TEST(DatabaseIdentifierTest, CreateIdentifierFromSecurityOrigin)
{
struct OriginTestCase {
String protocol;
String host;
int port;
String expectedIdentifier;
} cases[] = {
{"http", "google.com", 80, "http_google.com_0"},
{"https", "www.google.com", 443, "https_www.google.com_0"},
{"http", "foo_bar_baz.org", 80, "http_foo_bar_baz.org_0"},
{"http", "nondefaultport.net", 8001, "http_nondefaultport.net_8001"},
{"http", "invalidportnumber.org", 70000, "__0"},
{"http", "invalidportnumber.org", -5, "__0"},
{"http", "%E2%98%83.unicode.com", 80, "http_xn--n3h.unicode.com_0"},
{"http", String::fromUTF8("\xe2\x98\x83.unicode.com"), 80, "http_xn--n3h.unicode.com_0"},
{"http", String::fromUTF8("\xf0\x9f\x92\xa9.unicode.com"), 80, "http_xn--ls8h.unicode.com_0"},
{"file", "", 0, "file__0"},
{"data", "", 0, "__0"},
{"about", "blank", 0, "__0"},
{"non-standard", "foobar.com", 0, "non-standard__0"},
};
for (size_t i = 0; i < WTF_ARRAY_LENGTH(cases); ++i) {
RefPtr<SecurityOrigin> origin = SecurityOrigin::create(cases[i].protocol, cases[i].host, cases[i].port);
String identifier = createDatabaseIdentifierFromSecurityOrigin(origin.get());
EXPECT_EQ(cases[i].expectedIdentifier, identifier) << "test case " << origin->toString();
}
}
void Database::reportVacuumDatabaseResult(int sqliteErrorCode)
{
if (Platform::current()->databaseObserver()) {
Platform::current()->databaseObserver()->reportVacuumDatabaseResult(
createDatabaseIdentifierFromSecurityOrigin(securityOrigin()),
stringIdentifier(), sqliteErrorCode);
}
}
void Database::reportExecuteStatementResult(int errorSite, int webSqlErrorCode, int sqliteErrorCode)
{
if (Platform::current()->databaseObserver()) {
Platform::current()->databaseObserver()->reportExecuteStatementResult(
createDatabaseIdentifierFromSecurityOrigin(securityOrigin()),
stringIdentifier(), errorSite, webSqlErrorCode, sqliteErrorCode);
}
}
static void databaseModified(DatabaseBackendBase* database)
{
if (Platform::current()->databaseObserver()) {
Platform::current()->databaseObserver()->databaseModified(
createDatabaseIdentifierFromSecurityOrigin(database->securityOrigin()),
database->stringIdentifier());
}
}
// These are used to generate histograms of errors seen with websql.
// See about:histograms in chromium.
void Database::reportOpenDatabaseResult(int errorSite, int webSqlErrorCode, int sqliteErrorCode, double duration)
{
if (Platform::current()->databaseObserver()) {
Platform::current()->databaseObserver()->reportOpenDatabaseResult(
createDatabaseIdentifierFromSecurityOrigin(securityOrigin()),
stringIdentifier(), errorSite, webSqlErrorCode, sqliteErrorCode,
duration);
}
}
void SQLTransactionClient::didCommitWriteTransaction(Database* database)
{
String originIdentifier = createDatabaseIdentifierFromSecurityOrigin(database->securityOrigin());
String databaseName = database->stringIdentifier();
ExecutionContext* executionContext = database->databaseContext()->executionContext();
if (!executionContext->isContextThread()) {
executionContext->postTask(BLINK_FROM_HERE, createCrossThreadTask(&databaseModified, originIdentifier, databaseName));
} else {
databaseModified(originIdentifier, databaseName);
}
}
PassRefPtr<DOMFileSystem> DOMFileSystem::createIsolatedFileSystem(ScriptExecutionContext* context, const String& filesystemId)
{
if (filesystemId.isEmpty())
return 0;
StringBuilder filesystemName;
filesystemName.append(createDatabaseIdentifierFromSecurityOrigin(context->securityOrigin()));
filesystemName.append(":Isolated_");
filesystemName.append(filesystemId);
// The rootURL created here is going to be attached to each filesystem request and
// is to be validated each time the request is being handled.
