OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/common/cross_site_document_classifier.h" | 5 #include "content/common/cross_site_document_classifier.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
10 #include "base/lazy_instance.h" | 10 #include "base/lazy_instance.h" |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
79 | 79 |
80 bool CrossSiteDocumentClassifier::IsBlockableScheme(const GURL& url) { | 80 bool CrossSiteDocumentClassifier::IsBlockableScheme(const GURL& url) { |
81 // We exclude ftp:// from here. FTP doesn't provide a Content-Type | 81 // We exclude ftp:// from here. FTP doesn't provide a Content-Type |
82 // header which our policy depends on, so we cannot protect any | 82 // header which our policy depends on, so we cannot protect any |
83 // document from FTP servers. | 83 // document from FTP servers. |
84 return url.SchemeIs(url::kHttpScheme) || url.SchemeIs(url::kHttpsScheme); | 84 return url.SchemeIs(url::kHttpScheme) || url.SchemeIs(url::kHttpsScheme); |
85 } | 85 } |
86 | 86 |
87 bool CrossSiteDocumentClassifier::IsSameSite(const url::Origin& frame_origin, | 87 bool CrossSiteDocumentClassifier::IsSameSite(const url::Origin& frame_origin, |
88 const GURL& response_url) { | 88 const GURL& response_url) { |
89 if (frame_origin.unique() || !response_url.is_valid()) | 89 if (frame_origin.opaque() || !response_url.is_valid()) |
90 return false; | 90 return false; |
91 | 91 |
92 if (frame_origin.scheme() != response_url.scheme()) | 92 if (frame_origin.scheme() != response_url.scheme()) |
93 return false; | 93 return false; |
94 | 94 |
95 // SameDomainOrHost() extracts the effective domains (public suffix plus one) | 95 // SameDomainOrHost() extracts the effective domains (public suffix plus one) |
96 // from the two URLs and compare them. | 96 // from the two URLs and compare them. |
97 return net::registry_controlled_domains::SameDomainOrHost( | 97 return net::registry_controlled_domains::SameDomainOrHost( |
98 response_url, frame_origin, | 98 response_url, frame_origin, |
99 net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES); | 99 net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES); |
(...skipping 138 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
238 case kColonState: | 238 case kColonState: |
239 case kTerminalState: | 239 case kTerminalState: |
240 NOTREACHED(); | 240 NOTREACHED(); |
241 break; | 241 break; |
242 } | 242 } |
243 } | 243 } |
244 return state == kColonState; | 244 return state == kColonState; |
245 } | 245 } |
246 | 246 |
247 } // namespace content | 247 } // namespace content |
OLD | NEW |