Keep subdomains of an isolated origin in the isolated origin's SiteInstance.

content/browser/isolated_origin_util.cc

Index: content/browser/isolated_origin_util.cc
diff --git a/content/browser/isolated_origin_util.cc b/content/browser/isolated_origin_util.cc
new file mode 100644
index 0000000000000000000000000000000000000000..fe25348a6522400377f07382be5055f973157fcb
--- /dev/null
+++ b/content/browser/isolated_origin_util.cc
@@ -0,0 +1,67 @@
+// Copyright (c) 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/browser/isolated_origin_util.h"
+
+#include "base/strings/string_util.h"
+#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
+#include "url/gurl.h"
+
+namespace content {
+
+// static
+bool IsolatedOriginUtil::DoesOriginMatchIsolatedOrigin(
+    const url::Origin& origin,
+    const url::Origin& isolated_origin) {
+  // Don't match subdomains if the isolated origin is an IP address.
+  if (isolated_origin.GetURL().HostIsIPAddress())
+    return origin == isolated_origin;
+
+  if (origin.scheme() != isolated_origin.scheme())
+    return false;
+
+  if (origin.port() != isolated_origin.port())
+    return false;
+
+  // Subdomains of an isolated origin are considered to be in the same isolated
+  // origin.
+  return origin.DomainIs(isolated_origin.host());
+}
+
+// static
+bool IsolatedOriginUtil::IsValidIsolatedOrigin(const url::Origin& origin) {
+  if (origin.unique())
+    return false;
+
+  // Isolated origins should have HTTP or HTTPS schemes.  Hosts in other
+  // schemes may not be compatible with subdomain matching.
+  GURL origin_gurl = origin.GetURL();
+  if (!origin_gurl.SchemeIsHTTPOrHTTPS())
+    return false;
+
+  // IP addresses are allowed.
+  if (origin_gurl.HostIsIPAddress())
+    return true;
+
+  // Disallow hosts such as http://co.uk/, which don't have a valid
+  // registry-controlled domain.  This prevents subdomain matching from
+  // grouping unrelated sites on a registry into the same origin.
+  const bool has_registry_domain =
+      net::registry_controlled_domains::HostHasRegistryControlledDomain(

[ncarter (slow), 2017/06/30 22:00:56]

This variant will redo the canonicalization internally, but it's the most
readable option. If this won't be called often (I suspect not), this is probably
fine. If performance matters we can use GetCanonicalHostRegistryLength.

[alexmos, 2017/06/30 23:30:02]

Acknowledged.  This is only called when adding isolated origins right now, so
perf probably won't matter until we start adding lots of isolated origins.

+          origin.host(),
+          net::registry_controlled_domains::INCLUDE_UNKNOWN_REGISTRIES,
+          net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES);
+  if (!has_registry_domain)
+    return false;
+
+  // For now, disallow hosts with a trailing dot.
+  // TODO(alexmos): Enabling this would require carefully thinking about
+  // whether hosts without a trailing dot should match it.
+  if (origin.host().back() == '.')
+    return false;
+
+  return true;
+}
+
+}  // namespace content