| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 97 return schemes; | 97 return schemes; |
| 98 } | 98 } |
| 99 | 99 |
| 100 static URLSchemesSet& notAllowingJavascriptURLsSchemes() { | 100 static URLSchemesSet& notAllowingJavascriptURLsSchemes() { |
| 101 DEFINE_STATIC_LOCAL_WITH_LOCK(URLSchemesSet, notAllowingJavascriptURLsSchemes, | 101 DEFINE_STATIC_LOCAL_WITH_LOCK(URLSchemesSet, notAllowingJavascriptURLsSchemes, |
| 102 ()); | 102 ()); |
| 103 return notAllowingJavascriptURLsSchemes; | 103 return notAllowingJavascriptURLsSchemes; |
| 104 } | 104 } |
| 105 | 105 |
| 106 void SchemeRegistry::registerURLSchemeAsLocal(const String& scheme) { | 106 void SchemeRegistry::registerURLSchemeAsLocal(const String& scheme) { |
| 107 DCHECK_EQ(scheme, scheme.lower()); |
| 107 MutexLocker locker(mutex()); | 108 MutexLocker locker(mutex()); |
| 108 localURLSchemes().add(scheme); | 109 localURLSchemes().add(scheme); |
| 109 } | 110 } |
| 110 | 111 |
| 111 const URLSchemesSet& SchemeRegistry::localSchemes() { | 112 const URLSchemesSet& SchemeRegistry::localSchemes() { |
| 112 MutexLocker locker(mutex()); | 113 MutexLocker locker(mutex()); |
| 113 return localURLSchemes(); | 114 return localURLSchemes(); |
| 114 } | 115 } |
| 115 | 116 |
| 116 static URLSchemesSet& CORSEnabledSchemes() { | 117 static URLSchemesSet& CORSEnabledSchemes() { |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 179 | 180 |
| 180 return allowedInReferrerSchemes; | 181 return allowedInReferrerSchemes; |
| 181 } | 182 } |
| 182 | 183 |
| 183 void SchemeRegistry::initialize() { | 184 void SchemeRegistry::initialize() { |
| 184 // Instantiate the mutex object. | 185 // Instantiate the mutex object. |
| 185 mutex(); | 186 mutex(); |
| 186 } | 187 } |
| 187 | 188 |
| 188 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme) { | 189 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme) { |
| 190 DCHECK_EQ(scheme, scheme.lower()); |
| 189 if (scheme.isEmpty()) | 191 if (scheme.isEmpty()) |
| 190 return false; | 192 return false; |
| 191 MutexLocker locker(mutex()); | 193 MutexLocker locker(mutex()); |
| 192 return localURLSchemes().contains(scheme); | 194 return localURLSchemes().contains(scheme); |
| 193 } | 195 } |
| 194 | 196 |
| 195 void SchemeRegistry::registerURLSchemeAsNoAccess(const String& scheme) { | 197 void SchemeRegistry::registerURLSchemeAsNoAccess(const String& scheme) { |
| 198 DCHECK_EQ(scheme, scheme.lower()); |
| 196 MutexLocker locker(mutex()); | 199 MutexLocker locker(mutex()); |
| 197 schemesWithUniqueOrigins().add(scheme); | 200 schemesWithUniqueOrigins().add(scheme); |
| 198 } | 201 } |
| 199 | 202 |
| 200 bool SchemeRegistry::shouldTreatURLSchemeAsNoAccess(const String& scheme) { | 203 bool SchemeRegistry::shouldTreatURLSchemeAsNoAccess(const String& scheme) { |
| 204 DCHECK_EQ(scheme, scheme.lower()); |
| 201 if (scheme.isEmpty()) | 205 if (scheme.isEmpty()) |
| 202 return false; | 206 return false; |
| 203 MutexLocker locker(mutex()); | 207 MutexLocker locker(mutex()); |
| 204 return schemesWithUniqueOrigins().contains(scheme); | 208 return schemesWithUniqueOrigins().contains(scheme); |
| 205 } | 209 } |
| 206 | 210 |
| 207 void SchemeRegistry::registerURLSchemeAsDisplayIsolated(const String& scheme) { | 211 void SchemeRegistry::registerURLSchemeAsDisplayIsolated(const String& scheme) { |
| 212 DCHECK_EQ(scheme, scheme.lower()); |
