Part 1.1: Is policy list subsumed under subsuming policy?

third_party/WebKit/Source/core/frame/csp/CSPSource.cpp

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "core/frame/csp/CSPSource.h"
 
 #include "core/frame/UseCounter.h"
 #include "core/frame/csp/ContentSecurityPolicy.h"
 #include "platform/weborigin/KURL.h"
 #include "platform/weborigin/KnownPorts.h"
@@ skipping 86 matching lines @@
 
   if (!port)
     return isDefaultPortForProtocol(m_port, protocol);
 
   if (!m_port)
     return isDefaultPortForProtocol(port, protocol);
 
   return false;
 }
 
+bool CSPSource::isSimilar(CSPSource* other) {
+  bool schemesMatch =
+      schemeMatches(other->m_scheme) || other->schemeMatches(m_scheme);
+  if (!schemesMatch || isSchemeOnly() || other->isSchemeOnly())
+    return schemesMatch;
+  bool hostsMatch = (m_host == other->m_host) || hostMatches(other->m_host) ||
+                    other->hostMatches(m_host);
+  bool portsMatch = (other->m_portWildcard == HasWildcard) ||
+                    portMatches(other->m_port, other->m_scheme);
+  bool pathsMatch = pathMatches(other->m_path) || other->pathMatches(m_path);
+  if (hostsMatch && portsMatch && pathsMatch)
+    return true;
+
+  return false;
+}
+
+CSPSource* CSPSource::getCommon(CSPSource* other) {
+  if (!isSimilar(other))
+    return nullptr;
+
+  String scheme = isSchemeSubsumedBy(other) ? m_scheme : other->m_scheme;
+  String host = (m_hostWildcard == HasWildcard) ? other->m_host : m_host;
+  String path = isPathSubsumedBy(other) ? m_path : other->m_path;
+  int port = isPortSubsumedBy(other) ? m_port : other->m_port;
+  WildcardDisposition hostWildcard =
+      (m_hostWildcard == HasWildcard) ? other->m_hostWildcard : m_hostWildcard;
+  WildcardDisposition portWildcard =
+      (m_portWildcard == HasWildcard) ? other->m_portWildcard : m_portWildcard;
+  return new CSPSource(m_policy, scheme, host, port, path, hostWildcard,
+                       portWildcard);
+}
+
+bool CSPSource::isSubsumedBy(CSPSource* other) {
+  if (!isSimilar(other) || !isSchemeSubsumedBy(other) ||
+      !isWildcardsSubsumedBy(other) || !isPortSubsumedBy(other) ||
+      !isPathSubsumedBy(other))
+    return false;
+
+  return true;
+}
+
+bool CSPSource::isWildcardsSubsumedBy(CSPSource* other) {
+  if ((m_hostWildcard == HasWildcard && other->m_hostWildcard == NoWildcard) ||
+      (m_portWildcard == HasWildcard && other->m_portWildcard == NoWildcard)) {
+    return false;
+  }
+  return true;
+}
+
+bool CSPSource::isSchemeSubsumedBy(CSPSource* other) {
+  if (other->isSchemeOnly()) {
+    if (other->m_scheme.length() == m_scheme.length())
+      return true;
+    return m_scheme.length() == 3 || m_scheme.length() == 5 ? true : false;
+  }
+  if (isSchemeOnly())
+    return false;
+
+  if (m_scheme.length() == other->m_scheme.length())
+    return true;
+
+  // If the schemes match but their lengths are not equal, that means one of the
+  // schemes is 'https' or 'wss' and the other one is 'http' or 'ws'.
+  return m_scheme.length() > 3 ? (m_scheme == "https") : (m_scheme == "wss");
+}
+
+bool CSPSource::isPortSubsumedBy(CSPSource* other) {
+  bool otherIsMoreRestrictive =
+      (other->m_portWildcard == NoWildcard) && (!m_port && other->m_port);
+  return !otherIsMoreRestrictive;
+}
+
+bool CSPSource::isPathSubsumedBy(CSPSource* other) {
+  bool otherIsMoreRestrictive =
+      (isPathEmptyOrSlashOnly() && !other->isPathEmptyOrSlashOnly()) ||
+      (!isPathEmptyOrSlashOnly() && m_path.endsWith("/") &&
+       !other->m_path.endsWith("/"));
+  return !otherIsMoreRestrictive;
+}
+
 bool CSPSource::isSchemeOnly() const {
   return m_host.isEmpty();
 }
 
+bool CSPSource::isPathEmptyOrSlashOnly() const {
+  return m_path.isEmpty() || m_path == "/";
+}
+
 DEFINE_TRACE(CSPSource) {
   visitor->trace(m_policy);
 }
 
 }  // namespace blink