| OLD | NEW |
|---|
| (Empty) |
| 1 /* | |
| 2 * Copyright (C) 2010 Apple Inc. All Rights Reserved. | |
| 3 * | |
| 4 * Redistribution and use in source and binary forms, with or without | |
| 5 * modification, are permitted provided that the following conditions | |
| 6 * are met: | |
| 7 * 1. Redistributions of source code must retain the above copyright | |
| 8 * notice, this list of conditions and the following disclaimer. | |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | |
| 10 * notice, this list of conditions and the following disclaimer in the | |
| 11 * documentation and/or other materials provided with the distribution. | |
| 12 * | |
| 13 * THIS SOFTWARE IS PROVIDED BY APPLE, INC. ``AS IS'' AND ANY | |
| 14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
| 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
| 16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR | |
| 17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, | |
| 18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, | |
| 19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR | |
| 20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY | |
| 21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
| 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
| 23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 24 * | |
| 25 */ | |
| 26 | |
| 27 #include "config.h" | |
| 28 #include "weborigin/SchemeRegistry.h" | |
| 29 | |
| 30 #include "wtf/MainThread.h" | |
| 31 | |
| 32 namespace WebCore { | |
| 33 | |
| 34 static URLSchemesMap& localURLSchemes() | |
| 35 { | |
| 36 DEFINE_STATIC_LOCAL(URLSchemesMap, localSchemes, ()); | |
| 37 | |
| 38 if (localSchemes.isEmpty()) | |
| 39 localSchemes.add("file"); | |
| 40 | |
| 41 return localSchemes; | |
| 42 } | |
| 43 | |
| 44 static URLSchemesMap& displayIsolatedURLSchemes() | |
| 45 { | |
| 46 DEFINE_STATIC_LOCAL(URLSchemesMap, displayIsolatedSchemes, ()); | |
| 47 return displayIsolatedSchemes; | |
| 48 } | |
| 49 | |
| 50 static URLSchemesMap& secureSchemes() | |
| 51 { | |
| 52 DEFINE_STATIC_LOCAL(URLSchemesMap, secureSchemes, ()); | |
| 53 | |
| 54 if (secureSchemes.isEmpty()) { | |
| 55 secureSchemes.add("https"); | |
| 56 secureSchemes.add("about"); | |
| 57 secureSchemes.add("data"); | |
| 58 } | |
| 59 | |
| 60 return secureSchemes; | |
| 61 } | |
| 62 | |
| 63 static URLSchemesMap& schemesWithUniqueOrigins() | |
| 64 { | |
| 65 DEFINE_STATIC_LOCAL(URLSchemesMap, schemesWithUniqueOrigins, ()); | |
| 66 | |
| 67 if (schemesWithUniqueOrigins.isEmpty()) { | |
| 68 schemesWithUniqueOrigins.add("about"); | |
| 69 schemesWithUniqueOrigins.add("javascript"); | |
| 70 // This is a willful violation of HTML5. | |
| 71 // See https://bugs.webkit.org/show_bug.cgi?id=11885 | |
| 72 schemesWithUniqueOrigins.add("data"); | |
| 73 } | |
| 74 | |
| 75 return schemesWithUniqueOrigins; | |
| 76 } | |
| 77 | |
| 78 static URLSchemesMap& emptyDocumentSchemes() | |
| 79 { | |
| 80 DEFINE_STATIC_LOCAL(URLSchemesMap, emptyDocumentSchemes, ()); | |
| 81 | |
| 82 if (emptyDocumentSchemes.isEmpty()) | |
| 83 emptyDocumentSchemes.add("about"); | |
| 84 | |
| 85 return emptyDocumentSchemes; | |
| 86 } | |
| 87 | |
| 88 static HashSet<String>& schemesForbiddenFromDomainRelaxation() | |
