OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
182 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesSet, fetchAPISchemes, ()); | 182 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesSet, fetchAPISchemes, ()); |
183 | 183 |
184 if (fetchAPISchemes.isEmpty()) { | 184 if (fetchAPISchemes.isEmpty()) { |
185 fetchAPISchemes.add("http"); | 185 fetchAPISchemes.add("http"); |
186 fetchAPISchemes.add("https"); | 186 fetchAPISchemes.add("https"); |
187 } | 187 } |
188 | 188 |
189 return fetchAPISchemes; | 189 return fetchAPISchemes; |
190 } | 190 } |
191 | 191 |
| 192 static URLSchemesSet& firstPartyWhenTopLevelSchemes() |
| 193 { |
| 194 assertLockHeld(); |
| 195 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesSet, firstPartyWhenTopLevelSchemes, (
)); |
| 196 return firstPartyWhenTopLevelSchemes; |
| 197 } |
| 198 |
192 static URLSchemesMap<SchemeRegistry::PolicyAreas>& ContentSecurityPolicyBypassin
gSchemes() | 199 static URLSchemesMap<SchemeRegistry::PolicyAreas>& ContentSecurityPolicyBypassin
gSchemes() |
193 { | 200 { |
194 assertLockHeld(); | 201 assertLockHeld(); |
195 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesMap<SchemeRegistry::PolicyAreas>, sch
emes, ()); | 202 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesMap<SchemeRegistry::PolicyAreas>, sch
emes, ()); |
196 return schemes; | 203 return schemes; |
197 } | 204 } |
198 | 205 |
199 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme) | 206 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme) |
200 { | 207 { |
201 if (scheme.isEmpty()) | 208 if (scheme.isEmpty()) |
(...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
373 } | 380 } |
374 | 381 |
375 bool SchemeRegistry::shouldTreatURLSchemeAsSupportingFetchAPI(const String& sche
me) | 382 bool SchemeRegistry::shouldTreatURLSchemeAsSupportingFetchAPI(const String& sche
me) |
376 { | 383 { |
377 if (scheme.isEmpty()) | 384 if (scheme.isEmpty()) |
378 return false; | 385 return false; |
379 MutexLocker locker(mutex()); | 386 MutexLocker locker(mutex()); |
380 return fetchAPISchemes().contains(scheme); | 387 return fetchAPISchemes().contains(scheme); |
381 } | 388 } |
382 | 389 |
| 390 void SchemeRegistry::registerURLSchemeAsFirstPartyWhenTopLevel(const String& sch
eme) |
| 391 { |
| 392 MutexLocker locker(mutex()); |
| 393 firstPartyWhenTopLevelSchemes().add(scheme); |
| 394 } |
| 395 |
| 396 bool SchemeRegistry::shouldTreatURLSchemeAsFirstPartyWhenTopLevel(const String&
scheme) |
| 397 { |
| 398 if (scheme.isEmpty()) |
| 399 return false; |
| 400 MutexLocker locker(mutex()); |
| 401 return firstPartyWhenTopLevelSchemes().contains(scheme); |
| 402 } |
| 403 |
383 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(const Str
ing& scheme, PolicyAreas policyAreas) | 404 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(const Str
ing& scheme, PolicyAreas policyAreas) |
384 { | 405 { |
385 MutexLocker locker(mutex()); | 406 MutexLocker locker(mutex()); |
386 ContentSecurityPolicyBypassingSchemes().add(scheme, policyAreas); | 407 ContentSecurityPolicyBypassingSchemes().add(scheme, policyAreas); |
387 } | 408 } |
388 | 409 |
389 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(c
onst String& scheme) | 410 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(c
onst String& scheme) |
390 { | 411 { |
391 MutexLocker locker(mutex()); | 412 MutexLocker locker(mutex()); |
392 ContentSecurityPolicyBypassingSchemes().remove(scheme); | 413 ContentSecurityPolicyBypassingSchemes().remove(scheme); |
393 } | 414 } |
394 | 415 |
395 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& schem
e, PolicyAreas policyAreas) | 416 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& schem
e, PolicyAreas policyAreas) |
396 { | 417 { |
397 ASSERT(policyAreas != PolicyAreaNone); | 418 ASSERT(policyAreas != PolicyAreaNone); |
398 if (scheme.isEmpty() || policyAreas == PolicyAreaNone) | 419 if (scheme.isEmpty() || policyAreas == PolicyAreaNone) |
399 return false; | 420 return false; |
400 | 421 |
401 // get() returns 0 (PolicyAreaNone) if there is no entry in the map. | 422 // get() returns 0 (PolicyAreaNone) if there is no entry in the map. |
402 // Thus by default, schemes do not bypass CSP. | 423 // Thus by default, schemes do not bypass CSP. |
403 MutexLocker locker(mutex()); | 424 MutexLocker locker(mutex()); |
404 return (ContentSecurityPolicyBypassingSchemes().get(scheme) & policyAreas) =
= policyAreas; | 425 return (ContentSecurityPolicyBypassingSchemes().get(scheme) & policyAreas) =
= policyAreas; |
405 } | 426 } |
406 | 427 |
407 } // namespace blink | 428 } // namespace blink |
OLD | NEW |