OLD | NEW |
| (Empty) |
1 /* | |
2 * Copyright (C) 2007 Apple Inc. All rights reserved. | |
3 * | |
4 * Redistribution and use in source and binary forms, with or without | |
5 * modification, are permitted provided that the following conditions | |
6 * are met: | |
7 * | |
8 * 1. Redistributions of source code must retain the above copyright | |
9 * notice, this list of conditions and the following disclaimer. | |
10 * 2. Redistributions in binary form must reproduce the above copyright | |
11 * notice, this list of conditions and the following disclaimer in the | |
12 * documentation and/or other materials provided with the distribution. | |
13 * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of | |
14 * its contributors may be used to endorse or promote products derived | |
15 * from this software without specific prior written permission. | |
16 * | |
17 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY | |
18 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | |
19 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | |
20 * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY | |
21 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | |
22 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
23 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | |
24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | |
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
27 */ | |
28 | |
29 #include "config.h" | |
30 #include "weborigin/DatabaseIdentifier.h" | |
31 | |
32 #include "weborigin/KURL.h" | |
33 #include "weborigin/KnownPorts.h" | |
34 #include "weborigin/SchemeRegistry.h" | |
35 #include "weborigin/SecurityOriginCache.h" | |
36 #include "weborigin/SecurityPolicy.h" | |
37 #include "wtf/HexNumber.h" | |
38 #include "wtf/MainThread.h" | |
39 #include "wtf/StdLibExtras.h" | |
40 #include "wtf/text/StringBuilder.h" | |
41 | |
42 namespace WebCore { | |
43 | |
44 const int maxAllowedPort = 65535; | |
45 | |
46 static const char separatorCharacter = '_'; | |
47 | |
48 PassRefPtr<SecurityOrigin> createSecurityOriginFromDatabaseIdentifier(const Stri
ng& databaseIdentifier) | |
49 { | |
50 if (!databaseIdentifier.containsOnlyASCII()) | |
51 return SecurityOrigin::createUnique(); | |
52 | |
53 // Make sure there's a first separator | |
54 size_t separator1 = databaseIdentifier.find(separatorCharacter); | |
55 if (separator1 == kNotFound) | |
56 return SecurityOrigin::createUnique(); | |
57 | |
58 // Make sure there's a second separator | |
59 size_t separator2 = databaseIdentifier.reverseFind(separatorCharacter); | |
60 if (separator2 == kNotFound) | |
61 return SecurityOrigin::createUnique(); | |
62 | |
63 // Ensure there were at least 2 separator characters. Some hostnames on intr
anets have | |
64 // underscores in them, so we'll assume that any additional underscores are
part of the host. | |
65 if (separator1 == separator2) | |
66 return SecurityOrigin::createUnique(); | |
67 | |
68 // Make sure the port section is a valid port number or doesn't exist | |
69 bool portOkay; | |
70 int port = databaseIdentifier.right(databaseIdentifier.length() - separator2
- 1).toInt(&portOkay); | |
71 bool portAbsent = (separator2 == databaseIdentifier.length() - 1); | |
72 if (!(portOkay || portAbsent)) | |
73 return SecurityOrigin::createUnique(); | |
74 | |
75 if (port < 0 || port > maxAllowedPort) | |
76 return SecurityOrigin::createUnique(); | |
77 | |
78 // Split out the 3 sections of data | |
79 String protocol = databaseIdentifier.substring(0, separator1); | |
80 String host = databaseIdentifier.substring(separator1 + 1, separator2 - sepa
rator1 - 1); | |
81 | |
82 // Make sure the components match their canonical representation so we are s
ure we're round tripping correctly. | |
83 KURL url(KURL(), protocol + "://" + host + ":" + String::number(port) + "/")
; | |
84 if (!url.isValid() || url.protocol() != protocol || url.host() != host) | |
85 return SecurityOrigin::createUnique(); | |
86 | |
87 return SecurityOrigin::create(url); | |
88 } | |
89 | |
90 String createDatabaseIdentifierFromSecurityOrigin(const SecurityOrigin* security
Origin) | |
91 { | |
92 // Historically, we've used the following (somewhat non-sensical) string | |
93 // for the databaseIdentifier of local files. We used to compute this | |
94 // string because of a bug in how we handled the scheme for file URLs. | |
95 // Now that we've fixed that bug, we still need to produce this string | |
96 // to avoid breaking existing persistent state. | |
97 if (securityOrigin->needsDatabaseIdentifierQuirkForFiles()) | |
98 return "file__0"; | |
99 | |
100 String separatorString(&separatorCharacter, 1); | |
101 | |
102 return securityOrigin->protocol() + separatorString + securityOrigin->host()
+ separatorString + String::number(securityOrigin->port()); | |
103 } | |
104 | |
105 } // namespace WebCore | |
OLD | NEW |