OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/CSPSource.h" | 5 #include "core/frame/csp/CSPSource.h" |
6 | 6 |
7 #include "core/frame/UseCounter.h" | 7 #include "core/frame/UseCounter.h" |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "platform/weborigin/KURL.h" | 9 #include "platform/weborigin/KURL.h" |
10 #include "platform/weborigin/KnownPorts.h" | 10 #include "platform/weborigin/KnownPorts.h" |
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
97 | 97 |
98 if (!port) | 98 if (!port) |
99 return isDefaultPortForProtocol(m_port, protocol); | 99 return isDefaultPortForProtocol(m_port, protocol); |
100 | 100 |
101 if (!m_port) | 101 if (!m_port) |
102 return isDefaultPortForProtocol(port, protocol); | 102 return isDefaultPortForProtocol(port, protocol); |
103 | 103 |
104 return false; | 104 return false; |
105 } | 105 } |
106 | 106 |
| 107 bool CSPSource::isSimilar(CSPSource* other) { |
| 108 bool schemesMatch = |
| 109 schemeMatches(other->m_scheme) || other->schemeMatches(m_scheme); |
| 110 if (!schemesMatch || isSchemeOnly() || other->isSchemeOnly()) |
| 111 return schemesMatch; |
| 112 bool hostsMatch = (m_host == other->m_host) || hostMatches(other->m_host) || |
| 113 other->hostMatches(m_host); |
| 114 bool portsMatch = (other->m_portWildcard == HasWildcard) || |
| 115 portMatches(other->m_port, other->m_scheme); |
| 116 bool pathsMatch = pathMatches(other->m_path) || other->pathMatches(m_path); |
| 117 if (hostsMatch && portsMatch && pathsMatch) |
| 118 return true; |
| 119 |
| 120 return false; |
| 121 } |
| 122 |
| 123 CSPSource* CSPSource::getCommon(CSPSource* other) { |
| 124 if (!isSimilar(other)) |
| 125 return nullptr; |
| 126 |
| 127 String scheme = isSchemeSubsumedBy(other) ? m_scheme : other->m_scheme; |
| 128 String host = (m_hostWildcard == HasWildcard) ? other->m_host : m_host; |
| 129 String path = isPathSubsumedBy(other) ? m_path : other->m_path; |
| 130 int port = isPortSubsumedBy(other) ? m_port : other->m_port; |
| 131 WildcardDisposition hostWildcard = |
| 132 (m_hostWildcard == HasWildcard) ? other->m_hostWildcard : m_hostWildcard; |
| 133 WildcardDisposition portWildcard = |
| 134 (m_portWildcard == HasWildcard) ? other->m_portWildcard : m_portWildcard; |
| 135 return new CSPSource(m_policy, scheme, host, port, path, hostWildcard, |
| 136 portWildcard); |
| 137 } |
| 138 |
| 139 bool CSPSource::isSubsumedBy(CSPSource* other) { |
| 140 if (!isSimilar(other) || !isSchemeSubsumedBy(other) || |
| 141 !isWildcardsSubsumedBy(other) || !isPortSubsumedBy(other) || |
| 142 !isPathSubsumedBy(other)) |
| 143 return false; |
| 144 |
| 145 return true; |
| 146 } |
| 147 |
| 148 bool CSPSource::isWildcardsSubsumedBy(CSPSource* other) { |
| 149 if ((m_hostWildcard == HasWildcard && other->m_hostWildcard == NoWildcard) || |
| 150 (m_portWildcard == HasWildcard && other->m_portWildcard == NoWildcard)) { |
| 151 return false; |
| 152 } |
| 153 return true; |
| 154 } |
| 155 |
| 156 bool CSPSource::isSchemeSubsumedBy(CSPSource* other) { |
| 157 if (other->isSchemeOnly()) { |
| 158 if (other->m_scheme.length() == m_scheme.length()) |
| 159 return true; |
| 160 return m_scheme.length() == 3 || m_scheme.length() == 5 ? true : false; |
| 161 } |
| 162 if (isSchemeOnly()) |
| 163 return false; |
| 164 |
| 165 if (m_scheme.length() == other->m_scheme.length()) |
| 166 return true; |
| 167 |
| 168 // If the schemes match but their lengths are not equal, that means one of the |
| 169 // schemes is 'https' or 'wss' and the other one is 'http' or 'ws'. |
| 170 return m_scheme.length() > 3 ? (m_scheme == "https") : (m_scheme == "wss"); |
| 171 } |
| 172 |
| 173 bool CSPSource::isPortSubsumedBy(CSPSource* other) { |
| 174 bool otherIsMoreRestrictive = |
| 175 (other->m_portWildcard == NoWildcard) && (!m_port && other->m_port); |
| 176 return !otherIsMoreRestrictive; |
| 177 } |
| 178 |
| 179 bool CSPSource::isPathSubsumedBy(CSPSource* other) { |
| 180 bool otherIsMoreRestrictive = |
| 181 (isPathEmptyOrSlashOnly() && !other->isPathEmptyOrSlashOnly()) || |
| 182 (!isPathEmptyOrSlashOnly() && m_path.endsWith("/") && |
| 183 !other->m_path.endsWith("/")); |
| 184 return !otherIsMoreRestrictive; |
| 185 } |
| 186 |
107 bool CSPSource::isSchemeOnly() const { | 187 bool CSPSource::isSchemeOnly() const { |
108 return m_host.isEmpty(); | 188 return m_host.isEmpty(); |
109 } | 189 } |
110 | 190 |
| 191 bool CSPSource::isPathEmptyOrSlashOnly() const { |
| 192 return m_path.isEmpty() || m_path == "/"; |
| 193 } |
| 194 |
111 DEFINE_TRACE(CSPSource) { | 195 DEFINE_TRACE(CSPSource) { |
112 visitor->trace(m_policy); | 196 visitor->trace(m_policy); |
113 } | 197 } |
114 | 198 |
115 } // namespace blink | 199 } // namespace blink |
OLD | NEW |