Home | History | Annotate | Download | only in browsing_data 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "chrome/browser/browsing_data/browsing_data_helper.h"
      6 
      7 #include "base/command_line.h"
      8 #include "base/strings/utf_string_conversions.h"
      9 #include "chrome/browser/extensions/extension_special_storage_policy.h"
     10 #include "chrome/common/chrome_switches.h"
     11 #include "chrome/common/url_constants.h"
     12 #include "content/public/browser/child_process_security_policy.h"
     13 #include "extensions/common/constants.h"
     14 #include "url/gurl.h"
     15 
     16 // Static
     17 bool BrowsingDataHelper::IsWebScheme(const std::string& scheme) {
     18   // Special-case `file://` scheme iff cookies and site data are enabled via
     19   // the `--allow-file-cookies` CLI flag.
     20   if (scheme == chrome::kFileScheme) {
     21     return CommandLine::ForCurrentProcess()->HasSwitch(
     22         switches::kEnableFileCookies);
     23 
     24   // Otherwise, all "web safe" schemes are valid, except `chrome-extension://`
     25   // and `chrome-devtools://`.
     26   } else {
     27     content::ChildProcessSecurityPolicy* policy =
     28         content::ChildProcessSecurityPolicy::GetInstance();
     29     return (policy->IsWebSafeScheme(scheme) &&
     30             !BrowsingDataHelper::IsExtensionScheme(scheme) &&
     31             scheme != chrome::kChromeDevToolsScheme);
     32   }
     33 }
     34 
     35 // Static
     36 bool BrowsingDataHelper::HasWebScheme(const GURL& origin) {
     37   return BrowsingDataHelper::IsWebScheme(origin.scheme());
     38 }
     39 
     40 // Static
     41 bool BrowsingDataHelper::IsExtensionScheme(const std::string& scheme) {
     42   return scheme == extensions::kExtensionScheme;
     43 }
     44 
     45 // Static
     46 bool BrowsingDataHelper::HasExtensionScheme(const GURL& origin) {
     47   return BrowsingDataHelper::IsExtensionScheme(origin.scheme());
     48 }
     49 
     50 // Static
     51 bool BrowsingDataHelper::DoesOriginMatchMask(const GURL& origin,
     52     int origin_set_mask, ExtensionSpecialStoragePolicy* policy) {
     53   // Packaged apps and extensions match iff EXTENSION.
     54   if (BrowsingDataHelper::HasExtensionScheme(origin.GetOrigin()) &&
     55       origin_set_mask & EXTENSION)
     56     return true;
     57 
     58   // If a websafe origin is unprotected, it matches iff UNPROTECTED_WEB.
     59   if (!policy->IsStorageProtected(origin.GetOrigin()) &&
     60       BrowsingDataHelper::HasWebScheme(origin.GetOrigin()) &&
     61       origin_set_mask & UNPROTECTED_WEB)
     62     return true;
     63 
     64   // Hosted applications (protected and websafe origins) iff PROTECTED_WEB.
     65   if (policy->IsStorageProtected(origin.GetOrigin()) &&
     66       BrowsingDataHelper::HasWebScheme(origin.GetOrigin()) &&
     67       origin_set_mask & PROTECTED_WEB)
     68     return true;
     69 
     70   return false;
     71 }
     72