| 208 MutexLocker locker(mutex()); | 213 MutexLocker locker(mutex()); |
| 209 displayIsolatedURLSchemes().add(scheme); | 214 displayIsolatedURLSchemes().add(scheme); |
| 210 } | 215 } |
| 211 | 216 |
| 212 bool SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated( | 217 bool SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated( |
| 213 const String& scheme) { | 218 const String& scheme) { |
| 219 DCHECK_EQ(scheme, scheme.lower()); |
| 214 if (scheme.isEmpty()) | 220 if (scheme.isEmpty()) |
| 215 return false; | 221 return false; |
| 216 MutexLocker locker(mutex()); | 222 MutexLocker locker(mutex()); |
| 217 return displayIsolatedURLSchemes().contains(scheme); | 223 return displayIsolatedURLSchemes().contains(scheme); |
| 218 } | 224 } |
| 219 | 225 |
| 220 void SchemeRegistry::registerURLSchemeAsRestrictingMixedContent( | 226 void SchemeRegistry::registerURLSchemeAsRestrictingMixedContent( |
| 221 const String& scheme) { | 227 const String& scheme) { |
| 228 DCHECK_EQ(scheme, scheme.lower()); |
| 222 MutexLocker locker(mutex()); | 229 MutexLocker locker(mutex()); |
| 223 mixedContentRestrictingSchemes().add(scheme); | 230 mixedContentRestrictingSchemes().add(scheme); |
| 224 } | 231 } |
| 225 | 232 |
| 226 bool SchemeRegistry::shouldTreatURLSchemeAsRestrictingMixedContent( | 233 bool SchemeRegistry::shouldTreatURLSchemeAsRestrictingMixedContent( |
| 227 const String& scheme) { | 234 const String& scheme) { |
| 235 DCHECK_EQ(scheme, scheme.lower()); |
| 228 if (scheme.isEmpty()) | 236 if (scheme.isEmpty()) |
| 229 return false; | 237 return false; |
| 230 MutexLocker locker(mutex()); | 238 MutexLocker locker(mutex()); |
| 231 return mixedContentRestrictingSchemes().contains(scheme); | 239 return mixedContentRestrictingSchemes().contains(scheme); |
| 232 } | 240 } |
| 233 | 241 |
| 234 void SchemeRegistry::registerURLSchemeAsSecure(const String& scheme) { | 242 void SchemeRegistry::registerURLSchemeAsSecure(const String& scheme) { |
| 243 DCHECK_EQ(scheme, scheme.lower()); |
| 235 MutexLocker locker(mutex()); | 244 MutexLocker locker(mutex()); |
| 236 secureSchemes().add(scheme); | 245 secureSchemes().add(scheme); |
| 237 } | 246 } |
| 238 | 247 |
| 239 bool SchemeRegistry::shouldTreatURLSchemeAsSecure(const String& scheme) { | 248 bool SchemeRegistry::shouldTreatURLSchemeAsSecure(const String& scheme) { |
| 249 DCHECK_EQ(scheme, scheme.lower()); |
| 240 if (scheme.isEmpty()) | 250 if (scheme.isEmpty()) |
| 241 return false; | 251 return false; |
| 242 MutexLocker locker(mutex()); | 252 MutexLocker locker(mutex()); |
| 243 return secureSchemes().contains(scheme); | 253 return secureSchemes().contains(scheme); |
| 244 } | 254 } |
| 245 | 255 |
| 246 void SchemeRegistry::registerURLSchemeAsEmptyDocument(const String& scheme) { | 256 void SchemeRegistry::registerURLSchemeAsEmptyDocument(const String& scheme) { |
| 257 DCHECK_EQ(scheme, scheme.lower()); |
| 247 MutexLocker locker(mutex()); | 258 MutexLocker locker(mutex()); |
| 248 emptyDocumentSchemes().add(scheme); | 259 emptyDocumentSchemes().add(scheme); |
| 249 } | 260 } |
| 250 | 261 |
| 251 bool SchemeRegistry::shouldLoadURLSchemeAsEmptyDocument(const String& scheme) { | 262 bool SchemeRegistry::shouldLoadURLSchemeAsEmptyDocument(const String& scheme) { |
| 263 DCHECK_EQ(scheme, scheme.lower()); |
| 252 if (scheme.isEmpty()) | 264 if (scheme.isEmpty()) |
