third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp - Issue 2447293002: Don't call lower() on KURL protocol/host

Side by Side Diff: third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp

Issue 2447293002: Don't call lower() on KURL protocol/host (Closed)

Patch Set: dont call protocol() / host() twice in SecurityOrigin constructor Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 2007 Apple Inc. All rights reserved.	2 * Copyright (C) 2007 Apple Inc. All rights reserved.

3 *	3 *

4 * Redistribution and use in source and binary forms, with or without	4 * Redistribution and use in source and binary forms, with or without

5 * modification, are permitted provided that the following conditions	5 * modification, are permitted provided that the following conditions

6 * are met:	6 * are met:

7 *	7 *

8 * 1. Redistributions of source code must retain the above copyright	8 * 1. Redistributions of source code must retain the above copyright

9 * notice, this list of conditions and the following disclaimer.	9 * notice, this list of conditions and the following disclaimer.

10 * 2. Redistributions in binary form must reproduce the above copyright	10 * 2. Redistributions in binary form must reproduce the above copyright

(...skipping 85 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
96 relevantURL = url;	96 relevantURL = url;

97 }	97 }

98	98

99 // URLs with schemes that require an authority, but which don't have one,	99 // URLs with schemes that require an authority, but which don't have one,

100 // will have failed the isValid() test; e.g. valid HTTP URLs must have a	100 // will have failed the isValid() test; e.g. valid HTTP URLs must have a

101 // host.	101 // host.

102 ASSERT(!(	102 ASSERT(!(

103 (relevantURL.protocolIsInHTTPFamily() \|\| relevantURL.protocolIs("ftp")) &&	103 (relevantURL.protocolIsInHTTPFamily() \|\| relevantURL.protocolIs("ftp")) &&

104 relevantURL.host().isEmpty()));	104 relevantURL.host().isEmpty()));

105	105

106 // SchemeRegistry needs a lower case protocol because it uses HashMaps	106 if (SchemeRegistry::shouldTreatURLSchemeAsNoAccess(relevantURL.protocol()))

107 // that assume the scheme has already been canonicalized.

108 String protocol = relevantURL.protocol().lower();

109

110 if (SchemeRegistry::shouldTreatURLSchemeAsNoAccess(protocol))

111 return true;	107 return true;

112	108

113 // This is the common case.	109 // This is the common case.

114 return false;	110 return false;

115 }	111 }

116	112

117 SecurityOrigin::SecurityOrigin(const KURL& url)	113 SecurityOrigin::SecurityOrigin(const KURL& url)

118 : m_protocol(url.protocol().isNull() ? emptyString()	114 : m_protocol(url.protocol()),

119 : url.protocol().lower()),	115 m_host(url.host().lower()),
	brettw 2016/10/26 01:54:27 Since you're here, you can delete this lower() cal Since you're here, you can delete this lower() call on the host for the same reason. Charlie Harrison 2016/10/26 01:58:32 Actually, I tried that and hit a DCHECK failure in Show quoted text On 2016/10/26 01:54:27, brettw (ping on IM after 24h) wrote: > Since you're here, you can delete this lower() call on the host for the same > reason. Actually, I tried that and hit a DCHECK failure in this case: https://cs.chromium.org/chromium/src/third_party/WebKit/Source/web/tests/Fram... I added a similar DCHECK_EQ(host(), host().lower()) that failed because the %3E changed %3e. This is after changing the constructor to KURL(KURL(), "http://f--.com-->").
120 m_host(url.host().isNull() ? emptyString() : url.host().lower()),

121 m_port(url.port()),	116 m_port(url.port()),

122 m_effectivePort(url.port() ? url.port()	117 m_effectivePort(url.port() ? url.port()

123 : defaultPortForProtocol(m_protocol)),	118 : defaultPortForProtocol(m_protocol)),

124 m_isUnique(false),	119 m_isUnique(false),

125 m_universalAccess(false),	120 m_universalAccess(false),

126 m_domainWasSetInDOM(false),	121 m_domainWasSetInDOM(false),

127 m_blockLocalAccessFromLocalOrigin(false),	122 m_blockLocalAccessFromLocalOrigin(false),

128 m_isUniqueOriginPotentiallyTrustworthy(false) {	123 m_isUniqueOriginPotentiallyTrustworthy(false) {

	124 if (m_protocol.isNull())

	125 m_protocol = emptyString();

	126 if (m_host.isNull())

	127 m_host = emptyString();

	128

129 // Suborigins are serialized into the host, so extract it if necessary.	129 // Suborigins are serialized into the host, so extract it if necessary.

