Chromium Code Reviews Chromium Code Reviews
Issue 2714813003:
Add an identity component for unique/opaque url::Origins.
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "url/origin.h" | 5 #include "url/origin.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 // TODO(dcheng): Use crypto's rand util. | |
| 12 #include "base/rand_util.h" | |
| 11 #include "base/strings/string_number_conversions.h" | 13 #include "base/strings/string_number_conversions.h" |
| 12 #include "url/gurl.h" | 14 #include "url/gurl.h" |
| 13 #include "url/url_canon.h" | 15 #include "url/url_canon.h" |
| 14 #include "url/url_canon_stdstring.h" | 16 #include "url/url_canon_stdstring.h" |
| 15 #include "url/url_constants.h" | 17 #include "url/url_constants.h" |
| 16 #include "url/url_util.h" | 18 #include "url/url_util.h" |
| 17 | 19 |
| 18 namespace url { | 20 namespace url { |
| 19 | 21 |
| 20 namespace { | 22 namespace { |
| 21 | 23 |
| 22 GURL AddSuboriginToUrl(const GURL& url, const std::string& suborigin) { | 24 GURL AddSuboriginToUrl(const GURL& url, const std::string& suborigin) { |
| 23 GURL::Replacements replacements; | 25 GURL::Replacements replacements; |
| 24 if (url.scheme() == kHttpScheme) { | 26 if (url.scheme() == kHttpScheme) { |
| 25 replacements.SetSchemeStr(kHttpSuboriginScheme); | 27 replacements.SetSchemeStr(kHttpSuboriginScheme); |
| 26 } else { | 28 } else { |
| 27 DCHECK(url.scheme() == kHttpsScheme); | 29 DCHECK(url.scheme() == kHttpsScheme); |
| 28 replacements.SetSchemeStr(kHttpsSuboriginScheme); | 30 replacements.SetSchemeStr(kHttpsSuboriginScheme); |
| 29 } | 31 } |
| 30 std::string new_host = suborigin + "." + url.host(); | 32 std::string new_host = suborigin + "." + url.host(); |
| 31 replacements.SetHostStr(new_host); | 33 replacements.SetHostStr(new_host); |
| 32 return url.ReplaceComponents(replacements); | 34 return url.ReplaceComponents(replacements); |
| 33 } | 35 } |
| 34 | 36 |
| 35 } // namespace | 37 } // namespace |
| 36 | 38 |
| 37 Origin::Origin() : unique_(true), suborigin_(std::string()) {} | 39 Origin::Origin() : unique_(true) { |
| 40 base::RandBytes(unique_origin_id_, sizeof(unique_origin_id_)); | |
| 41 } | |
| 38 | 42 |
| 39 Origin::Origin(const GURL& url) : unique_(true), suborigin_(std::string()) { | 43 Origin::Origin(const GURL& url) : unique_(true) { |
| 40 if (!url.is_valid() || (!url.IsStandard() && !url.SchemeIsBlob())) | 44 if (!url.is_valid() || (!url.IsStandard() && !url.SchemeIsBlob())) { |
| 45 base::RandBytes(unique_origin_id_, sizeof(unique_origin_id_)); | |
| 41 return; | 46 return; |
| 47 } | |
| 42 | 48 |
| 43 if (url.SchemeIsFileSystem()) { | 49 if (url.SchemeIsFileSystem()) { |
| 44 tuple_ = SchemeHostPort(*url.inner_url()); | 50 tuple_ = SchemeHostPort(*url.inner_url()); |
| 45 } else if (url.SchemeIsBlob()) { | 51 } else if (url.SchemeIsBlob()) { |
| 46 // If we're dealing with a 'blob:' URL, https://url.spec.whatwg.org/#origin | 52 // If we're dealing with a 'blob:' URL, https://url.spec.whatwg.org/#origin |
