Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(542)

Side by Side Diff: Source/weborigin/SchemeRegistry.h

Issue 54053006: Move weborigin/ under platform/ so that it may someday call platform APIs (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Stale refernence to weboriginexport in .gpyi Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Source/weborigin/ReferrerPolicy.h ('k') | Source/weborigin/SchemeRegistry.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /*
2 * Copyright (C) 2010 Apple Inc. All Rights Reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY APPLE, INC. ``AS IS'' AND ANY
14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 *
25 */
26
27 #ifndef SchemeRegistry_h
28 #define SchemeRegistry_h
29
30 #include "weborigin/WebOriginExport.h"
31 #include "wtf/HashSet.h"
32 #include "wtf/text/StringHash.h"
33 #include "wtf/text/WTFString.h"
34
35 namespace WebCore {
36
37 typedef HashSet<String, CaseFoldingHash> URLSchemesMap;
38
39 class WEBORIGIN_EXPORT SchemeRegistry {
40 public:
41 static void registerURLSchemeAsLocal(const String&);
42 static void removeURLSchemeRegisteredAsLocal(const String&);
43 static const URLSchemesMap& localSchemes();
44
45 static bool shouldTreatURLSchemeAsLocal(const String&);
46
47 // Secure schemes do not trigger mixed content warnings. For example,
48 // https and data are secure schemes because they cannot be corrupted by
49 // active network attackers.
50 static void registerURLSchemeAsSecure(const String&);
51 static bool shouldTreatURLSchemeAsSecure(const String&);
52
53 static void registerURLSchemeAsNoAccess(const String&);
54 static bool shouldTreatURLSchemeAsNoAccess(const String&);
55
56 // Display-isolated schemes can only be displayed (in the sense of
57 // SecurityOrigin::canDisplay) by documents from the same scheme.
58 static void registerURLSchemeAsDisplayIsolated(const String&);
59 static bool shouldTreatURLSchemeAsDisplayIsolated(const String&);
60
61 static void registerURLSchemeAsEmptyDocument(const String&);
62 static bool shouldLoadURLSchemeAsEmptyDocument(const String&);
63
64 static void setDomainRelaxationForbiddenForURLScheme(bool forbidden, const S tring&);
65 static bool isDomainRelaxationForbiddenForURLScheme(const String&);
66
67 // Such schemes should delegate to SecurityOrigin::canRequest for any URL
68 // passed to SecurityOrigin::canDisplay.
69 static bool canDisplayOnlyIfCanRequest(const String& scheme);
70 static void registerAsCanDisplayOnlyIfCanRequest(const String& scheme);
71
72 // Schemes against which javascript: URLs should not be allowed to run (stop
73 // bookmarklets from running on sensitive pages).
74 static void registerURLSchemeAsNotAllowingJavascriptURLs(const String& schem e);
75 static bool shouldTreatURLSchemeAsNotAllowingJavascriptURLs(const String& sc heme);
76
77 // Allow non-HTTP schemes to be registered to allow CORS requests.
78 static void registerURLSchemeAsCORSEnabled(const String& scheme);
79 static bool shouldTreatURLSchemeAsCORSEnabled(const String& scheme);
80
81 // Allow resources from some schemes to load on a page, regardless of its
82 // Content Security Policy.
83 static void registerURLSchemeAsBypassingContentSecurityPolicy(const String& scheme);
84 static void removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(const String& scheme);
85 static bool schemeShouldBypassContentSecurityPolicy(const String& scheme);
86 };
87
88 } // namespace WebCore
89
90 #endif // SchemeRegistry_h
OLDNEW
« no previous file with comments | « Source/weborigin/ReferrerPolicy.h ('k') | Source/weborigin/SchemeRegistry.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698