130 String suboriginName;	130 String suboriginName;

131 if (deserializeSuboriginAndProtocolAndHost(m_protocol, m_host, suboriginName,	131 if (deserializeSuboriginAndProtocolAndHost(m_protocol, m_host, suboriginName,

132 m_protocol, m_host))	132 m_protocol, m_host))

133 m_suborigin.setName(suboriginName);	133 m_suborigin.setName(suboriginName);

134	134

135 // document.domain starts as m_host, but can be set by the DOM.	135 // document.domain starts as m_host, but can be set by the DOM.

136 m_domain = m_host;	136 m_domain = m_host;

137	137

138 if (isDefaultPortForProtocol(m_port, m_protocol))	138 if (isDefaultPortForProtocol(m_port, m_protocol))

(...skipping 174 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
313 if (url.protocolIsData())	313 if (url.protocolIsData())

314 return false;	314 return false;

315	315

316 return true;	316 return true;

317 }	317 }

318	318

319 bool SecurityOrigin::canDisplay(const KURL& url) const {	319 bool SecurityOrigin::canDisplay(const KURL& url) const {

320 if (m_universalAccess)	320 if (m_universalAccess)

321 return true;	321 return true;

322	322

323 String protocol = url.protocol().lower();	323 String protocol = url.protocol();

324

325 if (SchemeRegistry::canDisplayOnlyIfCanRequest(protocol))	324 if (SchemeRegistry::canDisplayOnlyIfCanRequest(protocol))

326 return canRequest(url);	325 return canRequest(url);

327	326

328 if (SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated(protocol))	327 if (SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated(protocol))

329 return m_protocol == protocol \|\|	328 return m_protocol == protocol \|\|

330 SecurityPolicy::isAccessToURLWhiteListed(this, url);	329 SecurityPolicy::isAccessToURLWhiteListed(this, url);

331	330

332 if (SchemeRegistry::shouldTreatURLSchemeAsLocal(protocol))	331 if (SchemeRegistry::shouldTreatURLSchemeAsLocal(protocol))

333 return canLoadLocalResources() \|\|	332 return canLoadLocalResources() \|\|

334 SecurityPolicy::isAccessToURLWhiteListed(this, url);	333 SecurityPolicy::isAccessToURLWhiteListed(this, url);

(...skipping 250 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
585 privilegeData->m_blockLocalAccessFromLocalOrigin;	584 privilegeData->m_blockLocalAccessFromLocalOrigin;

586 }	585 }

587	586

588 void SecurityOrigin::setUniqueOriginIsPotentiallyTrustworthy(	587 void SecurityOrigin::setUniqueOriginIsPotentiallyTrustworthy(

589 bool isUniqueOriginPotentiallyTrustworthy) {	588 bool isUniqueOriginPotentiallyTrustworthy) {

590 ASSERT(!isUniqueOriginPotentiallyTrustworthy \|\| isUnique());	589 ASSERT(!isUniqueOriginPotentiallyTrustworthy \|\| isUnique());

591 m_isUniqueOriginPotentiallyTrustworthy = isUniqueOriginPotentiallyTrustworthy;	590 m_isUniqueOriginPotentiallyTrustworthy = isUniqueOriginPotentiallyTrustworthy;

592 }	591 }

593	592

594 } // namespace blink	593 } // namespace blink

OLD	NEW

« no previous file with comments | « third_party/WebKit/Source/platform/weborigin/KnownPorts.cpp ('k') | no next file » | no next file with comments »