bool OriginAccessEntry::matchesOrigin(const SecurityOrigin& origin) const { ASSERT(origin.host() == origin.host().convertToASCIILowercase()); ASSERT(origin.protocol() == origin.protocol().convertToASCIILowercase()); if (m_protocol != origin.protocol()) return false; // Special case: Include subdomains and empty host means "all hosts, including ip addresses". if (m_subdomainSettings == AllowSubdomains && m_host.isEmpty()) return true; // Exact match. if (m_host == origin.host()) return true; // Otherwise we can only match if we're matching subdomains. if (m_subdomainSettings == DisallowSubdomains) return false; // Don't try to do subdomain matching on IP addresses. if (m_hostIsIPAddress) return false; // Match subdomains. if (origin.host().length() > m_host.length() && origin.host()[origin.host().length() - m_host.length() - 1] == '.' && origin.host().endsWith(m_host)) return true; return false; }
OriginAccessEntry::MatchResult OriginAccessEntry::matchesOrigin(const SecurityOrigin& origin) const { ASSERT(origin.host() == origin.host().lower()); ASSERT(origin.protocol() == origin.protocol().lower()); if (m_protocol != origin.protocol()) return DoesNotMatchOrigin; // Special case: Include subdomains and empty host means "all hosts, including ip addresses". if (m_subdomainSettings == AllowSubdomains && m_host.isEmpty()) return MatchesOrigin; // Exact match. if (m_host == origin.host()) return MatchesOrigin; // Otherwise we can only match if we're matching subdomains. if (m_subdomainSettings == DisallowSubdomains) return DoesNotMatchOrigin; // Don't try to do subdomain matching on IP addresses (except for testing). if (m_hostIsIPAddress && m_ipAddressSettings == TreatIPAddressAsIPAddress) return DoesNotMatchOrigin; // Match subdomains. if (origin.host().length() <= m_host.length() || origin.host()[origin.host().length() - m_host.length() - 1] != '.' || !origin.host().endsWith(m_host)) return DoesNotMatchOrigin; if (m_hostIsPublicSuffix) return MatchesOriginButIsPublicSuffix; return MatchesOrigin; }
OriginAccessEntry::MatchResult OriginAccessEntry::matchesOrigin(const SecurityOrigin& origin) const { ASSERT(origin.protocol() == origin.protocol().lower()); if (m_protocol != origin.protocol()) return DoesNotMatchOrigin; return matchesDomain(origin); }
// source-list = *WSP [ source *( 1*WSP source ) *WSP ] // / *WSP "'none'" *WSP // void CSPSourceList::parse(const UChar* begin, const UChar* end) { const UChar* position = begin; bool isFirstSourceInList = true; while (position < end) { skipWhile<isASCIISpace>(position, end); const UChar* beginSource = position; skipWhile<isSourceCharacter>(position, end); if (isFirstSourceInList && equalIgnoringCase("'none'", beginSource, position - beginSource)) return; // We represent 'none' as an empty m_list. isFirstSourceInList = false; String scheme, host; int port = 0; bool hostHasWildcard = false; bool portHasWildcard = false; if (parseSource(beginSource, position, scheme, host, port, hostHasWildcard, portHasWildcard)) { if (scheme.isEmpty()) scheme = m_origin->protocol(); m_list.append(CSPSource(scheme, host, port, hostHasWildcard, portHasWildcard)); } ASSERT(position == end || isASCIISpace(*position)); } }
static inline bool areOriginsMatching(const SecurityOrigin& origin1, const SecurityOrigin& origin2) { if (origin1.isUnique() || origin2.isUnique()) return origin1.isUnique() == origin2.isUnique(); if (origin1.protocol() != origin2.protocol()) return false; if (origin1.protocol() == "file") return true; if (origin1.host() != origin2.host()) return false; return origin1.port() == origin2.port(); }
bool V8Proxy::isEnabled() { Settings* settings = m_frame->settings(); if (!settings) return false; // In the common case, JavaScript is enabled and we're done. if (settings->isJavaScriptEnabled()) return true; // If JavaScript has been disabled, we need to look at the frame to tell // whether this script came from the web or the embedder. Scripts from the // embedder are safe to run, but scripts from the other sources are // disallowed. Document* document = m_frame->document(); if (!document) return false; SecurityOrigin* origin = document->securityOrigin(); if (origin->protocol().isEmpty()) return false; // Uninitialized document if (origin->protocol() == "http" || origin->protocol() == "https") return false; // Web