| 253 return false; | 265 return false; |
| 254 MutexLocker locker(mutex()); | 266 MutexLocker locker(mutex()); |
| 255 return emptyDocumentSchemes().contains(scheme); | 267 return emptyDocumentSchemes().contains(scheme); |
| 256 } | 268 } |
| 257 | 269 |
| 258 void SchemeRegistry::setDomainRelaxationForbiddenForURLScheme( | 270 void SchemeRegistry::setDomainRelaxationForbiddenForURLScheme( |
| 259 bool forbidden, | 271 bool forbidden, |
| 260 const String& scheme) { | 272 const String& scheme) { |
| 273 DCHECK_EQ(scheme, scheme.lower()); |
| 261 if (scheme.isEmpty()) | 274 if (scheme.isEmpty()) |
| 262 return; | 275 return; |
| 263 | 276 |
| 264 MutexLocker locker(mutex()); | 277 MutexLocker locker(mutex()); |
| 265 if (forbidden) | 278 if (forbidden) |
| 266 schemesForbiddenFromDomainRelaxation().add(scheme); | 279 schemesForbiddenFromDomainRelaxation().add(scheme); |
| 267 else | 280 else |
| 268 schemesForbiddenFromDomainRelaxation().remove(scheme); | 281 schemesForbiddenFromDomainRelaxation().remove(scheme); |
| 269 } | 282 } |
| 270 | 283 |
| 271 bool SchemeRegistry::isDomainRelaxationForbiddenForURLScheme( | 284 bool SchemeRegistry::isDomainRelaxationForbiddenForURLScheme( |
| 272 const String& scheme) { | 285 const String& scheme) { |
| 286 DCHECK_EQ(scheme, scheme.lower()); |
| 273 if (scheme.isEmpty()) | 287 if (scheme.isEmpty()) |
| 274 return false; | 288 return false; |
| 275 MutexLocker locker(mutex()); | 289 MutexLocker locker(mutex()); |
| 276 return schemesForbiddenFromDomainRelaxation().contains(scheme); | 290 return schemesForbiddenFromDomainRelaxation().contains(scheme); |
| 277 } | 291 } |
| 278 | 292 |
| 279 bool SchemeRegistry::canDisplayOnlyIfCanRequest(const String& scheme) { | 293 bool SchemeRegistry::canDisplayOnlyIfCanRequest(const String& scheme) { |
| 280 return equalIgnoringASCIICase("blob", scheme) || | 294 DCHECK_EQ(scheme, scheme.lower()); |
| 281 equalIgnoringASCIICase("filesystem", scheme); | 295 return scheme == "blob" || scheme == "filesystem"; |
| 282 } | 296 } |
| 283 | 297 |
| 284 void SchemeRegistry::registerURLSchemeAsNotAllowingJavascriptURLs( | 298 void SchemeRegistry::registerURLSchemeAsNotAllowingJavascriptURLs( |
| 285 const String& scheme) { | 299 const String& scheme) { |
| 300 DCHECK_EQ(scheme, scheme.lower()); |
| 286 MutexLocker locker(mutex()); | 301 MutexLocker locker(mutex()); |
| 287 notAllowingJavascriptURLsSchemes().add(scheme); | 302 notAllowingJavascriptURLsSchemes().add(scheme); |
| 288 } | 303 } |
| 289 | 304 |
| 290 bool SchemeRegistry::shouldTreatURLSchemeAsNotAllowingJavascriptURLs( | 305 bool SchemeRegistry::shouldTreatURLSchemeAsNotAllowingJavascriptURLs( |
| 291 const String& scheme) { | 306 const String& scheme) { |
| 307 DCHECK_EQ(scheme, scheme.lower()); |
| 292 if (scheme.isEmpty()) | 308 if (scheme.isEmpty()) |
| 293 return false; | 309 return false; |
| 294 MutexLocker locker(mutex()); | 310 MutexLocker locker(mutex()); |
| 295 return notAllowingJavascriptURLsSchemes().contains(scheme); | 311 return notAllowingJavascriptURLsSchemes().contains(scheme); |
| 296 } | 312 } |
| 297 | 313 |
| 298 void SchemeRegistry::registerURLSchemeAsCORSEnabled(const String& scheme) { | 314 void SchemeRegistry::registerURLSchemeAsCORSEnabled(const String& scheme) { |
| 315 DCHECK_EQ(scheme, scheme.lower()); |
| 299 MutexLocker locker(mutex()); | 316 MutexLocker locker(mutex()); |
