OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2003, 2006 Apple Computer, Inc. All rights reserved. | 2 * Copyright (C) 2003, 2006 Apple Computer, Inc. All rights reserved. |
3 * Copyright (C) 2009, 2012 Google Inc. All rights reserved. | 3 * Copyright (C) 2009, 2012 Google Inc. All rights reserved. |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
7 * are met: | 7 * are met: |
8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
(...skipping 320 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
331 | 331 |
332 void ResourceRequest::setExternalRequestStateFromRequestorAddressSpace( | 332 void ResourceRequest::setExternalRequestStateFromRequestorAddressSpace( |
333 WebAddressSpace requestorSpace) { | 333 WebAddressSpace requestorSpace) { |
334 static_assert(WebAddressSpaceLocal < WebAddressSpacePrivate, | 334 static_assert(WebAddressSpaceLocal < WebAddressSpacePrivate, |
335 "Local is inside Private"); | 335 "Local is inside Private"); |
336 static_assert(WebAddressSpaceLocal < WebAddressSpacePublic, | 336 static_assert(WebAddressSpaceLocal < WebAddressSpacePublic, |
337 "Local is inside Public"); | 337 "Local is inside Public"); |
338 static_assert(WebAddressSpacePrivate < WebAddressSpacePublic, | 338 static_assert(WebAddressSpacePrivate < WebAddressSpacePublic, |
339 "Private is inside Public"); | 339 "Private is inside Public"); |
340 | 340 |
341 // TODO(mkwst): This only checks explicit IP addresses. We'll have to move all
this up to //net and //content in | 341 // TODO(mkwst): This only checks explicit IP addresses. We'll have to move all |
342 // order to have any real impact on gateway attacks. That turns out to be a TO
N of work. https://crbug.com/378566 | 342 // this up to //net and //content in order to have any real impact on gateway |
| 343 // attacks. That turns out to be a TON of work. https://crbug.com/378566 |
343 if (!RuntimeEnabledFeatures::corsRFC1918Enabled()) { | 344 if (!RuntimeEnabledFeatures::corsRFC1918Enabled()) { |
344 m_isExternalRequest = false; | 345 m_isExternalRequest = false; |
345 return; | 346 return; |
346 } | 347 } |
347 | 348 |
348 WebAddressSpace targetSpace = WebAddressSpacePublic; | 349 WebAddressSpace targetSpace = WebAddressSpacePublic; |
349 if (NetworkUtils::isReservedIPAddress(m_url.host())) | 350 if (NetworkUtils::isReservedIPAddress(m_url.host())) |
350 targetSpace = WebAddressSpacePrivate; | 351 targetSpace = WebAddressSpacePrivate; |
351 if (SecurityOrigin::create(m_url)->isLocalhost()) | 352 if (SecurityOrigin::create(m_url)->isLocalhost()) |
352 targetSpace = WebAddressSpaceLocal; | 353 targetSpace = WebAddressSpaceLocal; |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
415 m_didSetHTTPReferrer = false; | 416 m_didSetHTTPReferrer = false; |
416 m_checkForBrowserSideNavigation = true; | 417 m_checkForBrowserSideNavigation = true; |
417 m_uiStartTime = 0; | 418 m_uiStartTime = 0; |
418 m_isExternalRequest = false; | 419 m_isExternalRequest = false; |
419 m_inputPerfMetricReportPolicy = InputToLoadPerfMetricReportPolicy::NoReport; | 420 m_inputPerfMetricReportPolicy = InputToLoadPerfMetricReportPolicy::NoReport; |
420 m_redirectStatus = RedirectStatus::NoRedirect; | 421 m_redirectStatus = RedirectStatus::NoRedirect; |
421 m_requestorOrigin = SecurityOrigin::createUnique(); | 422 m_requestorOrigin = SecurityOrigin::createUnique(); |
422 } | 423 } |
423 | 424 |
424 } // namespace blink | 425 } // namespace blink |
OLD | NEW |