Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(349)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/service_worker/service_worker_utils.cc

Issue 2196633002: [ServiceWorker] Don't check the origin equality when disable-web-security flag is set. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: incorporated nhiroki's comment Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/common/service_worker/service_worker_utils.h ('k') | content/test/data/service_worker/disable_web_security_get_registration.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/common/service_worker/service_worker_utils.h" 5 #include "content/common/service_worker/service_worker_utils.h"
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/strings/string_util.h" 10 #include "base/strings/string_util.h"
(...skipping 13 matching lines...) Expand all
24 path.find("%2F") != std::string::npos) { 24 path.find("%2F") != std::string::npos) {
25 return true; 25 return true;
26 } 26 }
27 if (path.find("%5c") != std::string::npos || 27 if (path.find("%5c") != std::string::npos ||
28 path.find("%5C") != std::string::npos) { 28 path.find("%5C") != std::string::npos) {
29 return true; 29 return true;
30 } 30 }
31 return false; 31 return false;
32 } 32 }
33 33
34 bool AllOriginsMatch(const GURL& url_a, const GURL& url_b, const GURL& url_c) {
35 return url_a.GetOrigin() == url_b.GetOrigin() &&
36 url_a.GetOrigin() == url_c.GetOrigin();
37 }
38
39 } // namespace 34 } // namespace
40 35
41 // static 36 // static
42 bool ServiceWorkerUtils::ScopeMatches(const GURL& scope, const GURL& url) { 37 bool ServiceWorkerUtils::ScopeMatches(const GURL& scope, const GURL& url) {
43 DCHECK(!scope.has_ref()); 38 DCHECK(!scope.has_ref());
44 return base::StartsWith(url.spec(), scope.spec(), 39 return base::StartsWith(url.spec(), scope.spec(),
45 base::CompareCase::SENSITIVE); 40 base::CompareCase::SENSITIVE);
46 } 41 }
47 42
48 // static 43 // static
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after
109 return false; 104 return false;
110 } 105 }
111 106
112 // static 107 // static
113 bool ServiceWorkerUtils::CanRegisterServiceWorker(const GURL& context_url, 108 bool ServiceWorkerUtils::CanRegisterServiceWorker(const GURL& context_url,
114 const GURL& pattern, 109 const GURL& pattern,
115 const GURL& script_url) { 110 const GURL& script_url) {
116 DCHECK(context_url.is_valid()); 111 DCHECK(context_url.is_valid());
117 DCHECK(pattern.is_valid()); 112 DCHECK(pattern.is_valid());
118 DCHECK(script_url.is_valid()); 113 DCHECK(script_url.is_valid());
119 return AllOriginsMatch(context_url, pattern, script_url) && 114 return ServiceWorkerUtils::PassOriginEqualitySecurityCheck<GURL>(
115 context_url, pattern, script_url) &&
120 OriginCanAccessServiceWorkers(context_url) && 116 OriginCanAccessServiceWorkers(context_url) &&
121 OriginCanAccessServiceWorkers(pattern) && 117 OriginCanAccessServiceWorkers(pattern) &&
122 OriginCanAccessServiceWorkers(script_url); 118 OriginCanAccessServiceWorkers(script_url);
123 } 119 }
124 120
125 bool LongestScopeMatcher::MatchLongest(const GURL& scope) { 121 bool LongestScopeMatcher::MatchLongest(const GURL& scope) {
126 if (!ServiceWorkerUtils::ScopeMatches(scope, url_)) 122 if (!ServiceWorkerUtils::ScopeMatches(scope, url_))
127 return false; 123 return false;
128 if (match_.is_empty() || match_.spec().size() < scope.spec().size()) { 124 if (match_.is_empty() || match_.spec().size() < scope.spec().size()) {
129 match_ = scope; 125 match_ = scope;
130 return true; 126 return true;
131 } 127 }
132 return false; 128 return false;
133 } 129 }
134 130
135 } // namespace content 131 } // namespace content
OLDNEW
« no previous file with comments | « content/common/service_worker/service_worker_utils.h ('k') | content/test/data/service_worker/disable_web_security_get_registration.html » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698