Tag SecurityContext objects as being hosted in reserved IP ranges.

Source/core/dom/DocumentInit.cpp

 /*
  * Copyright (C) 1999 Lars Knoll (knoll@kde.org)
  *           (C) 1999 Antti Koivisto (koivisto@kde.org)
  *           (C) 2001 Dirk Mueller (mueller@kde.org)
  *           (C) 2006 Alexey Proskuryakov (ap@webkit.org)
  * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 Apple Inc. All rights reserved.
  * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.torchmobile.com/)
  * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies)
  * Copyright (C) 2013 Google Inc. All rights reserved.
  *
@@ skipping 15 matching lines @@
  */
 
 #include "config.h"
 #include "core/dom/DocumentInit.h"
 
 #include "core/dom/Document.h"
 #include "core/dom/custom/CustomElementRegistrationContext.h"
 #include "core/frame/LocalFrame.h"
 #include "core/html/HTMLFrameOwnerElement.h"
 #include "core/html/imports/HTMLImportsController.h"
+#include "core/loader/DocumentLoader.h"
 #include "platform/RuntimeEnabledFeatures.h"
+#include "public/platform/Platform.h"
 
 namespace blink {
 
 // FIXME: Broken with OOPI.
 static Document* parentDocument(LocalFrame* frame)
 {
     if (!frame)
         return 0;
     Element* ownerElement = frame->deprecatedLocalOwner();
     if (!ownerElement)
@@ skipping 69 matching lines @@
     ASSERT(frameForSecurityContext());
     return frameForSecurityContext()->loader().effectiveSandboxFlags();
 }
 
 bool DocumentInit::shouldEnforceStrictMixedContentChecking() const
 {
     ASSERT(frameForSecurityContext());
     return frameForSecurityContext()->loader().shouldEnforceStrictMixedContentChecking();
 }
 
+bool DocumentInit::isHostedInReservedIPRange() const
+{
+    if (LocalFrame* frame = frameForSecurityContext()) {
+        // TODO: Fix the platform API to drop the KURL construction.

[jochen (gone - plz use gerrit), 2015/01/13 15:04:55]

it's FIXME in blink

[Mike West, 2015/01/13 15:35:38]

Done.

+        if (DocumentLoader* loader = frame->loader().provisionalDocumentLoader() ? frame->loader().provisionalDocumentLoader() : frame->loader().documentLoader()) {
+            if (!loader->response().remoteIPAddress().isEmpty()) {
+                KURL documentIP(ParsedURLString, "http://" + loader->response().remoteIPAddress());

[jochen (gone - plz use gerrit), 2015/01/13 15:04:54]

https:// - be a good role model :)

otoh, why does the api not take the string? seems odd to convert to URL for no
good reason

[Mike West, 2015/01/13 15:35:38]

Ha! Done.
Your humble API author is an idiot, basically. We don't need the KURL; we strip
it down to a host immediately upon passing it to Chromium. We did briefly use a
KURL for a naive version of this check earlier, but it's a waste now.

I was going to poke at this in a separate CL, but I guess it's just as easy to
fix it here. 

+                return Platform::current()->isReservedIPAddress(documentIP);
+            }
+        }
+    }
+    return false;
+}
+
 Settings* DocumentInit::settings() const
 {
     ASSERT(frameForSecurityContext());
     return frameForSecurityContext()->settings();
 }
 
 KURL DocumentInit::parentBaseURL() const
 {
     return m_parent->baseURL();
 }
@@ skipping 28 matching lines @@
     return m_contextDocument;
 }
 
 DocumentInit DocumentInit::fromContext(WeakPtrWillBeRawPtr<Document> contextDocument, const KURL& url)
 {
     return DocumentInit(url, 0, contextDocument, 0);
 }
 
 } // namespace blink