| 89 { | |
| 90 DEFINE_STATIC_LOCAL(HashSet<String>, schemes, ()); | |
| 91 return schemes; | |
| 92 } | |
| 93 | |
| 94 static URLSchemesMap& canDisplayOnlyIfCanRequestSchemes() | |
| 95 { | |
| 96 DEFINE_STATIC_LOCAL(URLSchemesMap, canDisplayOnlyIfCanRequestSchemes, ()); | |
| 97 | |
| 98 if (canDisplayOnlyIfCanRequestSchemes.isEmpty()) { | |
| 99 canDisplayOnlyIfCanRequestSchemes.add("blob"); | |
| 100 canDisplayOnlyIfCanRequestSchemes.add("filesystem"); | |
| 101 } | |
| 102 | |
| 103 return canDisplayOnlyIfCanRequestSchemes; | |
| 104 } | |
| 105 | |
| 106 static URLSchemesMap& notAllowingJavascriptURLsSchemes() | |
| 107 { | |
| 108 DEFINE_STATIC_LOCAL(URLSchemesMap, notAllowingJavascriptURLsSchemes, ()); | |
| 109 return notAllowingJavascriptURLsSchemes; | |
| 110 } | |
| 111 | |
| 112 void SchemeRegistry::registerURLSchemeAsLocal(const String& scheme) | |
| 113 { | |
| 114 localURLSchemes().add(scheme); | |
| 115 } | |
| 116 | |
| 117 void SchemeRegistry::removeURLSchemeRegisteredAsLocal(const String& scheme) | |
| 118 { | |
| 119 if (scheme == "file") | |
| 120 return; | |
| 121 localURLSchemes().remove(scheme); | |
| 122 } | |
| 123 | |
| 124 const URLSchemesMap& SchemeRegistry::localSchemes() | |
| 125 { | |
| 126 return localURLSchemes(); | |
| 127 } | |
| 128 | |
| 129 static URLSchemesMap& CORSEnabledSchemes() | |
| 130 { | |
| 131 // FIXME: http://bugs.webkit.org/show_bug.cgi?id=77160 | |
| 132 DEFINE_STATIC_LOCAL(URLSchemesMap, CORSEnabledSchemes, ()); | |
| 133 | |
| 134 if (CORSEnabledSchemes.isEmpty()) { | |
| 135 CORSEnabledSchemes.add("http"); | |
| 136 CORSEnabledSchemes.add("https"); | |
| 137 } | |
| 138 | |
| 139 return CORSEnabledSchemes; | |
| 140 } | |
| 141 | |
| 142 static URLSchemesMap& ContentSecurityPolicyBypassingSchemes() | |
| 143 { | |
| 144 DEFINE_STATIC_LOCAL(URLSchemesMap, schemes, ()); | |
| 145 return schemes; | |
| 146 } | |
| 147 | |
| 148 bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme) | |
| 149 { | |
| 150 if (scheme.isEmpty()) | |
| 151 return false; | |
| 152 return localURLSchemes().contains(scheme); | |
| 153 } | |
| 154 | |
| 155 void SchemeRegistry::registerURLSchemeAsNoAccess(const String& scheme) | |
| 156 { | |
| 157 schemesWithUniqueOrigins().add(scheme); | |
| 158 } | |
| 159 | |
| 160 bool SchemeRegistry::shouldTreatURLSchemeAsNoAccess(const String& scheme) | |
| 161 { | |
| 162 if (scheme.isEmpty()) | |
| 163 return false; | |
| 164 return schemesWithUniqueOrigins().contains(scheme); | |
| 165 } | |
| 166 | |
| 167 void SchemeRegistry::registerURLSchemeAsDisplayIsolated(const String& scheme) | |
| 168 { | |
| 169 displayIsolatedURLSchemes().add(scheme); | |
| 170 } | |
| 171 | |
| 172 bool SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated(const String& scheme) | |
| 173 { | |
| 174 if (scheme.isEmpty()) | |
| 175 return false; | |
| 176 return displayIsolatedURLSchemes().contains(scheme); | |
| 177 } | |
| 178 | |
| 179 void SchemeRegistry::registerURLSchemeAsSecure(const String& scheme) | |
| 180 { | |
| 181 secureSchemes().add(scheme); | |
| 182 } | |
| 183 | |
| 184 bool SchemeRegistry::shouldTreatURLSchemeAsSecure(const String& scheme) | |
| 185 { | |
| 186 if (scheme.isEmpty()) | |
