Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(446)

Unified Diff: components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java

Issue 2815763002: Prevent usage of web payments API over insecure HTTPS. (Closed)
Patch Set: Fix typo Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java
diff --git a/components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java b/components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java
new file mode 100644
index 0000000000000000000000000000000000000000..7896be16d758b744b0d989045ac116bcdb3743aa
--- /dev/null
+++ b/components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java
@@ -0,0 +1,37 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+package org.chromium.components.payments;
+
+import org.chromium.base.annotations.JNINamespace;
+
+/** Helper for origin security. */
+@JNINamespace("payments")
+public class OriginSecurityChecker {
+ /**
+ * Returns true for a valid URL from a secure origin, e.g., http://localhost, file://test.html,
+ * https://bobpay.com.
+ *
+ * @param url The URL to check.
+ * @return Whether the origin of the URL is secure.
+ */
+ public static boolean isOriginSecure(String url) {
+ return nativeIsOriginSecure(url);
+ }
+
+ /**
+ * Returns true for a valid URL with a cryptographic scheme, e.g., HTTPS, HTTPS-SO, WSS.
+ *
+ * @param url The URL to check.
+ * @return Whether the scheme of the URL is cryptographic.
+ */
+ public static boolean isSchemeCryptographic(String url) {
+ return nativeIsSchemeCryptographic(url);
+ }
+
+ private OriginSecurityChecker() {}
+
+ private static native boolean nativeIsOriginSecure(String url);
+ private static native boolean nativeIsSchemeCryptographic(String url);
+}

Powered by Google App Engine
This is Rietveld 408576698