Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(18)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: url/origin.h

Issue 2714813003: Add an identity component for unique/opaque url::Origins.
Patch Set: . Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | url/origin.cc » ('j') | url/origin.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef URL_ORIGIN_H_ 5 #ifndef URL_ORIGIN_H_
6 #define URL_ORIGIN_H_ 6 #define URL_ORIGIN_H_
7 7
8 #include <stdint.h> 8 #include <stdint.h>
9 9
10 #include <string> 10 #include <string>
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
43 // * Invalid and non-standard GURLs are parsed as unique origins. This includes 43 // * Invalid and non-standard GURLs are parsed as unique origins. This includes
44 // non-hierarchical URLs like 'data:text/html,...' and 'javascript:alert(1)'. 44 // non-hierarchical URLs like 'data:text/html,...' and 'javascript:alert(1)'.
45 // 45 //
46 // * GURLs with schemes of 'filesystem' or 'blob' parse the origin out of the 46 // * GURLs with schemes of 'filesystem' or 'blob' parse the origin out of the
47 // internals of the URL. That is, 'filesystem:https://example.com/temporary/f' 47 // internals of the URL. That is, 'filesystem:https://example.com/temporary/f'
48 // is parsed as ('https', 'example.com', 443). 48 // is parsed as ('https', 'example.com', 443).
49 // 49 //
50 // * Unique origins all serialize to the string "null"; this means that the 50 // * Unique origins all serialize to the string "null"; this means that the
51 // serializations of two unique origins are identical to each other, though 51 // serializations of two unique origins are identical to each other, though
52 // the origins themselves are not "the same". This means that origins' 52 // the origins themselves are not "the same". This means that origins'
53 // serializations must not be relied upon for security checks. 53 // serializations must not be relied upon for security checks.
Mike West 2017/02/24 07:58:50 Please update these comments as well.
54 // 54 //
55 // * GURLs with a 'file' scheme are tricky. They are parsed as ('file', '', 0), 55 // * GURLs with a 'file' scheme are tricky. They are parsed as ('file', '', 0),
56 // but their behavior may differ from embedder to embedder. 56 // but their behavior may differ from embedder to embedder.
57 // 57 //
58 // * The host component of an IPv6 address includes brackets, just like the URL 58 // * The host component of an IPv6 address includes brackets, just like the URL
59 // representation. 59 // representation.
60 // 60 //
61 // Usage: 61 // Usage:
62 // 62 //
63 // * Origins are generally constructed from an already-canonicalized GURL: 63 // * Origins are generally constructed from an already-canonicalized GURL:
(...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after
167 base::StringPiece host, 167 base::StringPiece host,
168 uint16_t port, 168 uint16_t port,
169 base::StringPiece suborigin, 169 base::StringPiece suborigin,
170 SchemeHostPort::ConstructPolicy policy); 170 SchemeHostPort::ConstructPolicy policy);
171 Origin(std::string scheme, 171 Origin(std::string scheme,
172 std::string host, 172 std::string host,
173 uint16_t port, 173 uint16_t port,
174 std::string suborigin, 174 std::string suborigin,
175 SchemeHostPort::ConstructPolicy policy); 175 SchemeHostPort::ConstructPolicy policy);
176 176
177 bool unique_;
178
177 SchemeHostPort tuple_; 179 SchemeHostPort tuple_;
178 bool unique_;
179 std::string suborigin_; 180 std::string suborigin_;
181
182 uint8_t unique_origin_id_[16];
180 }; 183 };
181 184
182 URL_EXPORT std::ostream& operator<<(std::ostream& out, const Origin& origin); 185 URL_EXPORT std::ostream& operator<<(std::ostream& out, const Origin& origin);
183 186
184 URL_EXPORT bool IsSameOriginWith(const GURL& a, const GURL& b); 187 URL_EXPORT bool IsSameOriginWith(const GURL& a, const GURL& b);
185 URL_EXPORT bool IsSamePhysicalOriginWith(const GURL& a, const GURL& b); 188 URL_EXPORT bool IsSamePhysicalOriginWith(const GURL& a, const GURL& b);
186 189
187 } // namespace url 190 } // namespace url
188 191
189 #endif // URL_ORIGIN_H_ 192 #endif // URL_ORIGIN_H_
OLDNEW
« no previous file with comments | « no previous file | url/origin.cc » ('j') | url/origin.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698