OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
169 // HTTP is required because http://localhost is considered secure. | 169 // HTTP is required because http://localhost is considered secure. |
170 // Additional checks are performed to ensure that other http pages | 170 // Additional checks are performed to ensure that other http pages |
171 // are filtered out. | 171 // are filtered out. |
172 serviceWorkerSchemes.add("http"); | 172 serviceWorkerSchemes.add("http"); |
173 serviceWorkerSchemes.add("https"); | 173 serviceWorkerSchemes.add("https"); |
174 } | 174 } |
175 | 175 |
176 return serviceWorkerSchemes; | 176 return serviceWorkerSchemes; |
177 } | 177 } |
178 | 178 |
| 179 static URLSchemesSet& fetchAPISchemes() |
| 180 { |
| 181 assertLockHeld(); |
| 182 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesSet, fetchAPISchemes, ()); |
| 183 |
| 184 if (fetchAPISchemes.isEmpty()) { |
| 185 fetchAPISchemes.add("http"); |
| 186 fetchAPISchemes.add("https"); |
| 187 } |
| 188 |
| 189 return fetchAPISchemes; |
| 190 } |
| 191 |
179 static URLSchemesMap<SchemeRegistry::PolicyAreas>& ContentSecurityPolicyBypassin
gSchemes() | 192 static URLSchemesMap<SchemeRegistry::PolicyAreas>& ContentSecurityPolicyBypassin
gSchemes() |
180 { | 193 { |
181 assertLockHeld(); | 194 assertLockHeld(); |
182 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesMap<SchemeRegistry::PolicyAreas>, sch
emes, ()); | 195 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesMap<SchemeRegistry::PolicyAreas>, sch
emes, ()); |
183 return schemes; | 196 return schemes; |
184 } | 197 } |
185 | 198 |
186 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme) | 199 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme) |
187 { | 200 { |
188 if (scheme.isEmpty()) | 201 if (scheme.isEmpty()) |
(...skipping 157 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
346 } | 359 } |
347 | 360 |
348 bool SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers(const String&
scheme) | 361 bool SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers(const String&
scheme) |
349 { | 362 { |
350 if (scheme.isEmpty()) | 363 if (scheme.isEmpty()) |
351 return false; | 364 return false; |
352 MutexLocker locker(mutex()); | 365 MutexLocker locker(mutex()); |
353 return serviceWorkerSchemes().contains(scheme); | 366 return serviceWorkerSchemes().contains(scheme); |
354 } | 367 } |
355 | 368 |
| 369 void SchemeRegistry::registerURLSchemeAsSupportingFetchAPI(const String& scheme) |
| 370 { |
| 371 MutexLocker locker(mutex()); |
| 372 fetchAPISchemes().add(scheme); |
| 373 } |
| 374 |
| 375 bool SchemeRegistry::shouldTreatURLSchemeAsSupportingFetchAPI(const String& sche
me) |
| 376 { |
| 377 if (scheme.isEmpty()) |
| 378 return false; |
| 379 MutexLocker locker(mutex()); |
| 380 return fetchAPISchemes().contains(scheme); |
| 381 } |
| 382 |
356 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(const Str
ing& scheme, PolicyAreas policyAreas) | 383 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(const Str
ing& scheme, PolicyAreas policyAreas) |
357 { | 384 { |
358 MutexLocker locker(mutex()); | 385 MutexLocker locker(mutex()); |
359 ContentSecurityPolicyBypassingSchemes().add(scheme, policyAreas); | 386 ContentSecurityPolicyBypassingSchemes().add(scheme, policyAreas); |
360 } | 387 } |
361 | 388 |
362 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(c
onst String& scheme) | 389 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(c
onst String& scheme) |
363 { | 390 { |
364 MutexLocker locker(mutex()); | 391 MutexLocker locker(mutex()); |
365 ContentSecurityPolicyBypassingSchemes().remove(scheme); | 392 ContentSecurityPolicyBypassingSchemes().remove(scheme); |
366 } | 393 } |
367 | 394 |
368 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& schem
e, PolicyAreas policyAreas) | 395 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& schem
e, PolicyAreas policyAreas) |
369 { | 396 { |
370 ASSERT(policyAreas != PolicyAreaNone); | 397 ASSERT(policyAreas != PolicyAreaNone); |
371 if (scheme.isEmpty() || policyAreas == PolicyAreaNone) | 398 if (scheme.isEmpty() || policyAreas == PolicyAreaNone) |
372 return false; | 399 return false; |
373 | 400 |
374 // get() returns 0 (PolicyAreaNone) if there is no entry in the map. | 401 // get() returns 0 (PolicyAreaNone) if there is no entry in the map. |
375 // Thus by default, schemes do not bypass CSP. | 402 // Thus by default, schemes do not bypass CSP. |
376 MutexLocker locker(mutex()); | 403 MutexLocker locker(mutex()); |
377 return (ContentSecurityPolicyBypassingSchemes().get(scheme) & policyAreas) =
= policyAreas; | 404 return (ContentSecurityPolicyBypassingSchemes().get(scheme) & policyAreas) =
= policyAreas; |
378 } | 405 } |
379 | 406 |
380 } // namespace blink | 407 } // namespace blink |
OLD | NEW |