OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 21 matching lines...) Expand all Loading... |
32 #include "wtf/ThreadingPrimitives.h" | 32 #include "wtf/ThreadingPrimitives.h" |
33 #include "wtf/text/StringBuilder.h" | 33 #include "wtf/text/StringBuilder.h" |
34 | 34 |
35 namespace blink { | 35 namespace blink { |
36 | 36 |
37 namespace { | 37 namespace { |
38 | 38 |
39 class URLSchemesRegistry final { | 39 class URLSchemesRegistry final { |
40 public: | 40 public: |
41 URLSchemesRegistry() | 41 URLSchemesRegistry() |
42 : emptyDocumentSchemes({"about"}), | 42 : // For ServiceWorker schemes: HTTP is required because http://localhost |
43 // For ServiceWorker schemes: HTTP is required because http://localhost | 43 // is considered secure. Additional checks are performed to ensure that |
44 // is considered secure. Additional checks are performed to ensure that | 44 // other http pages are filtered out. |
45 // other http pages are filtered out. | |
46 serviceWorkerSchemes({"http", "https"}), | 45 serviceWorkerSchemes({"http", "https"}), |
47 fetchAPISchemes({"http", "https"}), | 46 fetchAPISchemes({"http", "https"}), |
48 allowedInReferrerSchemes({"http", "https"}) { | 47 allowedInReferrerSchemes({"http", "https"}) { |
49 for (auto& scheme : url::GetLocalSchemes()) | 48 for (auto& scheme : url::GetLocalSchemes()) |
50 localSchemes.insert(scheme.c_str()); | 49 localSchemes.insert(scheme.c_str()); |
51 for (auto& scheme : url::GetSecureSchemes()) | 50 for (auto& scheme : url::GetSecureSchemes()) |
52 secureSchemes.insert(scheme.c_str()); | 51 secureSchemes.insert(scheme.c_str()); |
53 for (auto& scheme : url::GetNoAccessSchemes()) | 52 for (auto& scheme : url::GetNoAccessSchemes()) |
54 schemesWithUniqueOrigins.insert(scheme.c_str()); | 53 schemesWithUniqueOrigins.insert(scheme.c_str()); |
55 for (auto& scheme : url::GetCORSEnabledSchemes()) | 54 for (auto& scheme : url::GetCORSEnabledSchemes()) |
56 CORSEnabledSchemes.insert(scheme.c_str()); | 55 CORSEnabledSchemes.insert(scheme.c_str()); |
57 for (auto& scheme : url::GetCSPBypassingSchemes()) { | 56 for (auto& scheme : url::GetCSPBypassingSchemes()) { |
58 contentSecurityPolicyBypassingSchemes.insert( | 57 contentSecurityPolicyBypassingSchemes.insert( |
59 scheme.c_str(), SchemeRegistry::PolicyAreaAll); | 58 scheme.c_str(), SchemeRegistry::PolicyAreaAll); |
60 } | 59 } |
| 60 for (auto& scheme : url::GetEmptyDocumentSchemes()) |
| 61 emptyDocumentSchemes.insert(scheme.c_str()); |
61 } | 62 } |
62 ~URLSchemesRegistry() = default; | 63 ~URLSchemesRegistry() = default; |
63 | 64 |
64 URLSchemesSet localSchemes; | 65 URLSchemesSet localSchemes; |
65 URLSchemesSet displayIsolatedURLSchemes; | 66 URLSchemesSet displayIsolatedURLSchemes; |
66 URLSchemesSet secureSchemes; | 67 URLSchemesSet secureSchemes; |
67 URLSchemesSet schemesWithUniqueOrigins; | 68 URLSchemesSet schemesWithUniqueOrigins; |
68 URLSchemesSet emptyDocumentSchemes; | 69 URLSchemesSet emptyDocumentSchemes; |
69 URLSchemesSet schemesForbiddenFromDomainRelaxation; | 70 URLSchemesSet schemesForbiddenFromDomainRelaxation; |
70 URLSchemesSet notAllowingJavascriptURLsSchemes; | 71 URLSchemesSet notAllowingJavascriptURLsSchemes; |
(...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
154 getMutableURLSchemesRegistry().secureSchemes.insert(scheme); | 155 getMutableURLSchemesRegistry().secureSchemes.insert(scheme); |
155 } | 156 } |
156 | 157 |
157 bool SchemeRegistry::shouldTreatURLSchemeAsSecure(const String& scheme) { | 158 bool SchemeRegistry::shouldTreatURLSchemeAsSecure(const String& scheme) { |
158 DCHECK_EQ(scheme, scheme.lower()); | 159 DCHECK_EQ(scheme, scheme.lower()); |
159 if (scheme.isEmpty()) | 160 if (scheme.isEmpty()) |
160 return false; | 161 return false; |
161 return getURLSchemesRegistry().secureSchemes.contains(scheme); | 162 return getURLSchemesRegistry().secureSchemes.contains(scheme); |
162 } | 163 } |
163 | 164 |
164 void SchemeRegistry::registerURLSchemeAsEmptyDocument(const String& scheme) { | |
165 DCHECK_EQ(scheme, scheme.lower()); | |
166 getMutableURLSchemesRegistry().emptyDocumentSchemes.insert(scheme); | |
167 } | |
168 | |
169 bool SchemeRegistry::shouldLoadURLSchemeAsEmptyDocument(const String& scheme) { | 165 bool SchemeRegistry::shouldLoadURLSchemeAsEmptyDocument(const String& scheme) { |
170 DCHECK_EQ(scheme, scheme.lower()); | 166 DCHECK_EQ(scheme, scheme.lower()); |
171 if (scheme.isEmpty()) | 167 if (scheme.isEmpty()) |
172 return false; | 168 return false; |
173 return getURLSchemesRegistry().emptyDocumentSchemes.contains(scheme); | 169 return getURLSchemesRegistry().emptyDocumentSchemes.contains(scheme); |
174 } | 170 } |
175 | 171 |
176 void SchemeRegistry::setDomainRelaxationForbiddenForURLScheme( | 172 void SchemeRegistry::setDomainRelaxationForbiddenForURLScheme( |
177 bool forbidden, | 173 bool forbidden, |
178 const String& scheme) { | 174 const String& scheme) { |
(...skipping 185 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
364 | 360 |
365 bool SchemeRegistry::schemeShouldBypassSecureContextCheck( | 361 bool SchemeRegistry::schemeShouldBypassSecureContextCheck( |
366 const String& scheme) { | 362 const String& scheme) { |
367 if (scheme.isEmpty()) | 363 if (scheme.isEmpty()) |
368 return false; | 364 return false; |
369 DCHECK_EQ(scheme, scheme.lower()); | 365 DCHECK_EQ(scheme, scheme.lower()); |
370 return getURLSchemesRegistry().secureContextBypassingSchemes.contains(scheme); | 366 return getURLSchemesRegistry().secureContextBypassingSchemes.contains(scheme); |
371 } | 367 } |
372 | 368 |
373 } // namespace blink | 369 } // namespace blink |
OLD | NEW |