Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(814)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/origin_util.cc

Issue 2622693002: Cleanup of static lists of schemes & origins that are created at startup. (Closed)
Patch Set: merge Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/common/BUILD.gn ('k') | content/common/savable_url_schemes.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/public/common/origin_util.h" 5 #include "content/public/common/origin_util.h"
6 6
7 #include "base/lazy_instance.h" 7 #include "base/lazy_instance.h"
8 #include "base/macros.h" 8 #include "base/macros.h"
9 #include "base/stl_util.h" 9 #include "base/stl_util.h"
10 #include "content/public/common/content_client.h" 10 #include "content/common/url_schemes.h"
11 #include "net/base/url_util.h" 11 #include "net/base/url_util.h"
12 #include "url/gurl.h" 12 #include "url/gurl.h"
13 13
14 namespace content { 14 namespace content {
15 15
16 namespace {
17
18 class SchemeAndOriginWhitelist {
19 public:
20 SchemeAndOriginWhitelist() { Reset(); }
21 ~SchemeAndOriginWhitelist() {}
22
23 void Reset() {
24 secure_schemes_.clear();
25 secure_origins_.clear();
26 service_worker_schemes_.clear();
27 GetContentClient()->AddSecureSchemesAndOrigins(&secure_schemes_,
28 &secure_origins_);
29 GetContentClient()->AddServiceWorkerSchemes(&service_worker_schemes_);
30 }
31
32 const std::set<std::string>& secure_schemes() const {
33 return secure_schemes_;
34 }
35 const std::set<GURL>& secure_origins() const { return secure_origins_; }
36 const std::set<std::string>& service_worker_schemes() const {
37 return service_worker_schemes_;
38 }
39
40 private:
41 std::set<std::string> secure_schemes_;
42 std::set<GURL> secure_origins_;
43 std::set<std::string> service_worker_schemes_;
44 DISALLOW_COPY_AND_ASSIGN(SchemeAndOriginWhitelist);
45 };
46
47 base::LazyInstance<SchemeAndOriginWhitelist>::Leaky g_trustworthy_whitelist =
48 LAZY_INSTANCE_INITIALIZER;
49
50 } // namespace
51
52 bool IsOriginSecure(const GURL& url) { 16 bool IsOriginSecure(const GURL& url) {
53 if (url.SchemeIsCryptographic() || url.SchemeIsFile()) 17 if (url.SchemeIsCryptographic() || url.SchemeIsFile())
54 return true; 18 return true;
55 19
56 if (url.SchemeIsFileSystem() && url.inner_url() && 20 if (url.SchemeIsFileSystem() && url.inner_url() &&
57 IsOriginSecure(*url.inner_url())) { 21 IsOriginSecure(*url.inner_url())) {
58 return true; 22 return true;
59 } 23 }
60 24
61 std::string hostname = url.HostNoBrackets(); 25 std::string hostname = url.HostNoBrackets();
62 if (net::IsLocalhost(hostname)) 26 if (net::IsLocalhost(hostname))
63 return true; 27 return true;
64 28
65 if (base::ContainsKey(g_trustworthy_whitelist.Get().secure_schemes(), 29 if (base::ContainsValue(GetSecureSchemes(), url.scheme()))
66 url.scheme()))
67 return true; 30 return true;
68 31
69 if (base::ContainsKey(g_trustworthy_whitelist.Get().secure_origins(), 32 if (base::ContainsValue(GetSecureOrigins(), url.GetOrigin())) {
70 url.GetOrigin())) {
71 return true; 33 return true;
72 } 34 }
73 35
74 return false; 36 return false;
75 } 37 }
76 38
77 bool OriginCanAccessServiceWorkers(const GURL& url) { 39 bool OriginCanAccessServiceWorkers(const GURL& url) {
78 if (url.SchemeIsHTTPOrHTTPS() && IsOriginSecure(url)) 40 if (url.SchemeIsHTTPOrHTTPS() && IsOriginSecure(url))
79 return true; 41 return true;
80 42
81 if (base::ContainsKey(g_trustworthy_whitelist.Get().service_worker_schemes(), 43 if (base::ContainsValue(GetServiceWorkerSchemes(), url.scheme())) {
82 url.scheme())) {
83 return true; 44 return true;
84 } 45 }
85 46
86 return false; 47 return false;
87 } 48 }
88 49
89 void ResetSchemesAndOriginsWhitelistForTesting() { 50 void ResetSchemesAndOriginsWhitelistForTesting() {
90 g_trustworthy_whitelist.Get().Reset(); 51 RefreshSecuritySchemesForTesting();
91 } 52 }
92 53
93 } // namespace content 54 } // namespace content
OLDNEW
« no previous file with comments | « content/common/BUILD.gn ('k') | content/common/savable_url_schemes.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698