Updated suborigin serialization to latest spec proposal

third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp

 /*
  * Copyright (C) 2007 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  *
  * 1.  Redistributions of source code must retain the above copyright
  *     notice, this list of conditions and the following disclaimer.
  * 2.  Redistributions in binary form must reproduce the above copyright
@@ skipping 111 matching lines @@
     , m_port(url.port())
     , m_effectivePort(url.port() ? url.port() : defaultPortForProtocol(m_protocol))
     , m_isUnique(false)
     , m_universalAccess(false)
     , m_domainWasSetInDOM(false)
     , m_blockLocalAccessFromLocalOrigin(false)
     , m_isUniqueOriginPotentiallyTrustworthy(false)
 {
     // Suborigins are serialized into the host, so extract it if necessary.
     String suboriginName;
-    if (deserializeSuboriginAndHost(m_host, suboriginName, m_host))
+    if (deserializeSuboriginAndProtocolAndHost(m_protocol, m_host, suboriginName, m_protocol, m_host))
         m_suborigin.setName(suboriginName);
 
     // document.domain starts as m_host, but can be set by the DOM.
     m_domain = m_host;
 
     if (isDefaultPortForProtocol(m_port, m_protocol))
         m_port = InvalidPort;
 
     // By default, only local SecurityOrigins can load local resources.
     m_canLoadLocalResources = isLocal();
@@ skipping 323 matching lines @@
     if (m_protocol == "file")
         return "file://";
 
     StringBuilder result;
     buildRawString(result, false);
     return result.toString();
 }
 
 // Returns true if and only if a suborigin component was found. If false, no
 // guarantees about the return value |suboriginName| are made.
-bool SecurityOrigin::deserializeSuboriginAndHost(const String& oldHost, String& suboriginName, String& newHost)
+bool SecurityOrigin::deserializeSuboriginAndProtocolAndHost(const String& oldProtocol, const String& oldHost, String& suboriginName, String& newProtocol, String& newHost)
 {
     if (!RuntimeEnabledFeatures::suboriginsEnabled())
         return false;
 
-    size_t suboriginEnd = oldHost.find('_');
-    // Suborigins cannot be empty
-    if (suboriginEnd == 0 || suboriginEnd == WTF::kNotFound)
+    String originalProtocol = oldProtocol;
+    // Suborigin URLs must have the -so option in the scheme.
+    if (!oldProtocol.endsWith("-so"))
         return false;
 
+    size_t protocolEnd = oldProtocol.reverseFind("-so");
+    DCHECK_NE(protocolEnd, WTF::kNotFound);
+    newProtocol = oldProtocol.substring(0, protocolEnd);

[nasko, 2016/09/19 22:20:21]

Should we verify that the newProtocol is a valid registered protocol? What if I
managed to hit this method with "http-so-so"?

[jww, 2016/09/20 00:24:32]

I think we should only deserialize if it's https-so or http-so, and in other
cases we should return false and throw our hands up. Since KURL doesn't
generally check for valid protocols on creation, I think the appropriate thing
is simply to not deserialize as a suborigin, and to instead leave it to the
caller to decide what to do with the protocol.

+
+    size_t suboriginEnd = oldHost.find('.');
+    // Suborigins cannot be empty.
+    if (suboriginEnd == 0 || suboriginEnd == WTF::kNotFound) {
+        newProtocol = originalProtocol;
+        return false;
+    }
+
     suboriginName = oldHost.substring(0, suboriginEnd);
     newHost = oldHost.substring(suboriginEnd + 1);
 
     return true;
 }
 
 
 AtomicString SecurityOrigin::toRawAtomicString() const
 {
     if (m_protocol == "file")
         return AtomicString("file://");
 
     StringBuilder result;
     buildRawString(result, true);
     return result.toAtomicString();
 }
 
 void SecurityOrigin::buildRawString(StringBuilder& builder, bool includeSuborigin) const
 {
     builder.append(m_protocol);
-    builder.append("://");
     if (includeSuborigin && hasSuborigin()) {
+        builder.append("-so://");
         builder.append(m_suborigin.name());
-        builder.append('_');
+        builder.append('.');
+    } else {
+        builder.append("://");
     }
     builder.append(m_host);
 
     if (m_port) {
         builder.append(':');
         builder.appendNumber(m_port);
     }
 }
 
 PassRefPtr<SecurityOrigin> SecurityOrigin::createFromString(const String& originString)
@@ skipping 64 matching lines @@
     m_blockLocalAccessFromLocalOrigin = privilegeData->m_blockLocalAccessFromLocalOrigin;
 }
 
 void SecurityOrigin::setUniqueOriginIsPotentiallyTrustworthy(bool isUniqueOriginPotentiallyTrustworthy)
 {
     ASSERT(!isUniqueOriginPotentiallyTrustworthy || isUnique());
     m_isUniqueOriginPotentiallyTrustworthy = isUniqueOriginPotentiallyTrustworthy;
 }
 
 } // namespace blink