| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 21 matching lines...) Expand all Loading... |
| 32 #include "wtf/ThreadingPrimitives.h" | 32 #include "wtf/ThreadingPrimitives.h" |
| 33 #include "wtf/text/StringBuilder.h" | 33 #include "wtf/text/StringBuilder.h" |
| 34 | 34 |
| 35 namespace blink { | 35 namespace blink { |
| 36 | 36 |
| 37 namespace { | 37 namespace { |
| 38 | 38 |
| 39 class URLSchemesRegistry final { | 39 class URLSchemesRegistry final { |
| 40 public: | 40 public: |
| 41 URLSchemesRegistry() | 41 URLSchemesRegistry() |
| 42 : emptyDocumentSchemes({"about"}), | 42 : // For ServiceWorker schemes: HTTP is required because http://localhost |
| 43 // For ServiceWorker schemes: HTTP is required because http://localhost | 43 // is considered secure. Additional checks are performed to ensure that |
| 44 // is considered secure. Additional checks are performed to ensure that | 44 // other http pages are filtered out. |
| 45 // other http pages are filtered out. | |
| 46 serviceWorkerSchemes({"http", "https"}), | 45 serviceWorkerSchemes({"http", "https"}), |
| 47 fetchAPISchemes({"http", "https"}), | 46 fetchAPISchemes({"http", "https"}), |
| 48 allowedInReferrerSchemes({"http", "https"}) { | 47 allowedInReferrerSchemes({"http", "https"}) { |
| 49 for (auto& scheme : url::GetLocalSchemes()) | 48 for (auto& scheme : url::GetLocalSchemes()) |
| 50 localSchemes.insert(scheme.c_str()); | 49 localSchemes.insert(scheme.c_str()); |
| 51 for (auto& scheme : url::GetSecureSchemes()) | 50 for (auto& scheme : url::GetSecureSchemes()) |
| 52 secureSchemes.insert(scheme.c_str()); | 51 secureSchemes.insert(scheme.c_str()); |
| 53 for (auto& scheme : url::GetNoAccessSchemes()) | 52 for (auto& scheme : url::GetNoAccessSchemes()) |
| 54 schemesWithUniqueOrigins.insert(scheme.c_str()); | 53 schemesWithUniqueOrigins.insert(scheme.c_str()); |
| 55 for (auto& scheme : url::GetCORSEnabledSchemes()) | 54 for (auto& scheme : url::GetCORSEnabledSchemes()) |
| 56 CORSEnabledSchemes.insert(scheme.c_str()); | 55 CORSEnabledSchemes.insert(scheme.c_str()); |
| 57 for (auto& scheme : url::GetCSPBypassingSchemes()) { | 56 for (auto& scheme : url::GetCSPBypassingSchemes()) { |
| 58 contentSecurityPolicyBypassingSchemes.insert( | 57 contentSecurityPolicyBypassingSchemes.insert( |
| 59 scheme.c_str(), SchemeRegistry::PolicyAreaAll); | 58 scheme.c_str(), SchemeRegistry::PolicyAreaAll); |
| 60 } | 59 } |
| 60 for (auto& scheme : url::GetEmptyDocumentSchemes()) |
| 61 emptyDocumentSchemes.insert(scheme.c_str()); |
| 61 } | 62 } |
| 62 ~URLSchemesRegistry() = default; | 63 ~URLSchemesRegistry() = default; |
| 63 | 64 |
| 64 URLSchemesSet localSchemes; | 65 URLSchemesSet localSchemes; |
| 65 URLSchemesSet displayIsolatedURLSchemes; | 66 URLSchemesSet displayIsolatedURLSchemes; |
| 66 URLSchemesSet secureSchemes; | 67 URLSchemesSet secureSchemes; |
| 67 URLSchemesSet schemesWithUniqueOrigins; | 68 URLSchemesSet schemesWithUniqueOrigins; |
| 68 URLSchemesSet emptyDocumentSchemes; | 69 URLSchemesSet emptyDocumentSchemes; |
| 69 URLSchemesSet schemesForbiddenFromDomainRelaxation; | 70 URLSchemesSet schemesForbiddenFromDomainRelaxation; |
| 70 URLSchemesSet notAllowingJavascriptURLsSchemes; | 71 URLSchemesSet notAllowingJavascriptURLsSchemes; |
| (...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 154 getMutableURLSchemesRegistry().secureSchemes.insert(scheme); | 155 getMutableURLSchemesRegistry().secureSchemes.insert(scheme); |
| 155 } | 156 } |
| 156 | 157 |
| 157 bool SchemeRegistry::shouldTreatURLSchemeAsSecure(const String& scheme) { | 158 bool SchemeRegistry::shouldTreatURLSchemeAsSecure(const String& scheme) { |
| 158 DCHECK_EQ(scheme, scheme.lower()); | 159 DCHECK_EQ(scheme, scheme.lower()); |
| 159 if (scheme.isEmpty()) | 160 if (scheme.isEmpty()) |
| 160 return false; | 161 return false; |
| 161 return getURLSchemesRegistry().secureSchemes.contains(scheme); | 162 return getURLSchemesRegistry().secureSchemes.contains(scheme); |
| 162 } | 163 } |
| 163 | 164 |
| 164 void SchemeRegistry::registerURLSchemeAsEmptyDocument(const String& scheme) { | |
| 165 DCHECK_EQ(scheme, scheme.lower()); | |
| 166 getMutableURLSchemesRegistry().emptyDocumentSchemes.insert(scheme); | |
| 167 } | |
| 168 | |
| 169 bool SchemeRegistry::shouldLoadURLSchemeAsEmptyDocument(const String& scheme) { | 165 bool SchemeRegistry::shouldLoadURLSchemeAsEmptyDocument(const String& scheme) { |
| 170 DCHECK_EQ(scheme, scheme.lower()); | 166 DCHECK_EQ(scheme, scheme.lower()); |
| 171 if (scheme.isEmpty()) | 167 if (scheme.isEmpty()) |
| 172 return false; | 168 return false; |
| 173 return getURLSchemesRegistry().emptyDocumentSchemes.contains(scheme); | 169 return getURLSchemesRegistry().emptyDocumentSchemes.contains(scheme); |
| 174 } | 170 } |
| 175 | 171 |
| 176 void SchemeRegistry::setDomainRelaxationForbiddenForURLScheme( | 172 void SchemeRegistry::setDomainRelaxationForbiddenForURLScheme( |
| 177 bool forbidden, | 173 bool forbidden, |
| 178 const String& scheme) { | 174 const String& scheme) { |
| (...skipping 185 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 364 | 360 |
| 365 bool SchemeRegistry::schemeShouldBypassSecureContextCheck( | 361 bool SchemeRegistry::schemeShouldBypassSecureContextCheck( |
| 366 const String& scheme) { | 362 const String& scheme) { |
| 367 if (scheme.isEmpty()) | 363 if (scheme.isEmpty()) |
| 368 return false; | 364 return false; |
| 369 DCHECK_EQ(scheme, scheme.lower()); | 365 DCHECK_EQ(scheme, scheme.lower()); |
| 370 return getURLSchemesRegistry().secureContextBypassingSchemes.contains(scheme); | 366 return getURLSchemesRegistry().secureContextBypassingSchemes.contains(scheme); |
| 371 } | 367 } |
| 372 | 368 |
| 373 } // namespace blink | 369 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2760463005:
Fix handling of external protocols with PlzNavigate. (Closed)