| 47 // defines the origin as the origin of the URL which results from parsing | 53 // defines the origin as the origin of the URL which results from parsing |
| 48 // the "path", which boils down to everything after the scheme. GURL's | 54 // the "path", which boils down to everything after the scheme. GURL's |
| 49 // 'GetContent()' gives us exactly that. | 55 // 'GetContent()' gives us exactly that. |
| 50 tuple_ = SchemeHostPort(GURL(url.GetContent())); | 56 tuple_ = SchemeHostPort(GURL(url.GetContent())); |
| 51 } else if (url.SchemeIsSuborigin()) { | 57 } else if (url.SchemeIsSuborigin()) { |
| (...skipping 19 matching lines...) Expand all Loading... | |
| 71 bool invalid_suborigin = no_dot || suborigin_end == 0; | 77 bool invalid_suborigin = no_dot || suborigin_end == 0; |
| 72 if (invalid_suborigin || tuple_.IsInvalid()) | 78 if (invalid_suborigin || tuple_.IsInvalid()) |
| 73 return; | 79 return; |
| 74 | 80 |
| 75 suborigin_ = host.substr(0, suborigin_end); | 81 suborigin_ = host.substr(0, suborigin_end); |
| 76 } else { | 82 } else { |
| 77 tuple_ = SchemeHostPort(url); | 83 tuple_ = SchemeHostPort(url); |
| 78 } | 84 } |
| 79 | 85 |
| 80 unique_ = tuple_.IsInvalid(); | 86 unique_ = tuple_.IsInvalid(); |
| 87 if (unique_) | |
| 88 base::RandBytes(unique_origin_id_, sizeof(unique_origin_id_)); | |
| 81 } | 89 } |
| 82 | 90 |
| 83 Origin::Origin(base::StringPiece scheme, | 91 Origin::Origin(base::StringPiece scheme, |
| 84 base::StringPiece host, | 92 base::StringPiece host, |
| 85 uint16_t port, | 93 uint16_t port, |
| 86 base::StringPiece suborigin, | 94 base::StringPiece suborigin, |
| 87 SchemeHostPort::ConstructPolicy policy) | 95 SchemeHostPort::ConstructPolicy policy) |
| 88 : tuple_(scheme.as_string(), host.as_string(), port, policy) { | 96 : Origin(scheme.as_string(), |
| 89 unique_ = tuple_.IsInvalid(); | 97 host.as_string(), |
| 90 suborigin_ = suborigin.as_string(); | 98 port, |
| 91 } | 99 suborigin.as_string(), |
| 100 policy) {} | |
| 92 | 101 |
| 93 Origin::Origin(std::string scheme, | 102 Origin::Origin(std::string scheme, |
| 94 std::string host, | 103 std::string host, |
| 95 uint16_t port, | 104 uint16_t port, |
| 96 std::string suborigin, | 105 std::string suborigin, |
| 97 SchemeHostPort::ConstructPolicy policy) | 106 SchemeHostPort::ConstructPolicy policy) |
| 98 : tuple_(std::move(scheme), std::move(host), port, policy) { | 107 : tuple_(std::move(scheme), std::move(host), port, policy) { |
| 99 unique_ = tuple_.IsInvalid(); | 108 unique_ = tuple_.IsInvalid(); |
| 100 suborigin_ = std::move(suborigin); | 109 if (unique_) |
| 110 base::RandBytes(unique_origin_id_, sizeof(unique_origin_id_)); | |
| 111 else | |
| 112 suborigin_ = std::move(suborigin); | |
|
Mike West
2017/02/24 07:58:50
I wonder if suborigins should have an effect on th
| |
| 101 } | 113 } |
| 102 | 114 |
| 103 Origin::~Origin() { | 115 Origin::~Origin() { |
| 104 } | 116 } |
| 105 | 117 |
| 106 // static | 118 // static |
| 107 Origin Origin::UnsafelyCreateOriginWithoutNormalization( | 119 Origin Origin::UnsafelyCreateOriginWithoutNormalization( |