StringBuilder rootURL;
rootURL.append("filesystem:");
rootURL.append(context->securityOrigin()->toString());
rootURL.append("/");
rootURL.append(isolatedPathPrefix);
rootURL.append("/");
rootURL.append(filesystemId);
rootURL.append("/");
return DOMFileSystem::create(context, filesystemName.toString(), FileSystemTypeIsolated, KURL(ParsedURLString, rootURL.toString()), AsyncFileSystem::create());
}
IDBRequest* IDBFactory::getDatabaseNames(ScriptState* scriptState, ExceptionState& exceptionState)
{
IDB_TRACE("IDBFactory::getDatabaseNames");
if (!isContextValid(scriptState->executionContext()))
return nullptr;
if (!scriptState->executionContext()->securityOrigin()->canAccessDatabase()) {
exceptionState.throwSecurityError("access to the Indexed Database API is denied in this context.");
return nullptr;
}
IDBRequest* request = IDBRequest::create(scriptState, IDBAny::createNull(), nullptr);
if (!m_permissionClient->allowIndexedDB(scriptState->executionContext(), "Database Listing")) {
request->onError(DOMException::create(UnknownError, permissionDeniedErrorMessage));
return request;
}
Platform::current()->idbFactory()->getDatabaseNames(WebIDBCallbacksImpl::create(request).leakPtr(), createDatabaseIdentifierFromSecurityOrigin(scriptState->executionContext()->securityOrigin()));
return request;
}
IDBOpenDBRequest* IDBFactory::deleteDatabase(ScriptState* scriptState, const String& name, ExceptionState& exceptionState)
{
IDB_TRACE("IDBFactory::deleteDatabase");
IDBDatabase::recordApiCallsHistogram(IDBDeleteDatabaseCall);
if (!isContextValid(scriptState->executionContext()))
return nullptr;
if (!scriptState->executionContext()->securityOrigin()->canAccessDatabase()) {
exceptionState.throwSecurityError("access to the Indexed Database API is denied in this context.");
return nullptr;
}
IDBOpenDBRequest* request = IDBOpenDBRequest::create(scriptState, nullptr, 0, IDBDatabaseMetadata::DefaultVersion);
if (!m_permissionClient->allowIndexedDB(scriptState->executionContext(), name)) {
request->onError(DOMException::create(UnknownError, permissionDeniedErrorMessage));
return request;
}
Platform::current()->idbFactory()->deleteDatabase(name, WebIDBCallbacksImpl::create(request).leakPtr(), createDatabaseIdentifierFromSecurityOrigin(scriptState->executionContext()->securityOrigin()));
return request;
}
IDBOpenDBRequest* IDBFactory::openInternal(ScriptState* scriptState, const String& name, int64_t version, ExceptionState& exceptionState)
{
IDBDatabase::recordApiCallsHistogram(IDBOpenCall);
ASSERT(version >= 1 || version == IDBDatabaseMetadata::NoVersion);
if (!isContextValid(scriptState->executionContext()))
return nullptr;
if (!scriptState->executionContext()->securityOrigin()->canAccessDatabase()) {
exceptionState.throwSecurityError("access to the Indexed Database API is denied in this context.");
return nullptr;
}
IDBDatabaseCallbacks* databaseCallbacks = IDBDatabaseCallbacks::create();
int64_t transactionId = IDBDatabase::nextTransactionId();
IDBOpenDBRequest* request = IDBOpenDBRequest::create(scriptState, databaseCallbacks, transactionId, version);
if (!m_permissionClient->allowIndexedDB(scriptState->executionContext(), name)) {
request->onError(DOMException::create(UnknownError, permissionDeniedErrorMessage));
return request;
}
Platform::current()->idbFactory()->open(name, version, transactionId, WebIDBCallbacksImpl::create(request).leakPtr(), WebIDBDatabaseCallbacksImpl::create(databaseCallbacks).leakPtr(), createDatabaseIdentifierFromSecurityOrigin(scriptState->executionContext()->securityOrigin()));
return request;
}
WebString WebSecurityOrigin::databaseIdentifier() const
{
ASSERT(m_private);
return createDatabaseIdentifierFromSecurityOrigin(m_private);
}
static String getDatabaseIdentifier(SQLTransactionBackend* transaction)
{
DatabaseBackend* database = transaction->database();
ASSERT(database);
return createDatabaseIdentifierFromSecurityOrigin(database->securityOrigin());
}
// This tests the encoding of a hostname including every character in the range [\x1f, \x80].
TEST(DatabaseIdentifierTest, CreateIdentifierAllHostChars)
{
struct Case {
String hostname;
String expected;
bool shouldRoundTrip;
} cases[] = {
{"x\x1Fx", "__0", false},
{"x\x20x", "http_x%20x_0", false},
{"x\x21x", "http_x%21x_0", false},
{"x\x22x", "http_x%22x_0", false},
{"x\x23x", "http_x_0", false}, // 'x#x', the # and following are ignored.
{"x\x24x", "http_x%24x_0", false},
{"x\x25x", "__0", false},
{"x\x26x", "http_x%26x_0", false},
{"x\x27x", "http_x%27x_0", false},
{"x\x28x", "http_x%28x_0", false},
{"x\x29x", "http_x%29x_0", false},
{"x\x2ax", "http_x%2ax_0", false},
{"x\x2bx", "http_x+x_0", false},
{"x\x2cx", "http_x%2cx_0", false},
{"x\x2dx", "http_x-x_0", true},
{"x\x2ex", "http_x.x_0", true},
{"x\x2fx", "http_x_0", false}, // 'x/x', the / and following are ignored.