| 300 CORSEnabledSchemes().add(scheme); | 317 CORSEnabledSchemes().add(scheme); |
| 301 } | 318 } |
| 302 | 319 |
| 303 bool SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(const String& scheme) { | 320 bool SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(const String& scheme) { |
| 321 DCHECK_EQ(scheme, scheme.lower()); |
| 304 if (scheme.isEmpty()) | 322 if (scheme.isEmpty()) |
| 305 return false; | 323 return false; |
| 306 MutexLocker locker(mutex()); | 324 MutexLocker locker(mutex()); |
| 307 return CORSEnabledSchemes().contains(scheme); | 325 return CORSEnabledSchemes().contains(scheme); |
| 308 } | 326 } |
| 309 | 327 |
| 310 String SchemeRegistry::listOfCORSEnabledURLSchemes() { | 328 String SchemeRegistry::listOfCORSEnabledURLSchemes() { |
| 311 StringBuilder builder; | 329 StringBuilder builder; |
| 312 bool addSeparator = false; | 330 bool addSeparator = false; |
| 313 URLSchemesSet schemes; | 331 URLSchemesSet schemes; |
| 314 { | 332 { |
| 315 MutexLocker locker(mutex()); | 333 MutexLocker locker(mutex()); |
| 316 schemes = CORSEnabledSchemes(); | 334 schemes = CORSEnabledSchemes(); |
| 317 } | 335 } |
| 318 for (const auto& scheme : schemes) { | 336 for (const auto& scheme : schemes) { |
| 319 if (addSeparator) | 337 if (addSeparator) |
| 320 builder.append(", "); | 338 builder.append(", "); |
| 321 else | 339 else |
| 322 addSeparator = true; | 340 addSeparator = true; |
| 323 | 341 |
| 324 builder.append(scheme); | 342 builder.append(scheme); |
| 325 } | 343 } |
| 326 return builder.toString(); | 344 return builder.toString(); |
| 327 } | 345 } |
| 328 | 346 |
| 329 bool SchemeRegistry::shouldTreatURLSchemeAsLegacy(const String& scheme) { | 347 bool SchemeRegistry::shouldTreatURLSchemeAsLegacy(const String& scheme) { |
| 330 return equalIgnoringASCIICase("ftp", scheme) || | 348 return scheme == "ftp" || scheme == "gopher"; |
| 331 equalIgnoringASCIICase("gopher", scheme); | |
| 332 } | 349 } |
| 333 | 350 |
| 334 void SchemeRegistry::registerURLSchemeAsAllowingServiceWorkers( | 351 void SchemeRegistry::registerURLSchemeAsAllowingServiceWorkers( |
| 335 const String& scheme) { | 352 const String& scheme) { |
| 353 DCHECK_EQ(scheme, scheme.lower()); |
| 336 MutexLocker locker(mutex()); | 354 MutexLocker locker(mutex()); |
| 337 serviceWorkerSchemes().add(scheme); | 355 serviceWorkerSchemes().add(scheme); |
| 338 } | 356 } |
| 339 | 357 |
| 340 bool SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers( | 358 bool SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers( |
| 341 const String& scheme) { | 359 const String& scheme) { |
| 360 DCHECK_EQ(scheme, scheme.lower()); |
| 342 if (scheme.isEmpty()) | 361 if (scheme.isEmpty()) |
| 343 return false; | 362 return false; |
| 344 MutexLocker locker(mutex()); | 363 MutexLocker locker(mutex()); |
| 345 return serviceWorkerSchemes().contains(scheme); | 364 return serviceWorkerSchemes().contains(scheme); |
| 346 } | 365 } |
| 347 | 366 |
| 348 void SchemeRegistry::registerURLSchemeAsSupportingFetchAPI( | 367 void SchemeRegistry::registerURLSchemeAsSupportingFetchAPI( |
| 349 const String& scheme) { | 368 const String& scheme) { |
| 369 DCHECK_EQ(scheme, scheme.lower()); |
| 350 MutexLocker locker(mutex()); | 370 MutexLocker locker(mutex()); |
| 351 fetchAPISchemes().add(scheme); | 371 fetchAPISchemes().add(scheme); |
