Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(7)

Side by Side Diff: Source/weborigin/SecurityPolicy.cpp

Issue 54053006: Move weborigin/ under platform/ so that it may someday call platform APIs (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Stale refernence to weboriginexport in .gpyi Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Source/weborigin/SecurityPolicy.h ('k') | Source/weborigin/WebOriginExport.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /*
2 * Copyright (C) 2011 Google Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of Google, Inc. ("Google") nor the names of
14 * its contributors may be used to endorse or promote products derived
15 * from this software without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY GOOGLE AND ITS CONTRIBUTORS "AS IS" AND ANY
18 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
19 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
20 * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
21 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
22 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
23 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 #include "config.h"
30 #include "weborigin/SecurityPolicy.h"
31
32 #include "weborigin/KURL.h"
33 #include "weborigin/OriginAccessEntry.h"
34 #include "weborigin/SecurityOrigin.h"
35 #include "wtf/MainThread.h"
36 #include "wtf/OwnPtr.h"
37 #include "wtf/PassOwnPtr.h"
38 #include "wtf/text/StringHash.h"
39
40 namespace WebCore {
41
42 typedef Vector<OriginAccessEntry> OriginAccessWhiteList;
43 typedef HashMap<String, OwnPtr<OriginAccessWhiteList> > OriginAccessMap;
44
45 static OriginAccessMap& originAccessMap()
46 {
47 DEFINE_STATIC_LOCAL(OriginAccessMap, originAccessMap, ());
48 return originAccessMap;
49 }
50
51 bool SecurityPolicy::shouldHideReferrer(const KURL& url, const String& referrer)
52 {
53 bool referrerIsSecureURL = protocolIs(referrer, "https");
54 bool referrerIsWebURL = referrerIsSecureURL || protocolIs(referrer, "http");
55
56 if (!referrerIsWebURL)
57 return true;
58
59 if (!referrerIsSecureURL)
60 return false;
61
62 bool URLIsSecureURL = url.protocolIs("https");
63
64 return !URLIsSecureURL;
65 }
66
67 String SecurityPolicy::generateReferrerHeader(ReferrerPolicy referrerPolicy, con st KURL& url, const String& referrer)
68 {
69 if (referrer.isEmpty())
70 return String();
71
72 switch (referrerPolicy) {
73 case ReferrerPolicyNever:
74 return String();
75 case ReferrerPolicyAlways:
76 return referrer;
77 case ReferrerPolicyOrigin: {
78 String origin = SecurityOrigin::createFromString(referrer)->toString();
79 if (origin == "null")
80 return String();
81 // A security origin is not a canonical URL as it lacks a path. Add /
82 // to turn it into a canonical URL we can use as referrer.
83 return origin + "/";
84 }
85 case ReferrerPolicyDefault:
86 break;
87 }
88
89 return shouldHideReferrer(url, referrer) ? String() : referrer;
90 }
91
92 bool SecurityPolicy::isAccessWhiteListed(const SecurityOrigin* activeOrigin, con st SecurityOrigin* targetOrigin)
93 {
94 if (OriginAccessWhiteList* list = originAccessMap().get(activeOrigin->toStri ng())) {
95 for (size_t i = 0; i < list->size(); ++i) {
96 if (list->at(i).matchesOrigin(*targetOrigin))
97 return true;
98 }
99 }
100 return false;
101 }
102
103 bool SecurityPolicy::isAccessToURLWhiteListed(const SecurityOrigin* activeOrigin , const KURL& url)
104 {
105 RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
106 return isAccessWhiteListed(activeOrigin, targetOrigin.get());
107 }
108
109 void SecurityPolicy::addOriginAccessWhitelistEntry(const SecurityOrigin& sourceO rigin, const String& destinationProtocol, const String& destinationDomain, bool allowDestinationSubdomains)
110 {
111 ASSERT(isMainThread());
112 ASSERT(!sourceOrigin.isUnique());
113 if (sourceOrigin.isUnique())
114 return;
115
116 String sourceString = sourceOrigin.toString();
117 OriginAccessMap::AddResult result = originAccessMap().add(sourceString, null ptr);
118 if (result.isNewEntry)
119 result.iterator->value = adoptPtr(new OriginAccessWhiteList);
120
121 OriginAccessWhiteList* list = result.iterator->value.get();
122 list->append(OriginAccessEntry(destinationProtocol, destinationDomain, allow DestinationSubdomains ? OriginAccessEntry::AllowSubdomains : OriginAccessEntry:: DisallowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress));
123 }
124
125 void SecurityPolicy::removeOriginAccessWhitelistEntry(const SecurityOrigin& sour ceOrigin, const String& destinationProtocol, const String& destinationDomain, bo ol allowDestinationSubdomains)
126 {
127 ASSERT(isMainThread());
128 ASSERT(!sourceOrigin.isUnique());
129 if (sourceOrigin.isUnique())
130 return;
131
132 String sourceString = sourceOrigin.toString();
133 OriginAccessMap& map = originAccessMap();
134 OriginAccessMap::iterator it = map.find(sourceString);
135 if (it == map.end())
136 return;
137
138 OriginAccessWhiteList* list = it->value.get();
139 size_t index = list->find(OriginAccessEntry(destinationProtocol, destination Domain, allowDestinationSubdomains ? OriginAccessEntry::AllowSubdomains : Origin AccessEntry::DisallowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress));
140 if (index == kNotFound)
141 return;
142
143 list->remove(index);
144
145 if (list->isEmpty())
146 map.remove(it);
147 }
148
149 void SecurityPolicy::resetOriginAccessWhitelists()
150 {
151 ASSERT(isMainThread());
152 originAccessMap().clear();
153 }
154
155 } // namespace WebCore
OLDNEW
« no previous file with comments | « Source/weborigin/SecurityPolicy.h ('k') | Source/weborigin/WebOriginExport.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698