| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/public/common/origin_util.h" | 5 #include "content/public/common/origin_util.h" |
| 6 | 6 |
| 7 #include "base/lazy_instance.h" | 7 #include "base/lazy_instance.h" |
| 8 #include "base/macros.h" | 8 #include "base/macros.h" |
| 9 #include "base/stl_util.h" | 9 #include "base/stl_util.h" |
| 10 #include "content/common/url_schemes.h" | 10 #include "content/common/url_schemes.h" |
| (...skipping 18 matching lines...) Expand all Loading... |
| 29 | 29 |
| 30 bool IsOriginSecure(const GURL& url) { | 30 bool IsOriginSecure(const GURL& url) { |
| 31 if (url.SchemeIsCryptographic() || url.SchemeIsFile()) | 31 if (url.SchemeIsCryptographic() || url.SchemeIsFile()) |
| 32 return true; | 32 return true; |
| 33 | 33 |
| 34 if (url.SchemeIsFileSystem() && url.inner_url() && | 34 if (url.SchemeIsFileSystem() && url.inner_url() && |
| 35 IsOriginSecure(*url.inner_url())) { | 35 IsOriginSecure(*url.inner_url())) { |
| 36 return true; | 36 return true; |
| 37 } | 37 } |
| 38 | 38 |
| 39 std::string hostname = url.HostNoBrackets(); | 39 if (net::IsLocalhost(url.HostNoBracketsPiece())) |
| 40 if (net::IsLocalhost(hostname)) | |
| 41 return true; | 40 return true; |
| 42 | 41 |
| 43 if (base::ContainsValue(url::GetSecureSchemes(), url.scheme())) | 42 if (base::ContainsValue(url::GetSecureSchemes(), url.scheme())) |
| 44 return true; | 43 return true; |
| 45 | 44 |
| 46 if (base::ContainsValue(GetSecureOrigins(), url.GetOrigin())) | 45 if (base::ContainsValue(GetSecureOrigins(), url.GetOrigin())) |
| 47 return true; | 46 return true; |
| 48 | 47 |
| 49 return false; | 48 return false; |
| 50 } | 49 } |
| (...skipping 21 matching lines...) Expand all Loading... |
| 72 // Note: Considering this mirrors SecurityOrigin::isPotentiallyTrustworthy, it | 71 // Note: Considering this mirrors SecurityOrigin::isPotentiallyTrustworthy, it |
| 73 // assumes m_isUniqueOriginPotentiallyTrustworthy is set to false. This | 72 // assumes m_isUniqueOriginPotentiallyTrustworthy is set to false. This |
| 74 // implementation follows Blink's default behavior but in the renderer it can | 73 // implementation follows Blink's default behavior but in the renderer it can |
| 75 // be changed per instance by calls to | 74 // be changed per instance by calls to |
| 76 // SecurityOrigin::setUniqueOriginIsPotentiallyTrustworthy. | 75 // SecurityOrigin::setUniqueOriginIsPotentiallyTrustworthy. |
| 77 if (IsOriginUnique(origin)) | 76 if (IsOriginUnique(origin)) |
| 78 return false; | 77 return false; |
| 79 | 78 |
| 80 if (base::ContainsValue(url::GetSecureSchemes(), origin.scheme()) || | 79 if (base::ContainsValue(url::GetSecureSchemes(), origin.scheme()) || |
| 81 base::ContainsValue(url::GetLocalSchemes(), origin.scheme()) || | 80 base::ContainsValue(url::GetLocalSchemes(), origin.scheme()) || |
| 82 net::IsLocalhost(origin.GetURL().HostNoBrackets())) { | 81 net::IsLocalhost(origin.GetURL().HostNoBracketsPiece())) { |
| 83 return true; | 82 return true; |
| 84 } | 83 } |
| 85 | 84 |
| 86 if (IsOriginWhiteListedTrustworthy(origin)) | 85 if (IsOriginWhiteListedTrustworthy(origin)) |
| 87 return true; | 86 return true; |
| 88 | 87 |
| 89 return false; | 88 return false; |
| 90 } | 89 } |
| 91 | 90 |
| 92 } // namespace content | 91 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2956643002:
Add GURL::HostNoBracketsPiece() (Closed)
