[Service Worker Registration] removed protocolIsInHTTPFamily and replaced with SchemeRegistry check

Source/modules/serviceworkers/ServiceWorkerContainer.cpp

 /*
  * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 30 matching lines @@
 #include "core/dom/ExecutionContext.h"
 #include "core/dom/MessagePort.h"
 #include "core/events/MessageEvent.h"
 #include "core/frame/LocalDOMWindow.h"
 #include "modules/EventTargetModules.h"
 #include "modules/serviceworkers/ServiceWorker.h"
 #include "modules/serviceworkers/ServiceWorkerContainerClient.h"
 #include "modules/serviceworkers/ServiceWorkerError.h"
 #include "modules/serviceworkers/ServiceWorkerRegistration.h"
 #include "platform/RuntimeEnabledFeatures.h"
+#include "platform/weborigin/SchemeRegistry.h"
 #include "public/platform/WebServiceWorker.h"
 #include "public/platform/WebServiceWorkerProvider.h"
 #include "public/platform/WebServiceWorkerRegistration.h"
 #include "public/platform/WebString.h"
 #include "public/platform/WebURL.h"
 
 namespace blink {
 
 class RegistrationCallback : public WebServiceWorkerProvider::WebServiceWorkerRegistrationCallbacks {
 public:
@@ skipping 145 matching lines @@
         return promise;
     }
 
     ExecutionContext* executionContext = scriptState->executionContext();
     // FIXME: May be null due to worker termination: http://crbug.com/413518.
     if (!executionContext)
         return ScriptPromise();
 
     RefPtr<SecurityOrigin> documentOrigin = executionContext->securityOrigin();
     String errorMessage;
     if (!executionContext->isPrivilegedContext(errorMessage)) {

[Devlin, 2015/06/29 19:54:44]

so let's say (courtesy of falken@)
// Restrict to secure origins:
https://w3c.github.io/webappsec/specs/powerfulfeatures/#settings-privileged

         resolver->reject(DOMException::create(NotSupportedError, errorMessage));
         return promise;
     }
 
     KURL pageURL = KURL(KURL(), documentOrigin->toString());
-    if (!pageURL.protocolIsInHTTPFamily()) {
+    // There is a check that a context is privileged before checking the scheme.

[Devlin, 2015/06/29 19:54:43]

nit: It's better to comment exactly where the relevant code is, so that when
someone updates the code, they are more likely to update the comment, as well. 
So we can remove this comment in favor of the one you already have in scheme
registry and the one that should go above.

+    // URL scheme occurs after to filter out things like blobs and files.
+    // HTTP is required because http://localhost is considered secure.
+    if (!SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers(pageURL.protocol())) {
         resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The URL protocol of the current origin ('" + documentOrigin->toString() + "') is not supported."));
         return promise;
     }
 
     KURL scriptURL = callingExecutionContext(scriptState->isolate())->completeURL(url);
     scriptURL.removeFragmentIdentifier();
     if (!documentOrigin->canRequest(scriptURL)) {
         RefPtr<SecurityOrigin> scriptOrigin = SecurityOrigin::create(scriptURL);
         resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The origin of the provided scriptURL ('" + scriptOrigin->toString() + "') does not match the current origin ('" + documentOrigin->toString() + "')."));
         return promise;
     }
-    if (!scriptURL.protocolIsInHTTPFamily()) {
+    if (!SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers(scriptURL.protocol())) {
         resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The URL protocol of the script ('" + scriptURL.string() + "') is not supported."));
         return promise;
     }
 
     KURL patternURL;
     if (options.scope().isNull())
         patternURL = KURL(scriptURL, "./");
     else
         patternURL = callingExecutionContext(scriptState->isolate())->completeURL(options.scope());
     patternURL.removeFragmentIdentifier();
 
     if (!documentOrigin->canRequest(patternURL)) {
         RefPtr<SecurityOrigin> patternOrigin = SecurityOrigin::create(patternURL);
         resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The origin of the provided scope ('" + patternOrigin->toString() + "') does not match the current origin ('" + documentOrigin->toString() + "')."));
         return promise;
     }
-    if (!patternURL.protocolIsInHTTPFamily()) {
+    if (!SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers(patternURL.protocol())) {
         resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The URL protocol of the scope ('" + patternURL.string() + "') is not supported."));
         return promise;
     }
 
     m_provider->registerServiceWorker(patternURL, scriptURL, new RegistrationCallback(resolver));
 
     return promise;
 }
 
 ScriptPromise ServiceWorkerContainer::getRegistration(ScriptState* scriptState, const String& documentURL)
@@ skipping 12 matching lines @@
         return ScriptPromise();
 
     RefPtr<SecurityOrigin> documentOrigin = executionContext->securityOrigin();
     String errorMessage;
     if (!executionContext->isPrivilegedContext(errorMessage)) {
         resolver->reject(DOMException::create(NotSupportedError, errorMessage));
         return promise;
     }
 
     KURL pageURL = KURL(KURL(), documentOrigin->toString());
-    if (!pageURL.protocolIsInHTTPFamily()) {
+    if (!SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers(pageURL.protocol())) {
         resolver->reject(DOMException::create(SecurityError, "Failed to get a ServiceWorkerRegistration: The URL protocol of the current origin ('" + documentOrigin->toString() + "') is not supported."));
         return promise;
     }
 
     KURL completedURL = callingExecutionContext(scriptState->isolate())->completeURL(documentURL);
     completedURL.removeFragmentIdentifier();
     if (!documentOrigin->canRequest(completedURL)) {
         RefPtr<SecurityOrigin> documentURLOrigin = SecurityOrigin::create(completedURL);
         resolver->reject(DOMException::create(SecurityError, "Failed to get a ServiceWorkerRegistration: The origin of the provided documentURL ('" + documentURLOrigin->toString() + "') does not match the current origin ('" + documentOrigin->toString() + "')."));
         return promise;
@@ skipping 15 matching lines @@
 
     ExecutionContext* executionContext = scriptState->executionContext();
     RefPtr<SecurityOrigin> documentOrigin = executionContext->securityOrigin();
     String errorMessage;
     if (!executionContext->isPrivilegedContext(errorMessage)) {
         resolver->reject(DOMException::create(NotSupportedError, errorMessage));
         return promise;
     }
 
     KURL pageURL = KURL(KURL(), documentOrigin->toString());
-    if (!pageURL.protocolIsInHTTPFamily()) {
+    if (!SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers(pageURL.protocol())) {
         resolver->reject(DOMException::create(SecurityError, "Failed to get ServiceWorkerRegistration objects: The URL protocol of the current origin ('" + documentOrigin->toString() + "') is not supported."));
         return promise;
     }
 
     m_provider->getRegistrations(new GetRegistrationsCallback(resolver));
 
     return promise;
 }
 
 ServiceWorkerContainer::ReadyProperty* ServiceWorkerContainer::createReadyProperty()
@@ skipping 65 matching lines @@
         return;
 
     if (ServiceWorkerContainerClient* client = ServiceWorkerContainerClient::from(executionContext)) {
         m_provider = client->provider();
         if (m_provider)
             m_provider->setClient(this);
     }
 }
 
 } // namespace blink