OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2007 Apple Inc. All rights reserved. | 2 * Copyright (C) 2007 Apple Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * | 7 * |
8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
(...skipping 357 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
368 | 368 |
369 if (SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated(protocol)) | 369 if (SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated(protocol)) |
370 return m_protocol == protocol || SecurityPolicy::isAccessToURLWhiteListe
d(this, url); | 370 return m_protocol == protocol || SecurityPolicy::isAccessToURLWhiteListe
d(this, url); |
371 | 371 |
372 if (SchemeRegistry::shouldTreatURLSchemeAsLocal(protocol)) | 372 if (SchemeRegistry::shouldTreatURLSchemeAsLocal(protocol)) |
373 return canLoadLocalResources() || SecurityPolicy::isAccessToURLWhiteList
ed(this, url); | 373 return canLoadLocalResources() || SecurityPolicy::isAccessToURLWhiteList
ed(this, url); |
374 | 374 |
375 return true; | 375 return true; |
376 } | 376 } |
377 | 377 |
| 378 bool SecurityOrigin::canAccessFeatureRequiringSecureOrigin() const |
| 379 { |
| 380 if (isLocal()) |
| 381 return true; |
| 382 |
| 383 if (SchemeRegistry::shouldTreatURLSchemeAsSecure(m_protocol)) |
| 384 return true; |
| 385 |
| 386 // FIXME: The localhost check should be more relaxed and |
| 387 // allow all of 127/8 and ::1/128. See: |
| 388 // https://code.google.com/p/chromium/issues/detail?id=362214 |
| 389 if (!m_protocol.isEmpty() && !m_domainWasSetInDOM && (m_domain == "localhost
" || m_domain == "127.0.0.1" || m_domain == "[::1]")) |
| 390 return true; |
| 391 |
| 392 return false; |
| 393 } |
| 394 |
378 SecurityOrigin::Policy SecurityOrigin::canShowNotifications() const | 395 SecurityOrigin::Policy SecurityOrigin::canShowNotifications() const |
379 { | 396 { |
380 if (m_universalAccess) | 397 if (m_universalAccess) |
381 return AlwaysAllow; | 398 return AlwaysAllow; |
382 if (isUnique()) | 399 if (isUnique()) |
383 return AlwaysDeny; | 400 return AlwaysDeny; |
384 return Ask; | 401 return Ask; |
385 } | 402 } |
386 | 403 |
387 void SecurityOrigin::grantLoadLocalResources() | 404 void SecurityOrigin::grantLoadLocalResources() |
(...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
491 } | 508 } |
492 | 509 |
493 const String& SecurityOrigin::urlWithUniqueSecurityOrigin() | 510 const String& SecurityOrigin::urlWithUniqueSecurityOrigin() |
494 { | 511 { |
495 ASSERT(isMainThread()); | 512 ASSERT(isMainThread()); |
496 DEFINE_STATIC_LOCAL(const String, uniqueSecurityOriginURL, ("data:,")); | 513 DEFINE_STATIC_LOCAL(const String, uniqueSecurityOriginURL, ("data:,")); |
497 return uniqueSecurityOriginURL; | 514 return uniqueSecurityOriginURL; |
498 } | 515 } |
499 | 516 |
500 } // namespace WebCore | 517 } // namespace WebCore |
OLD | NEW |