OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google Inc. All rights reserved. | 2 * Copyright (C) 2011 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * | 7 * |
8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
11 * notice, this list of conditions and the following disclaimer in the | 11 * notice, this list of conditions and the following disclaimer in the |
12 * documentation and/or other materials provided with the distribution. | 12 * documentation and/or other materials provided with the distribution. |
13 * 3. Neither the name of Google, Inc. ("Google") nor the names of | 13 * 3. Neither the name of Google, Inc. ("Google") nor the names of |
14 * its contributors may be used to endorse or promote products derived | 14 * its contributors may be used to endorse or promote products derived |
15 * from this software without specific prior written permission. | 15 * from this software without specific prior written permission. |
16 * | 16 * |
17 * THIS SOFTWARE IS PROVIDED BY GOOGLE AND ITS CONTRIBUTORS "AS IS" AND ANY | 17 * THIS SOFTWARE IS PROVIDED BY GOOGLE AND ITS CONTRIBUTORS "AS IS" AND ANY |
18 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | 18 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
19 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | 19 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE |
20 * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY | 20 * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY |
21 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | 21 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES |
22 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | 22 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
23 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | 23 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND |
24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
27 */ | 27 */ |
28 | 28 |
29 #include "config.h" | 29 #include "config.h" |
30 #include "weborigin/SecurityPolicy.h" | 30 #include "platform/weborigin/SecurityPolicy.h" |
31 | 31 |
32 #include "weborigin/KURL.h" | 32 #include "platform/weborigin/KURL.h" |
33 #include "weborigin/OriginAccessEntry.h" | 33 #include "platform/weborigin/OriginAccessEntry.h" |
34 #include "weborigin/SecurityOrigin.h" | 34 #include "platform/weborigin/SecurityOrigin.h" |
35 #include "wtf/MainThread.h" | 35 #include "wtf/MainThread.h" |
36 #include "wtf/OwnPtr.h" | 36 #include "wtf/OwnPtr.h" |
37 #include "wtf/PassOwnPtr.h" | 37 #include "wtf/PassOwnPtr.h" |
38 #include "wtf/text/StringHash.h" | 38 #include "wtf/text/StringHash.h" |
39 | 39 |
40 namespace WebCore { | 40 namespace WebCore { |
41 | 41 |
42 typedef Vector<OriginAccessEntry> OriginAccessWhiteList; | 42 typedef Vector<OriginAccessEntry> OriginAccessWhiteList; |
43 typedef HashMap<String, OwnPtr<OriginAccessWhiteList> > OriginAccessMap; | 43 typedef HashMap<String, OwnPtr<OriginAccessWhiteList> > OriginAccessMap; |
44 | 44 |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
86 break; | 86 break; |
87 } | 87 } |
88 | 88 |
89 return shouldHideReferrer(url, referrer) ? String() : referrer; | 89 return shouldHideReferrer(url, referrer) ? String() : referrer; |
90 } | 90 } |
91 | 91 |
92 bool SecurityPolicy::isAccessWhiteListed(const SecurityOrigin* activeOrigin, con
st SecurityOrigin* targetOrigin) | 92 bool SecurityPolicy::isAccessWhiteListed(const SecurityOrigin* activeOrigin, con
st SecurityOrigin* targetOrigin) |
93 { | 93 { |
94 if (OriginAccessWhiteList* list = originAccessMap().get(activeOrigin->toStri
ng())) { | 94 if (OriginAccessWhiteList* list = originAccessMap().get(activeOrigin->toStri
ng())) { |
95 for (size_t i = 0; i < list->size(); ++i) { | 95 for (size_t i = 0; i < list->size(); ++i) { |
96 if (list->at(i).matchesOrigin(*targetOrigin)) | 96 if (list->at(i).matchesOrigin(*targetOrigin)) |
97 return true; | 97 return true; |
98 } | 98 } |
99 } | 99 } |
100 return false; | 100 return false; |
101 } | 101 } |
102 | 102 |
103 bool SecurityPolicy::isAccessToURLWhiteListed(const SecurityOrigin* activeOrigin
, const KURL& url) | 103 bool SecurityPolicy::isAccessToURLWhiteListed(const SecurityOrigin* activeOrigin
, const KURL& url) |
104 { | 104 { |
105 RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url); | 105 RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url); |
106 return isAccessWhiteListed(activeOrigin, targetOrigin.get()); | 106 return isAccessWhiteListed(activeOrigin, targetOrigin.get()); |
107 } | 107 } |
108 | 108 |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
146 map.remove(it); | 146 map.remove(it); |
147 } | 147 } |
148 | 148 |
149 void SecurityPolicy::resetOriginAccessWhitelists() | 149 void SecurityPolicy::resetOriginAccessWhitelists() |
150 { | 150 { |
151 ASSERT(isMainThread()); | 151 ASSERT(isMainThread()); |
152 originAccessMap().clear(); | 152 originAccessMap().clear(); |
153 } | 153 } |
154 | 154 |
155 } // namespace WebCore | 155 } // namespace WebCore |
OLD | NEW |