{"x\x30x", "http_x0x_0", true},
{"x\x31x", "http_x1x_0", true},
{"x\x32x", "http_x2x_0", true},
{"x\x33x", "http_x3x_0", true},
{"x\x34x", "http_x4x_0", true},
{"x\x35x", "http_x5x_0", true},
{"x\x36x", "http_x6x_0", true},
{"x\x37x", "http_x7x_0", true},
{"x\x38x", "http_x8x_0", true},
{"x\x39x", "http_x9x_0", true},
{"x\x3ax", "__0", false},
{"x\x3bx", "__0", false},
{"x\x3cx", "http_x%3cx_0", false},
{"x\x3dx", "http_x%3dx_0", false},
{"x\x3ex", "http_x%3ex_0", false},
{"x\x3fx", "http_x_0", false}, // 'x?x', the ? and following are ignored.
{"x\x40x", "http_x_0", false}, // 'x@x', the @ and following are ignored.
{"x\x41x", "http_xax_0", true},
{"x\x42x", "http_xbx_0", true},
{"x\x43x", "http_xcx_0", true},
{"x\x44x", "http_xdx_0", true},
{"x\x45x", "http_xex_0", true},
{"x\x46x", "http_xfx_0", true},
{"x\x47x", "http_xgx_0", true},
{"x\x48x", "http_xhx_0", true},
{"x\x49x", "http_xix_0", true},
{"x\x4ax", "http_xjx_0", true},
{"x\x4bx", "http_xkx_0", true},
{"x\x4cx", "http_xlx_0", true},
{"x\x4dx", "http_xmx_0", true},
{"x\x4ex", "http_xnx_0", true},
{"x\x4fx", "http_xox_0", true},
{"x\x50x", "http_xpx_0", true},
{"x\x51x", "http_xqx_0", true},
{"x\x52x", "http_xrx_0", true},
{"x\x53x", "http_xsx_0", true},
{"x\x54x", "http_xtx_0", true},
{"x\x55x", "http_xux_0", true},
{"x\x56x", "http_xvx_0", true},
{"x\x57x", "http_xwx_0", true},
{"x\x58x", "http_xxx_0", true},
{"x\x59x", "http_xyx_0", true},
{"x\x5ax", "http_xzx_0", true},
{"x\x5bx", "__0", false},
{"x\x5cx", "http_x_0", false}, // "x\x", the \ and following are ignored.
{"x\x5dx", "__0", false},
{"x\x5ex", "__0", false},
{"x\x5fx", "http_x_x_0", true},
{"x\x60x", "http_x%60x_0", false},
{"x\x61x", "http_xax_0", true},
{"x\x62x", "http_xbx_0", true},
{"x\x63x", "http_xcx_0", true},
{"x\x64x", "http_xdx_0", true},
{"x\x65x", "http_xex_0", true},
{"x\x66x", "http_xfx_0", true},
{"x\x67x", "http_xgx_0", true},
{"x\x68x", "http_xhx_0", true},
{"x\x69x", "http_xix_0", true},
{"x\x6ax", "http_xjx_0", true},
{"x\x6bx", "http_xkx_0", true},
{"x\x6cx", "http_xlx_0", true},
{"x\x6dx", "http_xmx_0", true},
{"x\x6ex", "http_xnx_0", true},
{"x\x6fx", "http_xox_0", true},
{"x\x70x", "http_xpx_0", true},
{"x\x71x", "http_xqx_0", true},
{"x\x72x", "http_xrx_0", true},
{"x\x73x", "http_xsx_0", true},
{"x\x74x", "http_xtx_0", true},
{"x\x75x", "http_xux_0", true},
{"x\x76x", "http_xvx_0", true},
{"x\x77x", "http_xwx_0", true},
{"x\x78x", "http_xxx_0", true},
{"x\x79x", "http_xyx_0", true},
{"x\x7ax", "http_xzx_0", true},
{"x\x7bx", "http_x%7bx_0", false},
{"x\x7cx", "http_x%7cx_0", false},
{"x\x7dx", "http_x%7dx_0", false},
{"x\x7ex", "__0", false},
{"x\x7fx", "__0", false},
{"x\x80x", "__0", false},
};
for (size_t i = 0; i < WTF_ARRAY_LENGTH(cases); ++i) {
RefPtr<SecurityOrigin> origin = SecurityOrigin::create("http", cases[i].hostname, 80);
String identifier = createDatabaseIdentifierFromSecurityOrigin(origin.get());
EXPECT_EQ(cases[i].expected, identifier) << "test case " << i << ": \"" << cases[i].hostname << "\"";
if (cases[i].shouldRoundTrip) {
RefPtr<SecurityOrigin> parsedOrigin = createSecurityOriginFromDatabaseIdentifier(identifier);
EXPECT_EQ(cases[i].hostname.lower(), parsedOrigin->host()) << "test case " << i << ": \"" << cases[i].hostname << "\"";
}
}
}
