Chromium Code Reviews Chromium Code Reviews
Issue 1224293002:
Introduce 'url::Origin'. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@url-schemehostport| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef URL_ORIGIN_H_ | |
| 6 #define URL_ORIGIN_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 | |
| 10 #include "base/strings/string16.h" | |
| 11 #include "url/scheme_host_port.h" | |
| 12 #include "url/third_party/mozilla/url_parse.h" | |
| 13 #include "url/url_canon.h" | |
| 14 #include "url/url_constants.h" | |
| 15 #include "url/url_export.h" | |
| 16 | |
| 17 class GURL; | |
| 18 | |
| 19 namespace url { | |
| 20 | |
| 21 // An Origin is a tuple of (scheme, host, port), as described in RFC 6454. | |
| 22 // | |
| 23 // TL;DR: If you need to make a security-relevant decision, use 'url::Origin'. | |
| 24 // If you only need to extract the bits of a URL which are relevant for a | |
| 25 // network connection, use 'url::SchemeHostPort'. | |
| 26 // | |
| 27 // STL;SDR: If you aren't making actual network connections, use 'url::Origin'. | |
| 28 // | |
| 29 // 'Origin', like 'SchemeHostPort', is composed of a tuple of (scheme, host, | |
| 30 // port), but contains a number of additional concepts which make it appropriate | |
| 31 // for use as a security boundary and access control mechanism between contexts. | |
| 32 // | |
| 33 // This class ought to be used when code needs to determine if two resources | |
| 34 // are "same-origin", and when a canonical serialization of an origin is | |
| 35 // required. Note that some origins are "unique", meaning that they are not | |
| 36 // same-origin with any other origin (including themselves). | |
| 37 // | |
| 38 // There are a few subtleties to note: | |
| 39 // | |
| 40 // * Invalid and non-standard GURLs are parsed as unique origins. This includes | |
| 41 // non-hierarchical URLs like 'data:text/html,...' and 'javascript:alert(1)'. | |
| 42 // | |
| 43 // * GURLs with schemes of 'filesystem' or 'blob' parse the origin out of the | |
| 44 // internals of the URL. That is, 'filesystem:https://example.com/temporary/f' | |
| 45 // is parsed as ('https', 'example.com', 443). | |
| 46 // | |
| 47 // * Unique origins all serialize to the string "null"; this means that the | |
| 48 // serializations of two unique origins are identical to each other, though | |
| 49 // the origins themselves are not "the same". This means that origins' | |
| 50 // serializations must not be relied upon for security checks. | |
| 51 // | |
| 52 // * GURLs with a 'file' scheme are tricky. They are parsed as ('file', '', 0), | |
| 53 // but their behavior may differ from embedder to embedder. | |
| 54 // | |
| 55 // * The host component of an IPv6 address includes brackets, just like the URL | |
| 56 // representation. | |
| 57 // | |
| 58 // Usage: | |
| 59 // | |
| 60 // * Origins are generally constructed from an already-canonicalized GURL: | |
| 61 // | |
| 62 // GURL url("https://example.com/"); | |
| 63 // url::Origin origin(url); | |
| 64 // origin.scheme(); // "https" | |
| 65 // origin.host(); // "example.com" | |
| 66 // origin.port(); // 443 | |
| 67 // origin.IsUnique(); // false | |
| 68 // | |
| 69 // * To answer the question "Are |this| and |that| "same-origin" with each | |
| 70 // other?", use |Origin::IsSameOriginWith|: | |
| 71 // | |
| 72 // if (this.IsSameOriginWith(that)) { | |
| 73 // // Amazingness goes here. | |
| 74 // } | |
| 75 class URL_EXPORT Origin { | |
| 76 public: | |
| 77 // Creates a unique Origin. | |
| 78 Origin(); | |
| 79 | |
| 80 // Creates an Origin from |url|, as described at | |
| 81 // https://url.spec.whatwg.org/#origin, with the following additions: | |
| 82 // | |
| 83 // 1. If |url| is invalid or non-standard, a unique Origin is constructed. | |
| 84 // 2. 'filesystem' URLs behave as 'blob' URLs (that is, the origin is parsed | |
| 85 // out of everything in the URL which follows the scheme). | |
| 86 // 3. 'file' URLs all parse as ("file", "", 0). | |
| 87 explicit Origin(const GURL& url); | |
| 88 | |
| 89 ~Origin(); | |
| 90 | |
| 91 // For unique origins, these return ("", "", 0). | |
| 92 // | |
| 93 // TODO(mkwst): These should be 'const std::string&', along with their | |
| 94 // 'url::SchemeHostPort' analogs. | |
| 95 std::string scheme() const { return tuple_.scheme(); } | |
| 96 std::string host() const { return tuple_.host(); } | |
| 97 uint16 port() const { return tuple_.port(); } | |
| 98 | |
| 99 bool unique() const { return unique_; } | |
| 100 | |
| 101 // An ASCII serialization of the Origin as per Section 6.2 of RFC 6454, with | |
| 102 // the addition that all Origins with a 'file' scheme serialize to "file://". | |
| 103 std::string Serialize() const; | |
| 104 | |
| 105 // Two Origins are "same-origin" if their schemes, hosts, and ports are exact | |
| 106 // matches; and neither is unique. | |
| 107 bool IsSameOriginWith(const Origin& other) const; | |
| 108 | |
| 109 // Allows SchemeHostPort to used as a key in STL (for example, a std::set or | |
|
nasko
2015/07/22 12:51:19
nit: s/SchemeHostPort/Origin/?
| |
| 110 // std::map). | |
| 111 bool operator<(const Origin& other) const; | |
| 112 | |
| 113 private: | |
| 114 SchemeHostPort tuple_; | |
| 115 bool unique_; | |
| 116 | |
| 117 DISALLOW_COPY_AND_ASSIGN(Origin); | |
| 118 }; | |
| 119 | |
| 120 URL_EXPORT std::ostream& operator<<(std::ostream& out, | |
| 121 const Origin& origin); | |
| 122 | |
| 123 } // namespace url | |
| 124 | |
| 125 #endif // URL_SCHEME_HOST_PORT_H_ | |
| OLD | NEW |
