Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(196)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/platform/weborigin/SchemeRegistry.cpp

Issue 1191793003: [Service Worker Registration] removed protocolIsInHTTPFamily and replaced with SchemeRegistry check (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Comments Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Source/platform/weborigin/SchemeRegistry.h ('k') | Source/web/WebSecurityPolicy.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. 2 * Copyright (C) 2010 Apple Inc. All Rights Reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after
153 153
154 if (CORSEnabledSchemes.isEmpty()) { 154 if (CORSEnabledSchemes.isEmpty()) {
155 CORSEnabledSchemes.add("http"); 155 CORSEnabledSchemes.add("http");
156 CORSEnabledSchemes.add("https"); 156 CORSEnabledSchemes.add("https");
157 CORSEnabledSchemes.add("data"); 157 CORSEnabledSchemes.add("data");
158 } 158 }
159 159
160 return CORSEnabledSchemes; 160 return CORSEnabledSchemes;
161 } 161 }
162 162
163 static URLSchemesSet& serviceWorkerSchemes()
164 {
165 assertLockHeld();
166 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesSet, serviceWorkerSchemes, ());
167
168 if (serviceWorkerSchemes.isEmpty()) {
169 // HTTP is required because http://localhost is considered secure.
170 // Additional checks are performed to ensure that other http pages
171 // are filtered out.
172 serviceWorkerSchemes.add("http");
173 serviceWorkerSchemes.add("https");
174 }
175
176 return serviceWorkerSchemes;
177 }
178
163 static URLSchemesMap<SchemeRegistry::PolicyAreas>& ContentSecurityPolicyBypassin gSchemes() 179 static URLSchemesMap<SchemeRegistry::PolicyAreas>& ContentSecurityPolicyBypassin gSchemes()
164 { 180 {
165 assertLockHeld(); 181 assertLockHeld();
166 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesMap<SchemeRegistry::PolicyAreas>, sch emes, ()); 182 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesMap<SchemeRegistry::PolicyAreas>, sch emes, ());
167 return schemes; 183 return schemes;
168 } 184 }
169 185
170 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme) 186 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme)
171 { 187 {
172 if (scheme.isEmpty()) 188 if (scheme.isEmpty())
(...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after
316 builder.append(scheme); 332 builder.append(scheme);
317 } 333 }
318 return builder.toString(); 334 return builder.toString();
319 } 335 }
320 336
321 bool SchemeRegistry::shouldTreatURLSchemeAsLegacy(const String& scheme) 337 bool SchemeRegistry::shouldTreatURLSchemeAsLegacy(const String& scheme)
322 { 338 {
323 return equalIgnoringCase("ftp", scheme) || equalIgnoringCase("gopher", schem e); 339 return equalIgnoringCase("ftp", scheme) || equalIgnoringCase("gopher", schem e);
324 } 340 }
325 341
342 void SchemeRegistry::registerURLSchemeAsAllowingServiceWorkers(const String& sch eme)
343 {
344 MutexLocker locker(mutex());
345 serviceWorkerSchemes().add(scheme);
346 }
347
348 bool SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers(const String& scheme)
349 {
350 if (scheme.isEmpty())
351 return false;
352 MutexLocker locker(mutex());
353 return serviceWorkerSchemes().contains(scheme);
354 }
355
326 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(const Str ing& scheme, PolicyAreas policyAreas) 356 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(const Str ing& scheme, PolicyAreas policyAreas)
327 { 357 {
328 MutexLocker locker(mutex()); 358 MutexLocker locker(mutex());
329 ContentSecurityPolicyBypassingSchemes().add(scheme, policyAreas); 359 ContentSecurityPolicyBypassingSchemes().add(scheme, policyAreas);
330 } 360 }
331 361
332 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(c onst String& scheme) 362 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(c onst String& scheme)
333 { 363 {
334 MutexLocker locker(mutex()); 364 MutexLocker locker(mutex());
335 ContentSecurityPolicyBypassingSchemes().remove(scheme); 365 ContentSecurityPolicyBypassingSchemes().remove(scheme);
336 } 366 }
337 367
338 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& schem e, PolicyAreas policyAreas) 368 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& schem e, PolicyAreas policyAreas)
339 { 369 {
340 ASSERT(policyAreas != PolicyAreaNone); 370 ASSERT(policyAreas != PolicyAreaNone);
341 if (scheme.isEmpty() || policyAreas == PolicyAreaNone) 371 if (scheme.isEmpty() || policyAreas == PolicyAreaNone)
342 return false; 372 return false;
343 373
344 // get() returns 0 (PolicyAreaNone) if there is no entry in the map. 374 // get() returns 0 (PolicyAreaNone) if there is no entry in the map.
345 // Thus by default, schemes do not bypass CSP. 375 // Thus by default, schemes do not bypass CSP.
346 MutexLocker locker(mutex()); 376 MutexLocker locker(mutex());
347 return (ContentSecurityPolicyBypassingSchemes().get(scheme) & policyAreas) = = policyAreas; 377 return (ContentSecurityPolicyBypassingSchemes().get(scheme) & policyAreas) = = policyAreas;
348 } 378 }
349 379
350 } // namespace blink 380 } // namespace blink
OLDNEW
« no previous file with comments | « Source/platform/weborigin/SchemeRegistry.h ('k') | Source/web/WebSecurityPolicy.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698