| 187 return false; | |
| 188 return secureSchemes().contains(scheme); | |
| 189 } | |
| 190 | |
| 191 void SchemeRegistry::registerURLSchemeAsEmptyDocument(const String& scheme) | |
| 192 { | |
| 193 emptyDocumentSchemes().add(scheme); | |
| 194 } | |
| 195 | |
| 196 bool SchemeRegistry::shouldLoadURLSchemeAsEmptyDocument(const String& scheme) | |
| 197 { | |
| 198 if (scheme.isEmpty()) | |
| 199 return false; | |
| 200 return emptyDocumentSchemes().contains(scheme); | |
| 201 } | |
| 202 | |
| 203 void SchemeRegistry::setDomainRelaxationForbiddenForURLScheme(bool forbidden, co
nst String& scheme) | |
| 204 { | |
| 205 if (scheme.isEmpty()) | |
| 206 return; | |
| 207 | |
| 208 if (forbidden) | |
| 209 schemesForbiddenFromDomainRelaxation().add(scheme); | |
| 210 else | |
| 211 schemesForbiddenFromDomainRelaxation().remove(scheme); | |
| 212 } | |
| 213 | |
| 214 bool SchemeRegistry::isDomainRelaxationForbiddenForURLScheme(const String& schem
e) | |
| 215 { | |
| 216 if (scheme.isEmpty()) | |
| 217 return false; | |
| 218 return schemesForbiddenFromDomainRelaxation().contains(scheme); | |
| 219 } | |
| 220 | |
| 221 bool SchemeRegistry::canDisplayOnlyIfCanRequest(const String& scheme) | |
| 222 { | |
| 223 if (scheme.isEmpty()) | |
| 224 return false; | |
| 225 return canDisplayOnlyIfCanRequestSchemes().contains(scheme); | |
| 226 } | |
| 227 | |
| 228 void SchemeRegistry::registerAsCanDisplayOnlyIfCanRequest(const String& scheme) | |
| 229 { | |
| 230 canDisplayOnlyIfCanRequestSchemes().add(scheme); | |
| 231 } | |
| 232 | |
| 233 void SchemeRegistry::registerURLSchemeAsNotAllowingJavascriptURLs(const String&
scheme) | |
| 234 { | |
| 235 notAllowingJavascriptURLsSchemes().add(scheme); | |
| 236 } | |
| 237 | |
| 238 bool SchemeRegistry::shouldTreatURLSchemeAsNotAllowingJavascriptURLs(const Strin
g& scheme) | |
| 239 { | |
| 240 if (scheme.isEmpty()) | |
| 241 return false; | |
| 242 return notAllowingJavascriptURLsSchemes().contains(scheme); | |
| 243 } | |
| 244 | |
| 245 void SchemeRegistry::registerURLSchemeAsCORSEnabled(const String& scheme) | |
| 246 { | |
| 247 CORSEnabledSchemes().add(scheme); | |
| 248 } | |
| 249 | |
| 250 bool SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(const String& scheme) | |
| 251 { | |
| 252 if (scheme.isEmpty()) | |
| 253 return false; | |
| 254 return CORSEnabledSchemes().contains(scheme); | |
| 255 } | |
| 256 | |
| 257 void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(const Str
ing& scheme) | |
| 258 { | |
| 259 ContentSecurityPolicyBypassingSchemes().add(scheme); | |
| 260 } | |
| 261 | |
| 262 void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(c
onst String& scheme) | |
| 263 { | |
| 264 ContentSecurityPolicyBypassingSchemes().remove(scheme); | |
| 265 } | |
| 266 | |
| 267 bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& schem
e) | |
| 268 { | |
| 269 if (scheme.isEmpty()) | |
| 270 return false; | |
| 271 return ContentSecurityPolicyBypassingSchemes().contains(scheme); | |
| 272 } | |
| 273 | |
| 274 } // namespace WebCore | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 54053006:
Move weborigin/ under platform/ so that it may someday call platform APIs (Closed)
Base URL: svn://svn.chromium.org/blink/trunk