| Index: components/policy/core/browser/url_blacklist_manager.cc
|
| diff --git a/components/policy/core/browser/url_blacklist_manager.cc b/components/policy/core/browser/url_blacklist_manager.cc
|
| index 909c7b9ead164f98d5e86199843d04d771cb9be0..9a6a64d2793a91c7bee4c086b0d6c7dce8b56241 100644
|
| --- a/components/policy/core/browser/url_blacklist_manager.cc
|
| +++ b/components/policy/core/browser/url_blacklist_manager.cc
|
| @@ -11,11 +11,13 @@
|
| #include "base/bind.h"
|
| #include "base/files/file_path.h"
|
| #include "base/location.h"
|
| +#include "base/logging.h"
|
| #include "base/macros.h"
|
| #include "base/sequenced_task_runner.h"
|
| #include "base/single_thread_task_runner.h"
|
| #include "base/stl_util.h"
|
| #include "base/strings/string_number_conversions.h"
|
| +#include "base/strings/string_util.h"
|
| #include "base/task_runner_util.h"
|
| #include "base/thread_task_runner_handle.h"
|
| #include "base/values.h"
|
| @@ -26,6 +28,7 @@
|
| #include "net/base/net_errors.h"
|
| #include "url/third_party/mozilla/url_parse.h"
|
| #include "url/url_constants.h"
|
| +#include "url/url_util.h"
|
|
|
| using url_matcher::URLMatcher;
|
| using url_matcher::URLMatcherCondition;
|
| @@ -204,10 +207,16 @@ void URLBlacklist::Allow(const base::ListValue* filters) {
|
| }
|
|
|
| bool URLBlacklist::IsURLBlocked(const GURL& url) const {
|
| + return URLBlacklist::GetURLBlacklistState(url) ==
|
| + net::NetworkDelegate::URLBlacklistState::URL_IN_BLACKLIST;
|
| +}
|
| +
|
| +net::NetworkDelegate::URLBlacklistState
|
| +URLBlacklist::GetURLBlacklistState(const GURL& url) const {
|
| std::set<URLMatcherConditionSet::ID> matching_ids =
|
| url_matcher_->MatchURL(url);
|
|
|
| - const FilterComponents* max = NULL;
|
| + const FilterComponents* max = nullptr;
|
| for (std::set<URLMatcherConditionSet::ID>::iterator id = matching_ids.begin();
|
| id != matching_ids.end(); ++id) {
|
| std::map<int, FilterComponents>::const_iterator it = filters_.find(*id);
|
| @@ -217,17 +226,19 @@ bool URLBlacklist::IsURLBlocked(const GURL& url) const {
|
| max = &filter;
|
| }
|
|
|
| - // Default to allow.
|
| + // Default neutral.
|
| if (!max)
|
| - return false;
|
| + return net::NetworkDelegate::URLBlacklistState::URL_NEUTRAL_STATE;
|
|
|
| // Some of the internal Chrome URLs are not affected by the "*" in the
|
| // blacklist. Note that the "*" is the lowest priority filter possible, so
|
| // any higher priority filter will be applied first.
|
| if (max->IsBlacklistWildcard() && BypassBlacklistWildcardForURL(url))
|
| - return false;
|
| + return net::NetworkDelegate::URLBlacklistState::URL_IN_WHITELIST;
|
|
|
| - return !max->allow;
|
| + return max->allow ?
|
| + net::NetworkDelegate::URLBlacklistState::URL_IN_WHITELIST :
|
| + net::NetworkDelegate::URLBlacklistState::URL_IN_BLACKLIST;
|
| }
|
|
|
| size_t URLBlacklist::Size() const {
|
| @@ -243,9 +254,17 @@ bool URLBlacklist::FilterToComponents(SegmentURLCallback segment_url,
|
| uint16_t* port,
|
| std::string* path,
|
| std::string* query) {
|
| + DCHECK(scheme);
|
| + DCHECK(host);
|
| + DCHECK(match_subdomains);
|
| + DCHECK(port);
|
| + DCHECK(path);
|
| + DCHECK(query);
|
| url::Parsed parsed;
|
| + const std::string lc_filter = base::ToLowerASCII(base::StringPiece(filter));
|
| + const std::string url_scheme = segment_url(filter, &parsed);
|
|
|
| - if (segment_url(filter, &parsed) == url::kFileScheme) {
|
| + if (url_scheme == url::kFileScheme) {
|
| base::FilePath file_path;
|
| if (!net::FileURLToFilePath(GURL(filter), &file_path))
|
| return false;
|
| @@ -254,8 +273,12 @@ bool URLBlacklist::FilterToComponents(SegmentURLCallback segment_url,
|
| host->clear();
|
| *match_subdomains = true;
|
| *port = 0;
|
| - // Special path when the |filter| is 'file://*'.
