| OLD | NEW |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/public/common/origin_util.h" | 5 #include "content/public/common/origin_util.h" |
| 6 | 6 |
| 7 #include "base/lazy_instance.h" | 7 #include "base/lazy_instance.h" |
| 8 #include "base/macros.h" | 8 #include "base/macros.h" |
| 9 #include "base/stl_util.h" | 9 #include "base/stl_util.h" |
| 10 #include "content/common/url_schemes.h" | 10 #include "content/common/url_schemes.h" |
| 11 #include "net/base/url_util.h" | 11 #include "net/base/url_util.h" |
| 12 #include "url/gurl.h" | 12 #include "url/gurl.h" |
| 13 #include "url/url_util.h" | 13 #include "url/url_util.h" |
| 14 | 14 |
| 15 namespace { | 15 namespace { |
| 16 | 16 |
| 17 // This function partially reflects the result from SecurityOrigin::isUnique, | 17 // This function partially reflects the result from SecurityOrigin::isOpaque, |
| 18 // not its actual implementation. It takes into account how | 18 // not its actual implementation. It takes into account how |
| 19 // SecurityOrigin::create might return unique origins for URLs whose schemes are | 19 // SecurityOrigin::create might return opaque origins for URLs whose schemes are |
| 20 // included in SchemeRegistry::shouldTreatURLSchemeAsNoAccess. | 20 // included in SchemeRegistry::shouldTreatURLSchemeAsNoAccess. |
| 21 bool IsOriginUnique(const url::Origin& origin) { | 21 bool IsOriginOpaque(const url::Origin& origin) { |
| 22 return origin.unique() || | 22 return origin.opaque() || |
| 23 base::ContainsValue(url::GetNoAccessSchemes(), origin.scheme()); | 23 base::ContainsValue(url::GetNoAccessSchemes(), origin.scheme()); |
| 24 } | 24 } |
| 25 | 25 |
| 26 } // namespace | 26 } // namespace |
| 27 | 27 |
| 28 namespace content { | 28 namespace content { |
| 29 | 29 |
| 30 bool IsOriginSecure(const GURL& url) { | 30 bool IsOriginSecure(const GURL& url) { |
| 31 if (url.SchemeIsCryptographic() || url.SchemeIsFile()) | 31 if (url.SchemeIsCryptographic() || url.SchemeIsFile()) |
| 32 return true; | 32 return true; |
| (...skipping 20 matching lines...) Expand all Loading... |
| 53 return true; | 53 return true; |
| 54 | 54 |
| 55 if (base::ContainsValue(GetServiceWorkerSchemes(), url.scheme())) { | 55 if (base::ContainsValue(GetServiceWorkerSchemes(), url.scheme())) { |
| 56 return true; | 56 return true; |
| 57 } | 57 } |
| 58 | 58 |
| 59 return false; | 59 return false; |
| 60 } | 60 } |
| 61 | 61 |
| 62 bool IsOriginWhiteListedTrustworthy(const url::Origin& origin) { | 62 bool IsOriginWhiteListedTrustworthy(const url::Origin& origin) { |
| 63 if (IsOriginUnique(origin)) | 63 if (IsOriginOpaque(origin)) |
| 64 return false; | 64 return false; |
| 65 | 65 |
| 66 return base::ContainsValue(GetSecureOrigins(), | 66 return base::ContainsValue(GetSecureOrigins(), |
| 67 origin.GetURL().HostNoBrackets()); | 67 origin.GetURL().HostNoBrackets()); |
| 68 } | 68 } |
| 69 | 69 |
| 70 bool IsPotentiallyTrustworthyOrigin(const url::Origin& origin) { | 70 bool IsPotentiallyTrustworthyOrigin(const url::Origin& origin) { |
| 71 // Note: Considering this mirrors SecurityOrigin::isPotentiallyTrustworthy, it | 71 // Note: Considering this mirrors SecurityOrigin::isPotentiallyTrustworthy, it |
| 72 // assumes m_isUniqueOriginPotentiallyTrustworthy is set to false. This | 72 // assumes m_isUniqueOriginPotentiallyTrustworthy is set to false. This |
| 73 // implementation follows Blink's default behavior but in the renderer it can | 73 // implementation follows Blink's default behavior but in the renderer it can |
| 74 // be changed per instance by calls to | 74 // be changed per instance by calls to |
| 75 // SecurityOrigin::setUniqueOriginIsPotentiallyTrustworthy. | 75 // SecurityOrigin::setUniqueOriginIsPotentiallyTrustworthy. |
| 76 if (IsOriginUnique(origin)) | 76 if (IsOriginOpaque(origin)) |
| 77 return false; | 77 return false; |
| 78 | 78 |
| 79 if (base::ContainsValue(url::GetSecureSchemes(), origin.scheme()) || | 79 if (base::ContainsValue(url::GetSecureSchemes(), origin.scheme()) || |
| 80 base::ContainsValue(url::GetLocalSchemes(), origin.scheme()) || | 80 base::ContainsValue(url::GetLocalSchemes(), origin.scheme()) || |
| 81 net::IsLocalhost(origin.GetURL().HostNoBracketsPiece())) { | 81 net::IsLocalhost(origin.GetURL().HostNoBracketsPiece())) { |
| 82 return true; | 82 return true; |
| 83 } | 83 } |
| 84 | 84 |
| 85 if (IsOriginWhiteListedTrustworthy(origin)) | 85 if (IsOriginWhiteListedTrustworthy(origin)) |
| 86 return true; | 86 return true; |
| 87 | 87 |
| 88 return false; | 88 return false; |
| 89 } | 89 } |
| 90 | 90 |
| 91 } // namespace content | 91 } // namespace content |
| OLD | NEW |