PassRefPtr<SecurityOrigin> SecurityOrigin::create(const URL& url)
{
RefPtr<SecurityOrigin> cachedOrigin = getCachedOrigin(url);
if (cachedOrigin.get())
return cachedOrigin;
if (shouldTreatAsUniqueOrigin(url)) {
RefPtr<SecurityOrigin> origin = adoptRef(new SecurityOrigin());
if (url.protocolIs("file")) {
// Unfortunately, we can't represent all unique origins exactly
// the same way because we need to produce a quirky database
// identifier for file URLs due to persistent storage in some
// embedders of WebKit.
origin->m_needsDatabaseIdentifierQuirkForFiles = true;
}
return origin.release();
}
if (shouldUseInnerURL(url))
return adoptRef(new SecurityOrigin(extractInnerURL(url)));
return adoptRef(new SecurityOrigin(url));
}
bool SecurityOrigin::canRequest(const KURL& url) const
{
if (m_universalAccess)
return true;
if (getCachedOrigin(url) == this)
return true;
if (isUnique())
return false;
RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
if (targetOrigin->isUnique())
return false;
// We call isSameSchemeHostPort here instead of canAccess because we want
// to ignore document.domain effects.
if (isSameSchemeHostPort(targetOrigin.get()))
return true;
if (SecurityPolicy::isAccessWhiteListed(this, targetOrigin.get()))
return true;
return false;
}
Ref<SecurityOrigin> SecurityOrigin::create(const URL& url)
{
if (RefPtr<SecurityOrigin> cachedOrigin = getCachedOrigin(url))
return cachedOrigin.releaseNonNull();
if (shouldTreatAsUniqueOrigin(url))
return adoptRef(*new SecurityOrigin);
if (shouldUseInnerURL(url))
return adoptRef(*new SecurityOrigin(extractInnerURL(url)));
return adoptRef(*new SecurityOrigin(url));
}
