• Home
  • History
  • Annotate
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2011 Google Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  *
8  * 1.  Redistributions of source code must retain the above copyright
9  *     notice, this list of conditions and the following disclaimer.
10  * 2.  Redistributions in binary form must reproduce the above copyright
11  *     notice, this list of conditions and the following disclaimer in the
12  *     documentation and/or other materials provided with the distribution.
13  * 3.  Neither the name of Google, Inc. ("Google") nor the names of
14  *     its contributors may be used to endorse or promote products derived
15  *     from this software without specific prior written permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY GOOGLE AND ITS CONTRIBUTORS "AS IS" AND ANY
18  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
19  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
20  * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
21  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
22  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
23  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
24  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27  */
28 
29 #include "config.h"
30 #include "platform/weborigin/SecurityPolicy.h"
31 
32 #include "platform/weborigin/KURL.h"
33 #include "platform/weborigin/OriginAccessEntry.h"
34 #include "platform/weborigin/SecurityOrigin.h"
35 #include "wtf/HashMap.h"
36 #include "wtf/MainThread.h"
37 #include "wtf/OwnPtr.h"
38 #include "wtf/PassOwnPtr.h"
39 #include "wtf/text/StringHash.h"
40 
41 namespace blink {
42 
43 typedef Vector<OriginAccessEntry> OriginAccessWhiteList;
44 typedef HashMap<String, OwnPtr<OriginAccessWhiteList> > OriginAccessMap;
45 
originAccessMap()46 static OriginAccessMap& originAccessMap()
47 {
48     DEFINE_STATIC_LOCAL(OriginAccessMap, originAccessMap, ());
49     return originAccessMap;
50 }
51 
shouldHideReferrer(const KURL & url,const String & referrer)52 bool SecurityPolicy::shouldHideReferrer(const KURL& url, const String& referrer)
53 {
54     bool referrerIsSecureURL = protocolIs(referrer, "https");
55     bool referrerIsWebURL = referrerIsSecureURL || protocolIs(referrer, "http");
56 
57     if (!referrerIsWebURL)
58         return true;
59 
60     if (!referrerIsSecureURL)
61         return false;
62 
63     bool URLIsSecureURL = url.protocolIs("https");
64 
65     return !URLIsSecureURL;
66 }
67 
generateReferrerHeader(ReferrerPolicy referrerPolicy,const KURL & url,const String & referrer)68 String SecurityPolicy::generateReferrerHeader(ReferrerPolicy referrerPolicy, const KURL& url, const String& referrer)
69 {
70     if (referrer.isEmpty())
71         return String();
72 
73     if (!(protocolIs(referrer, "https") || protocolIs(referrer, "http")))
74         return String();
75 
76     switch (referrerPolicy) {
77     case ReferrerPolicyNever:
78         return String();
79     case ReferrerPolicyAlways:
80         return referrer;
81     case ReferrerPolicyOrigin: {
82         String origin = SecurityOrigin::createFromString(referrer)->toString();
83         if (origin == "null")
84             return String();
85         // A security origin is not a canonical URL as it lacks a path. Add /
86         // to turn it into a canonical URL we can use as referrer.
87         return origin + "/";
88     }
89     case ReferrerPolicyDefault:
90         break;
91     }
92 
93     return shouldHideReferrer(url, referrer) ? String() : referrer;
94 }
95 
isAccessWhiteListed(const SecurityOrigin * activeOrigin,const SecurityOrigin * targetOrigin)96 bool SecurityPolicy::isAccessWhiteListed(const SecurityOrigin* activeOrigin, const SecurityOrigin* targetOrigin)
97 {
98     if (OriginAccessWhiteList* list = originAccessMap().get(activeOrigin->toString())) {
99         for (size_t i = 0; i < list->size();  ++i) {
100             if (list->at(i).matchesOrigin(*targetOrigin) != OriginAccessEntry::DoesNotMatchOrigin)
101                 return true;
102         }
103     }
104     return false;
105 }
106 
isAccessToURLWhiteListed(const SecurityOrigin * activeOrigin,const KURL & url)107 bool SecurityPolicy::isAccessToURLWhiteListed(const SecurityOrigin* activeOrigin, const KURL& url)
108 {
109     RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
110     return isAccessWhiteListed(activeOrigin, targetOrigin.get());
111 }
112 
addOriginAccessWhitelistEntry(const SecurityOrigin & sourceOrigin,const String & destinationProtocol,const String & destinationDomain,bool allowDestinationSubdomains)113 void SecurityPolicy::addOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin, const String& destinationProtocol, const String& destinationDomain, bool allowDestinationSubdomains)
114 {
115     ASSERT(isMainThread());
116     ASSERT(!sourceOrigin.isUnique());
117     if (sourceOrigin.isUnique())
118         return;
119 
120     String sourceString = sourceOrigin.toString();
121     OriginAccessMap::AddResult result = originAccessMap().add(sourceString, nullptr);
122     if (result.isNewEntry)
123         result.storedValue->value = adoptPtr(new OriginAccessWhiteList);
124 
125     OriginAccessWhiteList* list = result.storedValue->value.get();
126     list->append(OriginAccessEntry(destinationProtocol, destinationDomain, allowDestinationSubdomains ? OriginAccessEntry::AllowSubdomains : OriginAccessEntry::DisallowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress));
127 }
128 
removeOriginAccessWhitelistEntry(const SecurityOrigin & sourceOrigin,const String & destinationProtocol,const String & destinationDomain,bool allowDestinationSubdomains)129 void SecurityPolicy::removeOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin, const String& destinationProtocol, const String& destinationDomain, bool allowDestinationSubdomains)
130 {
131     ASSERT(isMainThread());
132     ASSERT(!sourceOrigin.isUnique());
133     if (sourceOrigin.isUnique())
134         return;
135 
136     String sourceString = sourceOrigin.toString();
137     OriginAccessMap& map = originAccessMap();
138     OriginAccessMap::iterator it = map.find(sourceString);
139     if (it == map.end())
140         return;
141 
142     OriginAccessWhiteList* list = it->value.get();
143     size_t index = list->find(OriginAccessEntry(destinationProtocol, destinationDomain, allowDestinationSubdomains ? OriginAccessEntry::AllowSubdomains : OriginAccessEntry::DisallowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress));
144     if (index == kNotFound)
145         return;
146 
147     list->remove(index);
148 
149     if (list->isEmpty())
150         map.remove(it);
151 }
152 
resetOriginAccessWhitelists()153 void SecurityPolicy::resetOriginAccessWhitelists()
154 {
155     ASSERT(isMainThread());
156     originAccessMap().clear();
157 }
158 
159 } // namespace blink
160