OLD | NEW |
| (Empty) |
1 /* | |
2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. | |
3 * | |
4 * Redistribution and use in source and binary forms, with or without | |
5 * modification, are permitted provided that the following conditions | |
6 * are met: | |
7 * 1. Redistributions of source code must retain the above copyright | |
8 * notice, this list of conditions and the following disclaimer. | |
9 * 2. Redistributions in binary form must reproduce the above copyright | |
10 * notice, this list of conditions and the following disclaimer in the | |
11 * documentation and/or other materials provided with the distribution. | |
12 * | |
13 * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY | |
14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR | |
17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, | |
18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, | |
19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR | |
20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY | |
21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
24 * | |
25 */ | |
26 | |
27 #ifndef CrossOriginAccessControl_h | |
28 #define CrossOriginAccessControl_h | |
29 | |
30 #include "core/CoreExport.h" | |
31 #include "core/fetch/ResourceLoaderOptions.h" | |
32 #include "platform/network/ResourceRequest.h" | |
33 #include "wtf/Allocator.h" | |
34 #include "wtf/Forward.h" | |
35 #include "wtf/HashSet.h" | |
36 #include "wtf/PassRefPtr.h" | |
37 | |
38 namespace blink { | |
39 | |
40 using HTTPHeaderSet = HashSet<String, CaseFoldingHash>; | |
41 | |
42 struct ResourceLoaderOptions; | |
43 class ResourceRequest; | |
44 class ResourceResponse; | |
45 class SecurityOrigin; | |
46 | |
47 class CrossOriginAccessControl { | |
48 STATIC_ONLY(CrossOriginAccessControl); | |
49 | |
50 public: | |
51 // Enumerating the error conditions that the CORS | |
52 // access control check can report, including success. | |
53 // | |
54 // See |checkAccess()| and |accessControlErrorString()| which respectively | |
55 // produce and consume these error values, for precise meaning. | |
56 enum AccessStatus { | |
57 kAccessAllowed, | |
58 kInvalidResponse, | |
59 kAllowOriginMismatch, | |
60 kSubOriginMismatch, | |
61 kWildcardOriginNotAllowed, | |
62 kMissingAllowOriginHeader, | |
63 kMultipleAllowOriginValues, | |
64 kInvalidAllowOriginValue, | |
65 kDisallowCredentialsNotSetToTrue, | |
66 }; | |
67 | |
68 // Enumerating the error conditions that CORS preflight | |
69 // can report, including success. | |
70 // | |
71 // See |checkPreflight()| methods and |preflightErrorString()| which | |
72 // respectively produce and consume these error values, for precise meaning. | |
73 enum PreflightStatus { | |
74 kPreflightSuccess, | |
75 kPreflightInvalidStatus, | |
76 // "Access-Control-Allow-External:" | |
77 // ( https://wicg.github.io/cors-rfc1918/#headers ) specific error | |
78 // conditions: | |
79 kPreflightMissingAllowExternal, | |
80 kPreflightInvalidAllowExternal, | |
81 }; | |
82 | |
83 // Enumerating the error conditions that CORS redirect target URL | |
84 // checks can report, including success. | |
85 // | |
86 // See |checkRedirectLocation()| methods and |redirectErrorString()| which | |
87 // respectively produce and consume these error values, for precise meaning. | |
88 enum RedirectStatus { | |
89 kRedirectSuccess, | |
90 kRedirectDisallowedScheme, | |
91 kRedirectContainsCredentials, | |
92 }; | |
93 | |
94 // Perform a CORS access check on the response. Returns |kAccessAllowed| if | |
95 // access is allowed. Use |accessControlErrorString()| to construct a | |
96 // user-friendly error message for any of the other (error) conditions. | |
97 static AccessStatus checkAccess(const ResourceResponse&, | |
98 StoredCredentials, | |
99 const SecurityOrigin*); | |
100 | |
101 // Perform the required CORS checks on the response to a preflight request. | |
102 // Returns |kPreflightSuccess| if preflight response was successful. | |
103 // Use |preflightErrorString()| to construct a user-friendly error message | |
104 // for any of the other (error) conditions. | |
105 static PreflightStatus checkPreflight(const ResourceResponse&); | |
106 | |
107 // Error checking for the currently experimental | |
108 // "Access-Control-Allow-External:" header. Shares error conditions with | |
109 // standard preflight checking. | |
110 static PreflightStatus checkExternalPreflight(const ResourceResponse&); | |
111 | |
112 // Given a redirected-to URL, check if the location is allowed | |
113 // according to CORS. That is: | |
114 // - the URL has a CORS supported scheme and | |
115 // - the URL does not contain the userinfo production. | |
116 // | |
117 // Returns |kRedirectSuccess| in all other cases. Use | |
118 // |redirectErrorString()| to construct a user-friendly error | |
119 // message for any of the error conditions. | |
120 static RedirectStatus checkRedirectLocation(const KURL&); | |
121 | |
122 static bool handleRedirect(PassRefPtr<SecurityOrigin>, | |
123 ResourceRequest&, | |
124 const ResourceResponse&, | |
125 StoredCredentials, | |
126 ResourceLoaderOptions&, | |
127 String&); | |
128 | |
129 // Stringify errors from CORS access checks, preflight or redirect checks. | |
130 static void accessControlErrorString(StringBuilder&, | |
131 AccessStatus, | |
132 const ResourceResponse&, | |
133 const SecurityOrigin*, | |
134 WebURLRequest::RequestContext); | |
135 static void preflightErrorString(StringBuilder&, | |
136 PreflightStatus, | |
137 const ResourceResponse&); | |
138 static void redirectErrorString(StringBuilder&, RedirectStatus, const KURL&); | |
139 }; | |
140 | |
141 // TODO: also migrate these into the above static class. | |
142 CORE_EXPORT bool isOnAccessControlResponseHeaderWhitelist(const String&); | |
143 | |
144 CORE_EXPORT ResourceRequest | |
145 createAccessControlPreflightRequest(const ResourceRequest&); | |
146 | |
147 CORE_EXPORT void parseAccessControlExposeHeadersAllowList( | |
148 const String& headerValue, | |
149 HTTPHeaderSet&); | |
150 CORE_EXPORT void extractCorsExposedHeaderNamesList(const ResourceResponse&, | |
151 HTTPHeaderSet&); | |
152 | |
153 } // namespace blink | |
154 | |
155 #endif // CrossOriginAccessControl_h | |
OLD | NEW |