OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "content/public/common/origin_util.h" | |
6 | |
7 #include "base/lazy_instance.h" | |
8 #include "base/stl_util.h" | |
9 #include "content/public/common/content_client.h" | |
10 #include "net/base/net_util.h" | |
11 #include "url/gurl.h" | |
12 | |
13 namespace content { | |
14 | |
15 namespace { | |
16 | |
17 class SecureSchemeAndOriginSet { | |
18 public: | |
19 SecureSchemeAndOriginSet() { Reset(); } | |
20 ~SecureSchemeAndOriginSet() {} | |
21 | |
22 void Reset() { | |
23 GetContentClient()->AddSecureSchemesAndOrigins(&schemes_, &origins_); | |
24 } | |
25 | |
26 const std::set<std::string>& schemes() const { return schemes_; } | |
27 const std::set<GURL>& origins() const { return origins_; } | |
28 | |
29 private: | |
30 std::set<std::string> schemes_; | |
31 std::set<GURL> origins_; | |
32 }; | |
jochen (gone - plz use gerrit)
2015/04/24 14:03:56
disallow copy/assign
| |
33 | |
34 base::LazyInstance<SecureSchemeAndOriginSet>::Leaky g_trustworthy_whitelist = | |
35 LAZY_INSTANCE_INITIALIZER; | |
36 | |
37 } // namespace | |
38 | |
39 bool IsOriginSecure(const GURL& url) { | |
40 if (url.SchemeIsCryptographic() || url.SchemeIsFile()) | |
41 return true; | |
42 | |
43 if (url.SchemeIsFileSystem() && url.inner_url() && | |
44 IsOriginSecure(*url.inner_url())) { | |
45 return true; | |
46 } | |
47 | |
48 std::string hostname = url.HostNoBrackets(); | |
49 if (net::IsLocalhost(hostname)) | |
50 return true; | |
51 | |
52 if (ContainsKey(g_trustworthy_whitelist.Get().schemes(), url.scheme())) | |
53 return true; | |
54 | |
55 if (ContainsKey(g_trustworthy_whitelist.Get().origins(), url.GetOrigin())) | |
56 return true; | |
57 | |
58 return false; | |
59 } | |
60 | |
61 } // namespace content | |
OLD | NEW |