| 352 } | 372 } |
| 353 | 373 |
| 354 bool SchemeRegistry::shouldTreatURLSchemeAsSupportingFetchAPI( | 374 bool SchemeRegistry::shouldTreatURLSchemeAsSupportingFetchAPI( |
| 355 const String& scheme) { | 375 const String& scheme) { |
| 376 DCHECK_EQ(scheme, scheme.lower()); |
| 356 if (scheme.isEmpty()) | 377 if (scheme.isEmpty()) |
| 357 return false; | 378 return false; |
| 358 MutexLocker locker(mutex()); | 379 MutexLocker locker(mutex()); |
| 359 return fetchAPISchemes().contains(scheme); | 380 return fetchAPISchemes().contains(scheme); |
| 360 } | 381 } |
| 361 | 382 |
| 362 void SchemeRegistry::registerURLSchemeAsFirstPartyWhenTopLevel( | 383 void SchemeRegistry::registerURLSchemeAsFirstPartyWhenTopLevel( |
| 363 const String& scheme) { | 384 const String& scheme) { |
| 385 DCHECK_EQ(scheme, scheme.lower()); |
| 364 MutexLocker locker(mutex()); | 386 MutexLocker locker(mutex()); |
| 365 firstPartyWhenTopLevelSchemes().add(scheme); | 387 firstPartyWhenTopLevelSchemes().add(scheme); |
| 366 } | 388 } |
| 367 | 389 |
| 368 void SchemeRegistry::removeURLSchemeAsFirstPartyWhenTopLevel( | 390 void SchemeRegistry::removeURLSchemeAsFirstPartyWhenTopLevel( |
| 369 const String& scheme) { | 391 const String& scheme) { |
| 392 DCHECK_EQ(scheme, scheme.lower()); |
| 370 MutexLocker locker(mutex()); | 393 MutexLocker locker(mutex()); |
| 371 firstPartyWhenTopLevelSchemes().remove(scheme); | 394 firstPartyWhenTopLevelSchemes().remove(scheme); |
| 372 } | 395 } |
| 373 | 396 |
| 374 bool SchemeRegistry::shouldTreatURLSchemeAsFirstPartyWhenTopLevel( | 397 bool SchemeRegistry::shouldTreatURLSchemeAsFirstPartyWhenTopLevel( |
| 375 const String& scheme) { | 398 const String& scheme) { |
| 399 DCHECK_EQ(scheme, scheme.lower()); |
| 376 if (scheme.isEmpty()) | 400 if (scheme.isEmpty()) |
| 377 return false; | 401 return false; |
| 378 MutexLocker locker(mutex()); | 402 MutexLocker locker(mutex()); |
| 379 return firstPartyWhenTopLevelSchemes().contains(scheme); | 403 return firstPartyWhenTopLevelSchemes().contains(scheme); |
| 380 } | 404 } |
| 381 | 405 |
| 382 void SchemeRegistry::registerURLSchemeAsAllowedForReferrer( | 406 void SchemeRegistry::registerURLSchemeAsAllowedForReferrer( |
| 383 const String& scheme) { | 407 const String& scheme) { |
| 408 DCHECK_EQ(scheme, scheme.lower()); |
| 384 MutexLocker locker(mutex()); | 409 MutexLocker locker(mutex()); |
| 385 allowedInReferrerSchemes().add(scheme); | 410 allowedInReferrerSchemes().add(scheme); |
| 386 } | 411 } |
| 387 | 412 |
| 388 void SchemeRegistry::removeURLSchemeAsAllowedForReferrer(const String& scheme) { | 413 void SchemeRegistry::removeURLSchemeAsAllowedForReferrer(const String& scheme) { |
| 389 MutexLocker locker(mutex()); | 414 MutexLocker locker(mutex()); |
| 390 allowedInReferrerSchemes().remove(scheme); | 415 allowedInReferrerSchemes().remove(scheme); |
| 391 } | 416 } |
| 392 | 417 |
| 393 bool SchemeRegistry::shouldTreatURLSchemeAsAllowedForReferrer( | 418 bool SchemeRegistry::shouldTreatURLSchemeAsAllowedForReferrer( |
| 394 const String& scheme) { | 419 const String& scheme) { |
| 420 DCHECK_EQ(scheme, scheme.lower()); |
| 395 if (scheme.isEmpty()) | 421 if (scheme.isEmpty()) |
| 396 return false; | 422 return false; |
| 397 MutexLocker locker(mutex()); | 423 MutexLocker locker(mutex()); |
