-typedef HashMap<String, OwnPtr<OriginAccessWhiteList>> OriginAccessMap; |
+using OriginAccessWhiteList = Vector<OriginAccessEntry>; |
+using OriginAccessMap = HashMap<String, OwnPtr<OriginAccessWhiteList>>; |
+using OriginSet = HashSet<String>; |
static OriginAccessMap& originAccessMap() |
{ |
@@ -51,6 +53,12 @@ static OriginAccessMap& originAccessMap() |
return originAccessMap; |
} |
+static OriginSet& trustworthyOriginSet() |
+{ |
+ DEFINE_STATIC_LOCAL(OriginSet, trustworthyOriginSet, ()); |
+ return trustworthyOriginSet; |
+} |
+ |
bool SecurityPolicy::shouldHideReferrer(const KURL& url, const String& referrer) |
{ |
bool referrerIsSecureURL = protocolIs(referrer, "https"); |
@@ -116,6 +124,22 @@ Referrer SecurityPolicy::generateReferrer(ReferrerPolicy referrerPolicy, const K |
return Referrer(shouldHideReferrer(url, referrer) ? String() : referrer, referrerPolicy); |
} |
+void SecurityPolicy::addOriginTrustworthyWhiteList(PassRefPtr<SecurityOrigin> origin) |
+{ |
+ // Must be called before we start other threads. |
+ ASSERT(WTF::isBeforeThreadCreated()); |
+ if (origin->isUnique()) |
+ return; |
+ trustworthyOriginSet().add(origin->toRawString()); |
+} |
+ |
+bool SecurityPolicy::isOriginWhiteListedTrustworthy(const SecurityOrigin& origin) |
+{ |
+ if (origin.isUnique()) |
+ return false; |
+ return trustworthyOriginSet().contains(origin.toRawString()); |
+} |
+ |
bool SecurityPolicy::isAccessWhiteListed(const SecurityOrigin* activeOrigin, const SecurityOrigin* targetOrigin) |
{ |
if (OriginAccessWhiteList* list = originAccessMap().get(activeOrigin->toString())) { |