Index: webkit/child/site_isolation_policy.h |
diff --git a/webkit/child/site_isolation_policy.h b/webkit/child/site_isolation_policy.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..3cde0a61ddcd577bb497cb9870e3c5aa4a4a4f9a |
--- /dev/null |
+++ b/webkit/child/site_isolation_policy.h |
@@ -0,0 +1,155 @@ |
+// Copyright (c) 2013 The Chromium Authors. All rights reserved. Use |
+// of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef WEBKIT_CHILD_SITE_ISOLATION_POLICY_H_ |
+#define WEBKIT_CHILD_SITE_ISOLATION_POLICY_H_ |
+ |
+#include <map> |
+#include <utility> |
+ |
+#include "third_party/WebKit/public/web/WebFrame.h" |
+#include "third_party/WebKit/public/platform/WebURLRequest.h" |
+#include "third_party/WebKit/public/platform/WebURLResponse.h" |
+#include "webkit/child/webkit_child_export.h" |
+ |
+using WebKit::WebFrame; |
+using WebKit::WebURLResponse; |
+using WebKit::WebURLRequest; |
+ |
+namespace webkit_glue { |
+ |
+struct ResponseMetaData { |
+ enum CanonicalMimeType { |
+ IsHTML = 0, |
+ IsXML = 1, |
+ IsJSON = 2, |
+ IsPlain = 3, |
+ IsOthers = 4, |
+ }; |
+ |
+ static const char* CanonicalMimeTypeToString(CanonicalMimeType mime_type) { |
+ const char* mime_type_names[] = {"HTML", "XML", "JSON", "Plain", "Others"}; |
+ return mime_type_names[mime_type]; |
+ } |
+ |
+ static const char* TargetTypeToString(WebURLRequest::TargetType target_type) { |
+ const char* target_type_names[] = { |
+ "MainFrame", "Subframe", "Subresource", "StyleSheet", "Script", |
+ "FontResource", "Image", "Object", "Media", "Worker", "SharedWorker", |
+ "Prefetch", "Favicon", "XHR", "TextTrack", "Unspecified"}; |
+ return target_type_names[target_type]; |
+ } |
+ |
+ std::string frame_origin; |
+ std::string response_url; |
+ unsigned identifier; |
+ WebURLRequest::TargetType target_type; |
+ CanonicalMimeType canonical_mime_type; |
+ int http_status_code; |
+}; |
+ |
+// The correct calling sequence of the following three functions are |
Charlie Reis
2013/08/07 21:02:02
A class-level comment should describe what the cla
dsjang
2013/08/08 21:21:01
Done.
|
+// as they appear in this file. |
+class WEBKIT_CHILD_EXPORT SiteIsolationPolicy { |
+ public: |
+ |
+ // Register target_type information for identifier. identifier keeps |
+ // track of the sequence of network requests made for the original |
+ // url. target_type gets sometimes misleading especially when it |
+ // has TargetIsSubresource. We should not depend on target_type to |
+ // decide if this request is for navigation or not. |
+ static void WillSendRequest(unsigned identifier, |
+ WebURLRequest::TargetType target_type); |
+ |
+ // Register the header information of the response data. This |
+ // function obtains the target_type set by WillSendRequest(), and |
+ // erase the slot. |
+ // TODO(dsjang): does this get called multiple times? |
+ static void DidReceiveResponse(WebFrame* frame, |
+ unsigned identifier, |
+ const WebURLResponse& response); |
+ |
+ // Examine the first network packet in case response_url is |
+ // registered as a cross-site document by DidReceiveResponse(). If |
+ // if is the case, this is going to record various kinds of UMA data |
+ // items. |
+ static void DidReceiveData(const char* payload, |
+ int length, |
+ WebKit::WebURL& response_url); |
+ |
+ // TODO(dsjang): Either of the following two functions must be |
+ // called at the end of the |
+ // transaction. WebURLLoaderImpl::didReceivedData() is not a place |
+ // where this can be called since it is not guaranteed that the |
+ // function is called in case of network error. Instead, |
+ // RenderFrameImpl::didFinishResourceLoad(identifier) and |
+ // didFailLoad() are used for successful loading, failed one, |
+ // respectively. |
+ static void DidFinishResourceLoad(unsigned identifier); |
+ |
+ static void DidFinishResourceLoadForUrl(const WebKit::WebURL& response_url); |
+ |
+ // Returns the canonical mime type code of the mime type of |
+ // response. |
+ static ResponseMetaData::CanonicalMimeType GetCanonicalMimeType( |
+ const WebURLResponse& response); |
+ |
+ // Returns whether response's scheme is not security relevant. For |
Charlie Reis
2013/08/07 21:02:02
This comment and the function name don't agree.