| 398 return allowedInReferrerSchemes().contains(scheme); | 424 return allowedInReferrerSchemes().contains(scheme); |
| 399 } | 425 } |
| 400 | 426 |
| 401 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy( | 427 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy( |
| 402 const String& scheme, | 428 const String& scheme, |
| 403 PolicyAreas policyAreas) { | 429 PolicyAreas policyAreas) { |
| 430 DCHECK_EQ(scheme, scheme.lower()); |
| 404 MutexLocker locker(mutex()); | 431 MutexLocker locker(mutex()); |
| 405 ContentSecurityPolicyBypassingSchemes().add(scheme, policyAreas); | 432 ContentSecurityPolicyBypassingSchemes().add(scheme, policyAreas); |
| 406 } | 433 } |
| 407 | 434 |
| 408 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy( | 435 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy( |
| 409 const String& scheme) { | 436 const String& scheme) { |
| 437 DCHECK_EQ(scheme, scheme.lower()); |
| 410 MutexLocker locker(mutex()); | 438 MutexLocker locker(mutex()); |
| 411 ContentSecurityPolicyBypassingSchemes().remove(scheme); | 439 ContentSecurityPolicyBypassingSchemes().remove(scheme); |
| 412 } | 440 } |
| 413 | 441 |
| 414 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy( | 442 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy( |
| 415 const String& scheme, | 443 const String& scheme, |
| 416 PolicyAreas policyAreas) { | 444 PolicyAreas policyAreas) { |
| 417 ASSERT(policyAreas != PolicyAreaNone); | 445 ASSERT(policyAreas != PolicyAreaNone); |
| 418 if (scheme.isEmpty() || policyAreas == PolicyAreaNone) | 446 if (scheme.isEmpty() || policyAreas == PolicyAreaNone) |
| 419 return false; | 447 return false; |
| 420 | 448 |
| 421 // get() returns 0 (PolicyAreaNone) if there is no entry in the map. | 449 // get() returns 0 (PolicyAreaNone) if there is no entry in the map. |
| 422 // Thus by default, schemes do not bypass CSP. | 450 // Thus by default, schemes do not bypass CSP. |
| 423 MutexLocker locker(mutex()); | 451 MutexLocker locker(mutex()); |
| 424 return (ContentSecurityPolicyBypassingSchemes().get(scheme) & policyAreas) == | 452 return (ContentSecurityPolicyBypassingSchemes().get(scheme) & policyAreas) == |
| 425 policyAreas; | 453 policyAreas; |
| 426 } | 454 } |
| 427 | 455 |
| 428 void SchemeRegistry::registerURLSchemeBypassingSecureContextCheck( | 456 void SchemeRegistry::registerURLSchemeBypassingSecureContextCheck( |
| 429 const String& scheme) { | 457 const String& scheme) { |
| 458 DCHECK_EQ(scheme, scheme.lower()); |
| 430 MutexLocker locker(mutex()); | 459 MutexLocker locker(mutex()); |
| 431 secureContextBypassingSchemes().add(scheme.lower()); | 460 secureContextBypassingSchemes().add(scheme.lower()); |
| 432 } | 461 } |
| 433 | 462 |
| 434 bool SchemeRegistry::schemeShouldBypassSecureContextCheck( | 463 bool SchemeRegistry::schemeShouldBypassSecureContextCheck( |
| 435 const String& scheme) { | 464 const String& scheme) { |
| 436 if (scheme.isEmpty()) | 465 if (scheme.isEmpty()) |
| 437 return false; | 466 return false; |
| 438 MutexLocker locker(mutex()); | 467 MutexLocker locker(mutex()); |
| 439 return secureContextBypassingSchemes().contains(scheme.lower()); | 468 return secureContextBypassingSchemes().contains(scheme.lower()); |
| 440 } | 469 } |
| 441 | 470 |
| 442 } // namespace blink | 471 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2462893002:
Assume SchemeRegistry only operates on lowercase schemes (Closed)
