Index: Source/platform/weborigin/SecurityOrigin.h |
diff --git a/Source/platform/weborigin/SecurityOrigin.h b/Source/platform/weborigin/SecurityOrigin.h |
index b43766449a1e9bd62f1a6648c8a8731bc0312ca3..9b903ad7dfad751f3c561b1ab6519bd8344daedb 100644 |
--- a/Source/platform/weborigin/SecurityOrigin.h |
+++ b/Source/platform/weborigin/SecurityOrigin.h |
@@ -113,6 +113,13 @@ public: |
// display content from the user's files system. |
bool canDisplay(const KURL&) const; |
+ // A "secure origin" as defined by [1] are those that load resources either |
+ // from the local machine (necessarily trusted) or over the network from a |
+ // cryptographically-authenticated server. |
+ // |
+ // [1] http://www.chromium.org/Home/chromium-security/security-faq#TOC-Which-origins-are-secure- |
+ bool canAccessFeatureRequiringSecureOrigin() const; |
+ |
// Returns true if this SecurityOrigin can load local resources, such |
// as images, iframes, and style sheets, and can link to local URLs. |
// For example, call this function before creating an iframe to a |
@@ -131,7 +138,7 @@ public: |
// with older versions of WebKit. |
void grantLoadLocalResources(); |
- // Explicitly grant the ability to access very other SecurityOrigin. |
+ // Explicitly grant the ability to access every other SecurityOrigin. |
// |
// WARNING: This is an extremely powerful ability. Use with caution! |
void grantUniversalAccess(); |
@@ -154,6 +161,9 @@ public: |
// resources, and can set arbitrary headers on XMLHttpRequests. |
bool isLocal() const; |
+ // Returns true if the host is one of 127.0.0.1/8, ::1/128, or "localhost". |
+ bool isLocalhost() const; |
+ |
// The origin is a globally unique identifier assigned when the Document is |
// created. http://www.whatwg.org/specs/web-apps/current-work/#sandboxOrigin |
// |