OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
169 // HTTP is required because http://localhost is considered secure. | 169 // HTTP is required because http://localhost is considered secure. |
170 // Additional checks are performed to ensure that other http pages | 170 // Additional checks are performed to ensure that other http pages |
171 // are filtered out. | 171 // are filtered out. |
172 serviceWorkerSchemes.add("http"); | 172 serviceWorkerSchemes.add("http"); |
173 serviceWorkerSchemes.add("https"); | 173 serviceWorkerSchemes.add("https"); |
174 } | 174 } |
175 | 175 |
176 return serviceWorkerSchemes; | 176 return serviceWorkerSchemes; |
177 } | 177 } |
178 | 178 |
179 static URLSchemesSet& fetchAPISchemes() | |
180 { | |
181 assertLockHeld(); | |
182 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesSet, fetchAPISchemes, ()); | |
183 | |
184 if (fetchAPISchemes.isEmpty()) { | |
185 fetchAPISchemes.add("http"); | |
186 fetchAPISchemes.add("https"); | |
187 } | |
188 | |
189 return fetchAPISchemes; | |
190 } | |
191 | |
179 static URLSchemesMap<SchemeRegistry::PolicyAreas>& ContentSecurityPolicyBypassin gSchemes() | 192 static URLSchemesMap<SchemeRegistry::PolicyAreas>& ContentSecurityPolicyBypassin gSchemes() |
180 { | 193 { |
181 assertLockHeld(); | 194 assertLockHeld(); |
182 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesMap<SchemeRegistry::PolicyAreas>, sch emes, ()); | 195 DEFINE_STATIC_LOCAL_NOASSERT(URLSchemesMap<SchemeRegistry::PolicyAreas>, sch emes, ()); |
183 return schemes; | 196 return schemes; |
184 } | 197 } |
185 | 198 |
186 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme) | 199 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme) |
187 { | 200 { |
188 if (scheme.isEmpty()) | 201 if (scheme.isEmpty()) |
(...skipping 157 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
346 } | 359 } |
347 | 360 |
348 bool SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers(const String& scheme) | 361 bool SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers(const String& scheme) |
349 { | 362 { |
350 if (scheme.isEmpty()) | 363 if (scheme.isEmpty()) |
351 return false; | 364 return false; |
352 MutexLocker locker(mutex()); | 365 MutexLocker locker(mutex()); |
353 return serviceWorkerSchemes().contains(scheme); | 366 return serviceWorkerSchemes().contains(scheme); |
354 } | 367 } |
355 | 368 |
369 void SchemeRegistry::registerURLSchemeAsSupportingFetchAPI(const String& scheme) | |
370 { | |
371 MutexLocker locker(mutex()); | |
372 fetchAPISchemes().add(scheme); | |
373 } | |
374 | |
375 bool SchemeRegistry::shouldTreatURLSchemeAsSupportingFetchAPI(const String& sche me) | |
376 { | |
377 if (scheme.isEmpty()) | |
dcheng
2015/08/25 20:07:32
Out of curiosity, any particular reason to special
not at google - send to devlin
2015/08/25 20:09:03
No idea, I just copied service worker code, but I
pdr.
2015/08/25 21:25:10
Lets just assert !scheme.isEmpty().
not at google - send to devlin
2015/08/25 22:04:45
SGTM, if you're confident, but it would be odd for
tyoshino (SeeGerritForStatus)
2015/08/26 07:24:48
+1. Change to other methods could be done as a sep
not at google - send to devlin
2015/08/26 16:30:32
Acknowledged.
| |
378 return false; | |
379 MutexLocker locker(mutex()); | |
380 return fetchAPISchemes().contains(scheme); | |
381 } | |
382 | |
356 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(const Str ing& scheme, PolicyAreas policyAreas) | 383 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(const Str ing& scheme, PolicyAreas policyAreas) |
357 { | 384 { |
358 MutexLocker locker(mutex()); | 385 MutexLocker locker(mutex()); |
359 ContentSecurityPolicyBypassingSchemes().add(scheme, policyAreas); | 386 ContentSecurityPolicyBypassingSchemes().add(scheme, policyAreas); |
360 } | 387 } |
361 | 388 |
362 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(c onst String& scheme) | 389 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(c onst String& scheme) |
363 { | 390 { |
364 MutexLocker locker(mutex()); | 391 MutexLocker locker(mutex()); |
365 ContentSecurityPolicyBypassingSchemes().remove(scheme); | 392 ContentSecurityPolicyBypassingSchemes().remove(scheme); |
366 } | 393 } |
367 | 394 |
368 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& schem e, PolicyAreas policyAreas) | 395 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& schem e, PolicyAreas policyAreas) |
369 { | 396 { |
370 ASSERT(policyAreas != PolicyAreaNone); | 397 ASSERT(policyAreas != PolicyAreaNone); |
371 if (scheme.isEmpty() || policyAreas == PolicyAreaNone) | 398 if (scheme.isEmpty() || policyAreas == PolicyAreaNone) |
372 return false; | 399 return false; |
373 | 400 |
374 // get() returns 0 (PolicyAreaNone) if there is no entry in the map. | 401 // get() returns 0 (PolicyAreaNone) if there is no entry in the map. |
375 // Thus by default, schemes do not bypass CSP. | 402 // Thus by default, schemes do not bypass CSP. |
376 MutexLocker locker(mutex()); | 403 MutexLocker locker(mutex()); |
377 return (ContentSecurityPolicyBypassingSchemes().get(scheme) & policyAreas) = = policyAreas; | 404 return (ContentSecurityPolicyBypassingSchemes().get(scheme) & policyAreas) = = policyAreas; |
378 } | 405 } |
379 | 406 |
380 } // namespace blink | 407 } // namespace blink |
OLD | NEW |