Check for equality of the URL's origin in replaceState/pushState

third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp

Index: third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp
diff --git a/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp b/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp
index a441e80df2c64cdf136c1d2e41f7130994e55d5a..d67632a171e35f0304e4774704134b64f0a5ca82 100644
--- a/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp
+++ b/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp
@@ -366,6 +366,28 @@ bool SecurityOrigin::canDisplay(const KURL& url) const
     return true;
 }
 
+bool SecurityOrigin::areSamePageUrls(const KURL& a, const KURL& b) const
+{
+    if (m_universalAccess)
+        return true;
+
+    if (isUnique())
+        return false;
+
+    if (!equalIgnoringPathQueryAndFragment(a, b))

[brettw, 2015/12/08 05:41:32]

Personally, I would prefer manually checking scheme/host/port for equality
rather than adding this new function on KURL that's only called once. Would be
interested in Mike's opinion.

[robwu, 2015/12/08 08:45:17]

Checking for scheme/host/port equality is not sufficient, username/password
should also be ignored. To avoid hard-coding the meaning "URL minus path, query
and fragment" = "protocol, username, password, host and port", I've put the
helper method in KURL (so that others can also rely on it if wanted).

[Mike West, 2015/12/08 13:45:19]

This is defined somewhat strangely in HTML as "If any component of these two
URLs differ other than the path, query, and fragment components, then throw a
SecurityError exception and abort these steps."

This is fairly explicitly not an origin check; it's checking properties of the
page's URLs. To that end, I'd suggest that we should avoid putting the code in
'SecurityOrigin'. I spot-checked Firefox, and it agrees with the
username/password bits.

Given that this is the only place in the codebase that we need this kind of
check (and, given it's weirdness, I'd prefer not to encourage others to reuse
it), I'd suggest packing up the check in an anon. namepsace of `History.cpp`.

[robwu, 2015/12/08 14:10:39]

I presume that you're fine with exposing the value of m_universalAccess through
a getter on SecurityOrigin, because this was one of the reasons why I put this
implementation in SecurityOrigin.cpp?

[Mike West, 2015/12/08 14:18:41]

I would dearly love to murder that property entirely. Until that happens,
exposing it as a getter isn't a problem. :)

+        return false;
+
+    RefPtr<SecurityOrigin> originA = SecurityOrigin::create(a);
+    if (originA->isUnique() || !isSameSchemeHostPort(originA.get()))
+        return false;
+
+    RefPtr<SecurityOrigin> originB = SecurityOrigin::create(b);
+    if (originB->isUnique() || !isSameSchemeHostPort(originB.get()))
+        return false;
+
+    return true;
+}
+
 bool SecurityOrigin::isPotentiallyTrustworthy(String& errorMessage) const
 {
     ASSERT(m_protocol != "data");