| 108 base::StringPiece scheme, | 120 base::StringPiece scheme, |
| 109 base::StringPiece host, | 121 base::StringPiece host, |
| 110 uint16_t port) { | 122 uint16_t port) { |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 151 | 163 |
| 152 GURL tuple_url(tuple_.GetURL()); | 164 GURL tuple_url(tuple_.GetURL()); |
| 153 | 165 |
| 154 if (!suborigin_.empty()) | 166 if (!suborigin_.empty()) |
| 155 return AddSuboriginToUrl(tuple_url, suborigin_); | 167 return AddSuboriginToUrl(tuple_url, suborigin_); |
| 156 | 168 |
| 157 return tuple_url; | 169 return tuple_url; |
| 158 } | 170 } |
| 159 | 171 |
| 160 bool Origin::IsSameOriginWith(const Origin& other) const { | 172 bool Origin::IsSameOriginWith(const Origin& other) const { |
| 161 if (unique_ || other.unique_) | 173 if (unique_ || other.unique_) { |
| 162 return false; | 174 return unique_ && other.unique_ |
| 175 ? memcmp(unique_origin_id_, other.unique_origin_id_, | |
| 176 sizeof(unique_origin_id_)) == 0 | |
| 177 : false; | |
| 178 } | |
| 163 | 179 |
| 164 return tuple_.Equals(other.tuple_) && suborigin_ == other.suborigin_; | 180 return tuple_.Equals(other.tuple_) && suborigin_ == other.suborigin_; |
| 165 } | 181 } |
| 166 | 182 |
| 167 bool Origin::IsSamePhysicalOriginWith(const Origin& other) const { | 183 bool Origin::IsSamePhysicalOriginWith(const Origin& other) const { |
| 168 return GetPhysicalOrigin().IsSameOriginWith(other.GetPhysicalOrigin()); | 184 return GetPhysicalOrigin().IsSameOriginWith(other.GetPhysicalOrigin()); |
| 169 } | 185 } |
| 170 | 186 |
| 171 bool Origin::DomainIs(base::StringPiece lower_ascii_domain) const { | 187 bool Origin::DomainIs(base::StringPiece lower_ascii_domain) const { |
| 172 return !unique_ && url::DomainIs(tuple_.host(), lower_ascii_domain); | 188 return !unique_ && url::DomainIs(tuple_.host(), lower_ascii_domain); |
| 173 } | 189 } |
| 174 | 190 |
| 175 bool Origin::operator<(const Origin& other) const { | 191 bool Origin::operator<(const Origin& other) const { |
| 176 return tuple_ < other.tuple_; | 192 return tuple_ < other.tuple_; |
| 177 } | 193 } |
| 178 | 194 |
| 179 std::ostream& operator<<(std::ostream& out, const url::Origin& origin) { | 195 std::ostream& operator<<(std::ostream& out, const url::Origin& origin) { |
| 180 return out << origin.Serialize(); | 196 return out << origin.Serialize(); |
| 181 } | 197 } |
| 182 | 198 |
| 183 bool IsSameOriginWith(const GURL& a, const GURL& b) { | 199 bool IsSameOriginWith(const GURL& a, const GURL& b) { |
| 184 return Origin(a).IsSameOriginWith(Origin(b)); | 200 return Origin(a).IsSameOriginWith(Origin(b)); |
| 185 } | 201 } |
| 186 | 202 |
| 187 bool IsSamePhysicalOriginWith(const GURL& a, const GURL& b) { | 203 bool IsSamePhysicalOriginWith(const GURL& a, const GURL& b) { |
| 188 return Origin(a).IsSamePhysicalOriginWith(Origin(b)); | 204 return Origin(a).IsSamePhysicalOriginWith(Origin(b)); |
| 189 } | 205 } |
| 190 | 206 |
| 191 } // namespace url | 207 } // namespace url |
| OLD | NEW |