site // FIXME: the following are application decisions, and they should // not be made at this layer. instead, we should bridge out to the // embedder to allow them to override policy here. if (origin->protocol() == ChromiumBridge::uiResourceProtocol()) return true; // Embedder's scripts are ok to run // If the scheme is ftp: or file:, an empty file name indicates a directory // listing, which requires JavaScript to function properly. const char* kDirProtocols[] = { "ftp", "file" }; for (size_t i = 0; i < arraysize(kDirProtocols); ++i) { if (origin->protocol() == kDirProtocols[i]) { const KURL& url = document->url(); return url.pathAfterLastSlash() == url.pathEnd(); } } return false; // Other protocols fall through to here }
SecurityOriginData SecurityOriginData::fromSecurityOrigin(const SecurityOrigin& securityOrigin) { SecurityOriginData securityOriginData; securityOriginData.protocol = securityOrigin.protocol(); securityOriginData.host = securityOrigin.host(); securityOriginData.port = securityOrigin.port(); return securityOriginData; }
static void measureStricterVersionOfIsMixedContent(Frame* frame, const KURL& url) { // We're currently only checking for mixed content in `https://*` contexts. // What about other "secure" contexts the SchemeRegistry knows about? We'll // use this method to measure the occurance of non-webby mixed content to make // sure we're not breaking the world without realizing it. SecurityOrigin* origin = frame->securityContext()->getSecurityOrigin(); if (MixedContentChecker::isMixedContent(origin, url)) { if (origin->protocol() != "https") { UseCounter::count( frame, UseCounter::MixedContentInNonHTTPSFrameThatRestrictsMixedContent); } } else if (!SecurityOrigin::isSecure(url) && SchemeRegistry::shouldTreatURLSchemeAsSecure(origin->protocol())) { UseCounter::count( frame, UseCounter::MixedContentInSecureFrameThatDoesNotRestrictMixedContent); } }
void CSPSourceList::addSourceSelf() { m_list.append(CSPSource(m_origin->protocol(), m_origin->host(), m_origin->port(), false, false)); }
ContentSecurityPolicy::ContentSecurityPolicy(const SecurityOrigin& securityOrigin) : m_sandboxFlags(SandboxNone) { m_selfSourceProtocol = securityOrigin.protocol(); m_selfSource = std::make_unique<ContentSecurityPolicySource>(*this, m_selfSourceProtocol, securityOrigin.host(), securityOrigin.port(), emptyString(), false, false); }
bool V8Proxy::isEnabled() { Settings* settings = m_frame->settings(); if (!settings) return false; // In the common case, JavaScript is enabled and we're done. if (settings->isJavaScriptEnabled()) return true; // If JavaScript has been disabled, we need to look at the frame to tell // whether this script came from the web or the embedder. Scripts from the // embedder are safe to run, but scripts from the other sources are // disallowed. Document* document = m_frame->document(); if (!document) return false; SecurityOrigin* origin = document->securityOrigin(); if (origin->protocol().isEmpty()) return false; // Uninitialized document if (origin->protocol() == "http" || origin->protocol() == "https") return false; // Web site // FIXME: the following are application decisions, and they should // not be made at this layer. instead, we should bridge out to the // embedder to allow them to override policy here. #if PLATFORM(CHROMIUM) // TODO(andreip): ChromeBridge->BrowserBridge? if (origin->protocol() == ChromiumBridge::uiResourceProtocol()) return true; // Embedder's scripts are ok to run #endif // If the scheme is ftp: or file:, an empty file name indicates a directory // listing, which requires JavaScript to function properly. const char* kDirProtocols[] = { "ftp", "file" }; #if PLATFORM(ANDROID) // TODO(andreip): Port arraysize function to Android. There's one in Gears. for (size_t i = 0; i < 2; ++i) { #else for (size_t i = 0; i < arraysize(kDirProtocols); ++i) { #endif if (origin->protocol() == kDirProtocols[i]) { const KURL& url = document->url(); return url.pathAfterLastSlash() == url.pathEnd(); } } return false; // Other protocols fall through to here } void V8Proxy::updateDocumentWrapper(v8::Handle<v8::Value> wrapper) { clearDocumentWrapper(); ASSERT(m_document.IsEmpty()); m_document = v8::Persistent<v8::Value>::New(wrapper); #ifndef NDEBUG V8GCController::registerGlobalHandle(PROXY, this, m_document); #endif }