OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/public/common/origin_util.h" | 5 #include "content/public/common/origin_util.h" |
6 | 6 |
7 #include "base/lazy_instance.h" | 7 #include "base/lazy_instance.h" |
8 #include "base/macros.h" | 8 #include "base/macros.h" |
9 #include "base/stl_util.h" | 9 #include "base/stl_util.h" |
10 #include "content/common/url_schemes.h" | 10 #include "content/common/url_schemes.h" |
11 #include "net/base/url_util.h" | 11 #include "net/base/url_util.h" |
12 #include "url/gurl.h" | 12 #include "url/gurl.h" |
13 #include "url/url_util.h" | 13 #include "url/url_util.h" |
14 | 14 |
15 namespace { | 15 namespace { |
16 | 16 |
17 // This function partially reflects the result from SecurityOrigin::isUnique, | 17 // This function partially reflects the result from SecurityOrigin::isOpaque, |
18 // not its actual implementation. It takes into account how | 18 // not its actual implementation. It takes into account how |
19 // SecurityOrigin::create might return unique origins for URLs whose schemes are | 19 // SecurityOrigin::create might return opaque origins for URLs whose schemes are |
20 // included in SchemeRegistry::shouldTreatURLSchemeAsNoAccess. | 20 // included in SchemeRegistry::shouldTreatURLSchemeAsNoAccess. |
21 bool IsOriginUnique(const url::Origin& origin) { | 21 bool IsOriginOpaque(const url::Origin& origin) { |
22 return origin.unique() || | 22 return origin.opaque() || |
23 base::ContainsValue(url::GetNoAccessSchemes(), origin.scheme()); | 23 base::ContainsValue(url::GetNoAccessSchemes(), origin.scheme()); |
24 } | 24 } |
25 | 25 |
26 } // namespace | 26 } // namespace |
27 | 27 |
28 namespace content { | 28 namespace content { |
29 | 29 |
30 bool IsOriginSecure(const GURL& url) { | 30 bool IsOriginSecure(const GURL& url) { |
31 if (url.SchemeIsCryptographic() || url.SchemeIsFile()) | 31 if (url.SchemeIsCryptographic() || url.SchemeIsFile()) |
32 return true; | 32 return true; |
(...skipping 20 matching lines...) Expand all Loading... |
53 return true; | 53 return true; |
54 | 54 |
55 if (base::ContainsValue(GetServiceWorkerSchemes(), url.scheme())) { | 55 if (base::ContainsValue(GetServiceWorkerSchemes(), url.scheme())) { |
56 return true; | 56 return true; |
57 } | 57 } |
58 | 58 |
59 return false; | 59 return false; |
60 } | 60 } |
61 | 61 |
62 bool IsOriginWhiteListedTrustworthy(const url::Origin& origin) { | 62 bool IsOriginWhiteListedTrustworthy(const url::Origin& origin) { |
63 if (IsOriginUnique(origin)) | 63 if (IsOriginOpaque(origin)) |
64 return false; | 64 return false; |
65 | 65 |
66 return base::ContainsValue(GetSecureOrigins(), | 66 return base::ContainsValue(GetSecureOrigins(), |
67 origin.GetURL().HostNoBrackets()); | 67 origin.GetURL().HostNoBrackets()); |
68 } | 68 } |
69 | 69 |
70 bool IsPotentiallyTrustworthyOrigin(const url::Origin& origin) { | 70 bool IsPotentiallyTrustworthyOrigin(const url::Origin& origin) { |
71 // Note: Considering this mirrors SecurityOrigin::isPotentiallyTrustworthy, it | 71 // Note: Considering this mirrors SecurityOrigin::isPotentiallyTrustworthy, it |
72 // assumes m_isUniqueOriginPotentiallyTrustworthy is set to false. This | 72 // assumes m_isUniqueOriginPotentiallyTrustworthy is set to false. This |
73 // implementation follows Blink's default behavior but in the renderer it can | 73 // implementation follows Blink's default behavior but in the renderer it can |
74 // be changed per instance by calls to | 74 // be changed per instance by calls to |
75 // SecurityOrigin::setUniqueOriginIsPotentiallyTrustworthy. | 75 // SecurityOrigin::setUniqueOriginIsPotentiallyTrustworthy. |
76 if (IsOriginUnique(origin)) | 76 if (IsOriginOpaque(origin)) |
77 return false; | 77 return false; |
78 | 78 |
79 if (base::ContainsValue(url::GetSecureSchemes(), origin.scheme()) || | 79 if (base::ContainsValue(url::GetSecureSchemes(), origin.scheme()) || |
80 base::ContainsValue(url::GetLocalSchemes(), origin.scheme()) || | 80 base::ContainsValue(url::GetLocalSchemes(), origin.scheme()) || |
81 net::IsLocalhost(origin.GetURL().HostNoBracketsPiece())) { | 81 net::IsLocalhost(origin.GetURL().HostNoBracketsPiece())) { |
82 return true; | 82 return true; |
83 } | 83 } |
84 | 84 |
85 if (IsOriginWhiteListedTrustworthy(origin)) | 85 if (IsOriginWhiteListedTrustworthy(origin)) |
86 return true; | 86 return true; |
87 | 87 |
88 return false; | 88 return false; |
89 } | 89 } |
90 | 90 |
91 } // namespace content | 91 } // namespace content |
OLD | NEW |