Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(433)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/platform/weborigin/SecurityOrigin.h

Issue 299253003: [webcrypto] Only allow crypto.subtle.* to be used from "secure origins". (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Address abarth comments Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Source/platform/DEPS ('k') | Source/platform/weborigin/SecurityOrigin.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2007, 2008 Apple Inc. All rights reserved. 2 * Copyright (C) 2007, 2008 Apple Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 7 *
8 * 1. Redistributions of source code must retain the above copyright 8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright 10 * 2. Redistributions in binary form must reproduce the above copyright
(...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after
106 // Returns true if this SecurityOrigin can receive drag content from the 106 // Returns true if this SecurityOrigin can receive drag content from the
107 // initiator. For example, call this function before allowing content to be 107 // initiator. For example, call this function before allowing content to be
108 // dropped onto a target. 108 // dropped onto a target.
109 bool canReceiveDragData(const SecurityOrigin* dragInitiator) const; 109 bool canReceiveDragData(const SecurityOrigin* dragInitiator) const;
110 110
111 // Returns true if |document| can display content from the given URL (e.g., 111 // Returns true if |document| can display content from the given URL (e.g.,
112 // in an iframe or as an image). For example, web sites generally cannot 112 // in an iframe or as an image). For example, web sites generally cannot
113 // display content from the user's files system. 113 // display content from the user's files system.
114 bool canDisplay(const KURL&) const; 114 bool canDisplay(const KURL&) const;
115 115
116 // A "secure origin" as defined by [1] are those that load resources either
117 // from the local machine (necessarily trusted) or over the network from a
118 // cryptographically-authenticated server.
119 //
120 // [1] http://www.chromium.org/Home/chromium-security/security-faq#TOC-Which -origins-are-secure-
121 bool canAccessFeatureRequiringSecureOrigin() const;
122
116 // Returns true if this SecurityOrigin can load local resources, such 123 // Returns true if this SecurityOrigin can load local resources, such
117 // as images, iframes, and style sheets, and can link to local URLs. 124 // as images, iframes, and style sheets, and can link to local URLs.
118 // For example, call this function before creating an iframe to a 125 // For example, call this function before creating an iframe to a
119 // file:// URL. 126 // file:// URL.
120 // 127 //
121 // Note: A SecurityOrigin might be allowed to load local resources 128 // Note: A SecurityOrigin might be allowed to load local resources
122 // without being able to issue an XMLHttpRequest for a local URL. 129 // without being able to issue an XMLHttpRequest for a local URL.
123 // To determine whether the SecurityOrigin can issue an 130 // To determine whether the SecurityOrigin can issue an
124 // XMLHttpRequest for a URL, call canRequest(url). 131 // XMLHttpRequest for a URL, call canRequest(url).
125 bool canLoadLocalResources() const { return m_canLoadLocalResources; } 132 bool canLoadLocalResources() const { return m_canLoadLocalResources; }
126 133
127 // Explicitly grant the ability to load local resources to this 134 // Explicitly grant the ability to load local resources to this
128 // SecurityOrigin. 135 // SecurityOrigin.
129 // 136 //
130 // Note: This method exists only to support backwards compatibility 137 // Note: This method exists only to support backwards compatibility
131 // with older versions of WebKit. 138 // with older versions of WebKit.
132 void grantLoadLocalResources(); 139 void grantLoadLocalResources();
133 140
134 // Explicitly grant the ability to access very other SecurityOrigin. 141 // Explicitly grant the ability to access every other SecurityOrigin.
135 // 142 //
136 // WARNING: This is an extremely powerful ability. Use with caution! 143 // WARNING: This is an extremely powerful ability. Use with caution!
137 void grantUniversalAccess(); 144 void grantUniversalAccess();
138 145
139 bool canAccessDatabase() const { return !isUnique(); }; 146 bool canAccessDatabase() const { return !isUnique(); };
140 bool canAccessLocalStorage() const { return !isUnique(); }; 147 bool canAccessLocalStorage() const { return !isUnique(); };
141 bool canAccessSharedWorkers() const { return !isUnique(); } 148 bool canAccessSharedWorkers() const { return !isUnique(); }
142 bool canAccessCookies() const { return !isUnique(); } 149 bool canAccessCookies() const { return !isUnique(); }
143 bool canAccessPasswordManager() const { return !isUnique(); } 150 bool canAccessPasswordManager() const { return !isUnique(); }
144 bool canAccessFileSystem() const { return !isUnique(); } 151 bool canAccessFileSystem() const { return !isUnique(); }
145 Policy canShowNotifications() const; 152 Policy canShowNotifications() const;
146 153
147 // Technically, we should always allow access to sessionStorage, but we 154 // Technically, we should always allow access to sessionStorage, but we
148 // currently don't handle creating a sessionStorage area for unique 155 // currently don't handle creating a sessionStorage area for unique
149 // origins. 156 // origins.
150 bool canAccessSessionStorage() const { return !isUnique(); } 157 bool canAccessSessionStorage() const { return !isUnique(); }
151 158
152 // The local SecurityOrigin is the most privileged SecurityOrigin. 159 // The local SecurityOrigin is the most privileged SecurityOrigin.
153 // The local SecurityOrigin can script any document, navigate to local 160 // The local SecurityOrigin can script any document, navigate to local
154 // resources, and can set arbitrary headers on XMLHttpRequests. 161 // resources, and can set arbitrary headers on XMLHttpRequests.
155 bool isLocal() const; 162 bool isLocal() const;
156 163
164 // Returns true if the host is one of 127.0.0.1/8, ::1/128, or "localhost".
165 bool isLocalhost() const;
166
157 // The origin is a globally unique identifier assigned when the Document is 167 // The origin is a globally unique identifier assigned when the Document is
158 // created. http://www.whatwg.org/specs/web-apps/current-work/#sandboxOrigin 168 // created. http://www.whatwg.org/specs/web-apps/current-work/#sandboxOrigin
159 // 169 //
160 // There's a subtle difference between a unique origin and an origin that 170 // There's a subtle difference between a unique origin and an origin that
161 // has the SandboxOrigin flag set. The latter implies the former, and, in 171 // has the SandboxOrigin flag set. The latter implies the former, and, in
162 // addition, the SandboxOrigin flag is inherited by iframes. 172 // addition, the SandboxOrigin flag is inherited by iframes.
163 bool isUnique() const { return m_isUnique; } 173 bool isUnique() const { return m_isUnique; }
164 174
165 // Marks a file:// origin as being in a domain defined by its path. 175 // Marks a file:// origin as being in a domain defined by its path.
166 // FIXME 81578: The naming of this is confusing. Files with restricted acces s to other local files 176 // FIXME 81578: The naming of this is confusing. Files with restricted acces s to other local files
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after
211 bool m_universalAccess; 221 bool m_universalAccess;
212 bool m_domainWasSetInDOM; 222 bool m_domainWasSetInDOM;
213 bool m_canLoadLocalResources; 223 bool m_canLoadLocalResources;
214 bool m_enforceFilePathSeparation; 224 bool m_enforceFilePathSeparation;
215 bool m_needsDatabaseIdentifierQuirkForFiles; 225 bool m_needsDatabaseIdentifierQuirkForFiles;
216 }; 226 };
217 227
218 } // namespace WebCore 228 } // namespace WebCore
219 229
220 #endif // SecurityOrigin_h 230 #endif // SecurityOrigin_h
OLDNEW
« no previous file with comments | « Source/platform/DEPS ('k') | Source/platform/weborigin/SecurityOrigin.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698