| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2007 Apple Inc. All rights reserved. | 2 * Copyright (C) 2007 Apple Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * | 7 * |
| 8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 42 #include "wtf/StdLibExtras.h" | 42 #include "wtf/StdLibExtras.h" |
| 43 #include "wtf/text/StringBuilder.h" | 43 #include "wtf/text/StringBuilder.h" |
| 44 | 44 |
| 45 namespace blink { | 45 namespace blink { |
| 46 | 46 |
| 47 const int InvalidPort = 0; | 47 const int InvalidPort = 0; |
| 48 const int MaxAllowedPort = 65535; | 48 const int MaxAllowedPort = 65535; |
| 49 | 49 |
| 50 static SecurityOriginCache* s_originCache = 0; | 50 static SecurityOriginCache* s_originCache = 0; |
| 51 | 51 |
| 52 static bool schemeRequiresAuthority(const KURL& url) | |
| 53 { | |
| 54 // We expect URLs with these schemes to have authority components. If the | |
| 55 // URL lacks an authority component, we get concerned and mark the origin | |
| 56 // as unique. | |
| 57 return url.protocolIsInHTTPFamily() || url.protocolIs("ftp"); | |
| 58 } | |
| 59 | |
| 60 static SecurityOrigin* cachedOrigin(const KURL& url) | 52 static SecurityOrigin* cachedOrigin(const KURL& url) |
| 61 { | 53 { |
| 62 if (s_originCache) | 54 if (s_originCache) |
| 63 return s_originCache->cachedOrigin(url); | 55 return s_originCache->cachedOrigin(url); |
| 64 return 0; | 56 return 0; |
| 65 } | 57 } |
| 66 | 58 |
| 67 bool SecurityOrigin::shouldUseInnerURL(const KURL& url) | 59 bool SecurityOrigin::shouldUseInnerURL(const KURL& url) |
| 68 { | 60 { |
| 69 // FIXME: Blob URLs don't have inner URLs. Their form is "blob:<inner-origin
>/<UUID>", so treating the part after "blob:" as a URL is incorrect. | 61 // FIXME: Blob URLs don't have inner URLs. Their form is "blob:<inner-origin
>/<UUID>", so treating the part after "blob:" as a URL is incorrect. |
| (...skipping 29 matching lines...) Expand all Loading... |
| 99 // FIXME: Do we need to unwrap the URL further? | 91 // FIXME: Do we need to unwrap the URL further? |
| 100 KURL relevantURL; | 92 KURL relevantURL; |
| 101 if (SecurityOrigin::shouldUseInnerURL(url)) { | 93 if (SecurityOrigin::shouldUseInnerURL(url)) { |
| 102 relevantURL = SecurityOrigin::extractInnerURL(url); | 94 relevantURL = SecurityOrigin::extractInnerURL(url); |
| 103 if (!relevantURL.isValid()) | 95 if (!relevantURL.isValid()) |
| 104 return true; | 96 return true; |
| 105 } else { | 97 } else { |
| 106 relevantURL = url; | 98 relevantURL = url; |
| 107 } | 99 } |
| 108 | 100 |
| 109 // For edge case URLs that were probably misparsed, make sure that the origi
n is unique. | 101 // URLs with schemes that require an authority, but which don't have one, |
| 110 // FIXME: Do we really need to do this? This looks to be a hack around a | 102 // will have failed the isValid() test; e.g. valid HTTP URLs must have a |
| 111 // security bug in CFNetwork that might have been fixed. | 103 // host. |
| 112 if (schemeRequiresAuthority(relevantURL) && relevantURL.host().isEmpty()) | 104 ASSERT( |
| 113 return true; | 105 !((relevantURL.protocolIsInHTTPFamily() || relevantURL.protocolIs("ftp")
) |
| 106 && relevantURL.host().isEmpty())); |
| 114 | 107 |
| 115 // SchemeRegistry needs a lower case protocol because it uses HashMaps | 108 // SchemeRegistry needs a lower case protocol because it uses HashMaps |
| 116 // that assume the scheme has already been canonicalized. | 109 // that assume the scheme has already been canonicalized. |
| 117 String protocol = relevantURL.protocol().lower(); | 110 String protocol = relevantURL.protocol().lower(); |
| 118 | 111 |
| 119 if (SchemeRegistry::shouldTreatURLSchemeAsNoAccess(protocol)) | 112 if (SchemeRegistry::shouldTreatURLSchemeAsNoAccess(protocol)) |
| 120 return true; | 113 return true; |
| 121 | 114 |
| 122 // This is the common case. | 115 // This is the common case. |
| 123 return false; | 116 return false; |
| (...skipping 425 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 549 } | 542 } |
| 550 | 543 |
| 551 void SecurityOrigin::transferPrivilegesFrom(const SecurityOrigin& origin) | 544 void SecurityOrigin::transferPrivilegesFrom(const SecurityOrigin& origin) |
| 552 { | 545 { |
| 553 m_universalAccess = origin.m_universalAccess; | 546 m_universalAccess = origin.m_universalAccess; |
| 554 m_canLoadLocalResources = origin.m_canLoadLocalResources; | 547 m_canLoadLocalResources = origin.m_canLoadLocalResources; |
| 555 m_blockLocalAccessFromLocalOrigin = origin.m_blockLocalAccessFromLocalOrigin
; | 548 m_blockLocalAccessFromLocalOrigin = origin.m_blockLocalAccessFromLocalOrigin
; |
| 556 } | 549 } |
| 557 | 550 |
| 558 } // namespace blink | 551 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1320793002:
Remove some code, an obsolete criteria, from SecurityOrigin test for uniqueness. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master