|
| - *path = (filter == "file://*") ? "" : file_path.AsUTF8Unsafe();
|
| + // Special path when the |filter| is 'file://*' or 'file:*'.
|
| + if (lc_filter == "file:*" || lc_filter == "file://*") {
|
| + path->clear();
|
| + } else {
|
| + *path = file_path.AsUTF8Unsafe();
|
| + }
|
| #if defined(FILE_PATH_USES_WIN_SEPARATORS)
|
| // Separators have to be canonicalized on Windows.
|
| std::replace(path->begin(), path->end(), '\\', '/');
|
| @@ -264,20 +287,36 @@ bool URLBlacklist::FilterToComponents(SegmentURLCallback segment_url,
|
| return true;
|
| }
|
|
|
| - if (!parsed.host.is_nonempty())
|
| + // Check if it's a scheme wildcard pattern. We support both versions
|
| + // (scheme:* and scheme://*) the later being consistent with old filter
|
| + // definitions.
|
| + if (lc_filter == url_scheme + ":*" || lc_filter == url_scheme + "://*") {
|
| + scheme->assign(url_scheme);
|
| + host->clear();
|
| + *match_subdomains = true;
|
| + *port = 0;
|
| + path->clear();
|
| + query->clear();
|
| + return true;
|
| + }
|
| +
|
| + // According to documentation host can't be empty.
|
| + if (!parsed.host.is_nonempty()) {
|
| return false;
|
| + }
|
|
|
| if (parsed.scheme.is_nonempty())
|
| - scheme->assign(filter, parsed.scheme.begin, parsed.scheme.len);
|
| + scheme->assign(url_scheme);
|
| else
|
| scheme->clear();
|
|
|
| host->assign(filter, parsed.host.begin, parsed.host.len);
|
| + *host = base::ToLowerASCII(base::StringPiece(*host));
|
| // Special '*' host, matches all hosts.
|
| if (*host == "*") {
|
| host->clear();
|
| *match_subdomains = true;
|
| - } else if ((*host)[0] == '.') {
|
| + } else if (host->at(0) == '.') {
|
| // A leading dot in the pattern syntax means that we don't want to match
|
| // subdomains.
|
| host->erase(0, 1);
|
| @@ -316,12 +355,10 @@ bool URLBlacklist::FilterToComponents(SegmentURLCallback segment_url,
|
| else
|
| path->clear();
|
|
|
| - if (query) {
|
| - if (parsed.query.is_nonempty())
|
| - query->assign(filter, parsed.query.begin, parsed.query.len);
|
| - else
|
| - query->clear();
|
| - }
|
| + if (parsed.query.is_nonempty())
|
| + query->assign(filter, parsed.query.begin, parsed.query.len);
|
| + else
|
| + query->clear();
|
|
|
| return true;
|
| }
|
| @@ -492,6 +529,12 @@ bool URLBlacklistManager::IsURLBlocked(const GURL& url) const {
|
| return blacklist_->IsURLBlocked(url);
|
| }
|
|
|
| +net::NetworkDelegate::URLBlacklistState
|
| +URLBlacklistManager::GetURLBlacklistState(const GURL& url) const {
|
| + DCHECK(io_task_runner_->RunsTasksOnCurrentThread());
|
| + return blacklist_->GetURLBlacklistState(url);
|
| +}
|
| +
|
| bool URLBlacklistManager::ShouldBlockRequestForFrame(const GURL& url,
|
| int* reason) const {
|
| DCHECK(io_task_runner_->RunsTasksOnCurrentThread());
|
|
|
Chromium Code Reviews
Issue 1692503002:
Functionality to allow blacklist and whitelist of custom schemes (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master