// Enforces the given suborigin as part of the security origin for this // security context. |name| must not be empty, although it may be null. A null // name represents a lack of a suborigin. // See: https://w3c.github.io/webappsec-suborigins/index.html void SecurityContext::enforceSuborigin(const Suborigin& suborigin) { if (!RuntimeEnabledFeatures::suboriginsEnabled()) return; DCHECK(!suborigin.name().isEmpty()); DCHECK(RuntimeEnabledFeatures::suboriginsEnabled()); DCHECK(m_securityOrigin.get()); DCHECK(!m_securityOrigin->hasSuborigin() || m_securityOrigin->suborigin()->name() == suborigin.name()); m_securityOrigin->addSuborigin(suborigin); didUpdateSecurityOrigin(); }
void expectParsePolicyFail(const char* message, String header) { SCOPED_TRACE(message); Vector<String> messages; Suborigin suborigin; EXPECT_FALSE(parseSuboriginHeader(header, &suborigin, messages)); EXPECT_EQ(String(), suborigin.name()); }
void expectParseNamePass(const char* message, String header, String expectedName) { SCOPED_TRACE(message); Vector<String> messages; Suborigin suborigin; EXPECT_TRUE(parseSuboriginHeader(header, &suborigin, messages)); EXPECT_EQ(expectedName, suborigin.name()); }
void SecurityOrigin::addSuborigin(const Suborigin& suborigin) { ASSERT(RuntimeEnabledFeatures::suboriginsEnabled()); // Changing suborigins midstream is bad. Very bad. It should not happen. // This is, in fact, one of the very basic invariants that makes // suborigins an effective security tool. RELEASE_ASSERT(m_suborigin.name().isNull() || (m_suborigin.name() == suborigin.name())); m_suborigin.setTo(suborigin); }