dsjang
2013/08/08 21:21:01
Done.
|
+ // example, this returns true for data:* urls. |
+ static bool IsNetworkScheme(GURL& frame_origin); |
+ |
+ // Returns if this response's source site is the same as the site of the frame |
+ static bool IsSameSite(GURL& frame_origin, GURL& response_url); |
+ |
+ // Returns if a valid CORS's set for frame_origin. This is very |
+ // simliar to CrossOriginAccessControl::passesAccessControlCheck(), |
+ // but we use sites as our security domain, not |
+ // origins. TODO(dsjang): this must be improved to be more accurate |
+ // to the actual CORS specification. For now, this works |
+ // conservatively, allowing XSDs that are not allowed by actual CORS |
+ // rules by ignoring 1) credentials and 2) methods. Preflight |
+ // requests don't matter here since they are not used to decide |
+ // whether to block a document or not on the client side. |
+ static bool IsValidCorsHeaderSet(GURL& frame_origin, |
+ GURL& website_origin, |
+ std::string access_control_origin); |
+ |
+ // Returns if this is for the response for a sub resource, not a |
+ // response for frame navigation. |
+ static bool IsFrameNotCommitted(WebFrame* frame); |
Charlie Reis
2013/08/07 21:02:02
This name is hard to understand (vs the comment).
dsjang
2013/08/08 21:21:01
How about FrameInNavigation?
On 2013/08/07 21:02:
|
+ |
+ static bool SniffForHTML(const char* data, size_t length); |
+ static bool SniffForXML(const char* data, size_t length); |
+ static bool SniffForJSON(const char* data, size_t length); |
+ |
+ static bool IsErrorStatusCode(int status_code); |
+ static bool SniffForJS(const char* data, size_t length); |
+ |
+ static bool DoSignatureMatching(const char* data, |
+ size_t length, |
+ const char* signatures[], |
+ size_t arr_size); |
+ |
+ private: |
+ // Maintain data between willSendRequest() -> didReceiveResponse() |
Charlie Reis
2013/08/07 21:02:02
-> is confusing here because it has a specific C++
dsjang
2013/08/08 21:21:01
Done.
|
+ static std::map<unsigned, WebURLRequest::TargetType> id_target_map_; |
+ |
+ // Maintain data between didReceiveResponse() -> didReceiveData() We |
+ // need to record (mimetype, statuscode) here. |
+ static std::map<std::string, ResponseMetaData> url_responsedata_map_; |
+ |
+ // This is a map that maps identifier to the corresponding |
+ // ResponseMetaData. |
+ static std::map<unsigned, std::string> id_url_map_; |
+ |
+ // Never needs to be constructed/destructed. |
+ SiteIsolationPolicy() {} |
+ ~SiteIsolationPolicy() {} |
+ |
+ DISALLOW_COPY_AND_ASSIGN(SiteIsolationPolicy); |
+}; |
+ |
+} // namespace content |
+ |
+#endif // WEBKIT_CHILD_SITE_ISOLATION_POLICY_H_ |