Home | History | Annotate | Download | only in public 
      1 /*
      2  * Copyright (C) 2010 Google Inc. All rights reserved.
      3  *
      4  * Redistribution and use in source and binary forms, with or without
      5  * modification, are permitted provided that the following conditions are
      6  * met:
      7  *
      8  *     * Redistributions of source code must retain the above copyright
      9  * notice, this list of conditions and the following disclaimer.
     10  *     * Redistributions in binary form must reproduce the above
     11  * copyright notice, this list of conditions and the following disclaimer
     12  * in the documentation and/or other materials provided with the
     13  * distribution.
     14  *     * Neither the name of Google Inc. nor the names of its
     15  * contributors may be used to endorse or promote products derived from
     16  * this software without specific prior written permission.
     17  *
     18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
     19  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
     20  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
     21  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
     22  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
     23  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
     24  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
     25  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
     26  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     28  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     29  */
     30 
     31 #ifndef WebSecurityOrigin_h
     32 #define WebSecurityOrigin_h
     33 
     34 #include "WebCommon.h"
     35 
     36 #if WEBKIT_IMPLEMENTATION
     37 namespace WebCore { class SecurityOrigin; }
     38 namespace WTF { template <typename T> class PassRefPtr; }
     39 #endif
     40 
     41 namespace WebKit {
     42 
     43 class WebSecurityOriginPrivate;
     44 class WebString;
     45 class WebURL;
     46 
     47 class WebSecurityOrigin {
     48 public:
     49     ~WebSecurityOrigin() { reset(); }
     50 
     51     WebSecurityOrigin() : m_private(0) { }
     52     WebSecurityOrigin(const WebSecurityOrigin& s) : m_private(0) { assign(s); }
     53     WebSecurityOrigin& operator=(const WebSecurityOrigin& s)
     54     {
     55         assign(s);
     56         return *this;
     57     }
     58 
     59     WEBKIT_API static WebSecurityOrigin createFromDatabaseIdentifier(const WebString& databaseIdentifier);
     60     WEBKIT_API static WebSecurityOrigin createFromString(const WebString&);
     61     WEBKIT_API static WebSecurityOrigin create(const WebURL&);
     62 
     63     WEBKIT_API void reset();
     64     WEBKIT_API void assign(const WebSecurityOrigin&);
     65 
     66     bool isNull() const { return !m_private; }
     67 
     68     WEBKIT_API WebString protocol() const;
     69     WEBKIT_API WebString host() const;
     70     WEBKIT_API unsigned short port() const;
     71 
     72     // The empty WebSecurityOrigin is the least privileged WebSecurityOrigin.
     73     WEBKIT_API bool isEmpty() const;
     74 
     75     // Returns true if this WebSecurityOrigin can script objects in the given
     76     // SecurityOrigin. For example, call this function before allowing
     77     // script from one security origin to read or write objects from
     78     // another SecurityOrigin.
     79     WEBKIT_API bool canAccess(const WebSecurityOrigin&) const;
     80 
     81     // Returns true if this WebSecurityOrigin can read content retrieved from
     82     // the given URL. For example, call this function before allowing script
     83     // from a given security origin to receive contents from a given URL.
     84     WEBKIT_API bool canRequest(const WebURL&) const;
     85 
     86     // Returns a string representation of the WebSecurityOrigin.  The empty
     87     // WebSecurityOrigin is represented by "null".  The representation of a
     88     // non-empty WebSecurityOrigin resembles a standard URL.
     89     WEBKIT_API WebString toString() const;
     90 
     91     // Returns a string representation of this WebSecurityOrigin that can
     92     // be used as a file.  Should be used in storage APIs only.
     93     WEBKIT_API WebString databaseIdentifier() const;
     94 
     95     // Returns true if this WebSecurityOrigin can access usernames and
     96     // passwords stored in password manager.
     97     WEBKIT_API bool canAccessPasswordManager() const;
     98 
     99 #if WEBKIT_IMPLEMENTATION
    100     WebSecurityOrigin(const WTF::PassRefPtr<WebCore::SecurityOrigin>&);
    101     WebSecurityOrigin& operator=(const WTF::PassRefPtr<WebCore::SecurityOrigin>&);
    102     operator WTF::PassRefPtr<WebCore::SecurityOrigin>() const;
    103     WebCore::SecurityOrigin* get() const;
    104 #endif
    105 
    106 private:
    107     void assign(WebSecurityOriginPrivate*);
    108     WebSecurityOriginPrivate* m_private;
    109 };
    110 
    111 } // namespace WebKit
    112 
    113 #endif
    114