OLD | NEW |
| (Empty) |
1 /* | |
2 * Copyright (C) 2011 Google Inc. All rights reserved. | |
3 * | |
4 * Redistribution and use in source and binary forms, with or without | |
5 * modification, are permitted provided that the following conditions | |
6 * are met: | |
7 * | |
8 * 1. Redistributions of source code must retain the above copyright | |
9 * notice, this list of conditions and the following disclaimer. | |
10 * 2. Redistributions in binary form must reproduce the above copyright | |
11 * notice, this list of conditions and the following disclaimer in the | |
12 * documentation and/or other materials provided with the distribution. | |
13 * 3. Neither the name of Google, Inc. ("Google") nor the names of | |
14 * its contributors may be used to endorse or promote products derived | |
15 * from this software without specific prior written permission. | |
16 * | |
17 * THIS SOFTWARE IS PROVIDED BY GOOGLE AND ITS CONTRIBUTORS "AS IS" AND ANY | |
18 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | |
19 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | |
20 * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY | |
21 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | |
22 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
23 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | |
24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | |
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
27 */ | |
28 | |
29 #include "config.h" | |
30 #include "weborigin/SecurityPolicy.h" | |
31 | |
32 #include "weborigin/KURL.h" | |
33 #include "weborigin/OriginAccessEntry.h" | |
34 #include "weborigin/SecurityOrigin.h" | |
35 #include "wtf/MainThread.h" | |
36 #include "wtf/OwnPtr.h" | |
37 #include "wtf/PassOwnPtr.h" | |
38 #include "wtf/text/StringHash.h" | |
39 | |
40 namespace WebCore { | |
41 | |
42 typedef Vector<OriginAccessEntry> OriginAccessWhiteList; | |
43 typedef HashMap<String, OwnPtr<OriginAccessWhiteList> > OriginAccessMap; | |
44 | |
45 static OriginAccessMap& originAccessMap() | |
46 { | |
47 DEFINE_STATIC_LOCAL(OriginAccessMap, originAccessMap, ()); | |
48 return originAccessMap; | |
49 } | |
50 | |
51 bool SecurityPolicy::shouldHideReferrer(const KURL& url, const String& referrer) | |
52 { | |
53 bool referrerIsSecureURL = protocolIs(referrer, "https"); | |
54 bool referrerIsWebURL = referrerIsSecureURL || protocolIs(referrer, "http"); | |
55 | |
56 if (!referrerIsWebURL) | |
57 return true; | |
58 | |
59 if (!referrerIsSecureURL) | |
60 return false; | |
61 | |
62 bool URLIsSecureURL = url.protocolIs("https"); | |
63 | |
64 return !URLIsSecureURL; | |
65 } | |
66 | |
67 String SecurityPolicy::generateReferrerHeader(ReferrerPolicy referrerPolicy, con
st KURL& url, const String& referrer) | |
68 { | |
69 if (referrer.isEmpty()) | |
70 return String(); | |
71 | |
72 switch (referrerPolicy) { | |
73 case ReferrerPolicyNever: | |
74 return String(); | |
75 case ReferrerPolicyAlways: | |
76 return referrer; | |
77 case ReferrerPolicyOrigin: { | |
78 String origin = SecurityOrigin::createFromString(referrer)->toString(); | |
79 if (origin == "null") | |
80 return String(); | |
81 // A security origin is not a canonical URL as it lacks a path. Add / | |
82 // to turn it into a canonical URL we can use as referrer. | |
83 return origin + "/"; | |
84 } | |
85 case ReferrerPolicyDefault: | |
86 break; | |
87 } | |
88 | |
89 return shouldHideReferrer(url, referrer) ? String() : referrer; | |
90 } | |
91 | |
92 bool SecurityPolicy::isAccessWhiteListed(const SecurityOrigin* activeOrigin, con
st SecurityOrigin* targetOrigin) | |
93 { | |
94 if (OriginAccessWhiteList* list = originAccessMap().get(activeOrigin->toStri
ng())) { | |
95 for (size_t i = 0; i < list->size(); ++i) { | |
96 if (list->at(i).matchesOrigin(*targetOrigin)) | |
97 return true; | |
98 } | |
99 } | |
100 return false; | |
101 } | |
102 | |
103 bool SecurityPolicy::isAccessToURLWhiteListed(const SecurityOrigin* activeOrigin
, const KURL& url) | |
104 { | |
105 RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url); | |
106 return isAccessWhiteListed(activeOrigin, targetOrigin.get()); | |
107 } | |
108 | |
109 void SecurityPolicy::addOriginAccessWhitelistEntry(const SecurityOrigin& sourceO
rigin, const String& destinationProtocol, const String& destinationDomain, bool
allowDestinationSubdomains) | |
110 { | |
111 ASSERT(isMainThread()); | |
112 ASSERT(!sourceOrigin.isUnique()); | |
113 if (sourceOrigin.isUnique()) | |
114 return; | |
115 | |
116 String sourceString = sourceOrigin.toString(); | |
117 OriginAccessMap::AddResult result = originAccessMap().add(sourceString, null
ptr); | |
118 if (result.isNewEntry) | |
119 result.iterator->value = adoptPtr(new OriginAccessWhiteList); | |
120 | |
121 OriginAccessWhiteList* list = result.iterator->value.get(); | |
122 list->append(OriginAccessEntry(destinationProtocol, destinationDomain, allow
DestinationSubdomains ? OriginAccessEntry::AllowSubdomains : OriginAccessEntry::
DisallowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress)); | |
123 } | |
124 | |
125 void SecurityPolicy::removeOriginAccessWhitelistEntry(const SecurityOrigin& sour
ceOrigin, const String& destinationProtocol, const String& destinationDomain, bo
ol allowDestinationSubdomains) | |
126 { | |
127 ASSERT(isMainThread()); | |
128 ASSERT(!sourceOrigin.isUnique()); | |
129 if (sourceOrigin.isUnique()) | |
130 return; | |
131 | |
132 String sourceString = sourceOrigin.toString(); | |
133 OriginAccessMap& map = originAccessMap(); | |
134 OriginAccessMap::iterator it = map.find(sourceString); | |
135 if (it == map.end()) | |
136 return; | |
137 | |
138 OriginAccessWhiteList* list = it->value.get(); | |
139 size_t index = list->find(OriginAccessEntry(destinationProtocol, destination
Domain, allowDestinationSubdomains ? OriginAccessEntry::AllowSubdomains : Origin
AccessEntry::DisallowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress)); | |
140 if (index == kNotFound) | |
141 return; | |
142 | |
143 list->remove(index); | |
144 | |
145 if (list->isEmpty()) | |
146 map.remove(it); | |
147 } | |
148 | |
149 void SecurityPolicy::resetOriginAccessWhitelists() | |
150 { | |
151 ASSERT(isMainThread()); | |
152 originAccessMap().clear(); | |
153 } | |
154 | |
155 } // namespace WebCore | |
OLD | NEW |