Home | History | Annotate | Download | only in web 
      1 /*
      2  * Copyright (C) 2010 Google Inc. All rights reserved.
      3  *
      4  * Redistribution and use in source and binary forms, with or without
      5  * modification, are permitted provided that the following conditions are
      6  * met:
      7  *
      8  *     * Redistributions of source code must retain the above copyright
      9  * notice, this list of conditions and the following disclaimer.
     10  *     * Redistributions in binary form must reproduce the above
     11  * copyright notice, this list of conditions and the following disclaimer
     12  * in the documentation and/or other materials provided with the
     13  * distribution.
     14  *     * Neither the name of Google Inc. nor the names of its
     15  * contributors may be used to endorse or promote products derived from
     16  * this software without specific prior written permission.
     17  *
     18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
     19  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
     20  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
     21  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
     22  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
     23  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
     24  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
     25  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
     26  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     28  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     29  */
     30 
     31 #ifndef WebSecurityOrigin_h
     32 #define WebSecurityOrigin_h
     33 
     34 #include "../platform/WebCommon.h"
     35 
     36 #if WEBKIT_IMPLEMENTATION
     37 namespace WebCore { class SecurityOrigin; }
     38 namespace WTF { template <typename T> class PassRefPtr; }
     39 #endif
     40 
     41 namespace WebKit {
     42 
     43 class WebSecurityOriginPrivate;
     44 class WebString;
     45 class WebURL;
     46 
     47 class WebSecurityOrigin {
     48 public:
     49     ~WebSecurityOrigin() { reset(); }
     50 
     51     WebSecurityOrigin() : m_private(0) { }
     52     WebSecurityOrigin(const WebSecurityOrigin& s) : m_private(0) { assign(s); }
     53     WebSecurityOrigin& operator=(const WebSecurityOrigin& s)
     54     {
     55         assign(s);
     56         return *this;
     57     }
     58 
     59     WEBKIT_EXPORT static WebSecurityOrigin createFromDatabaseIdentifier(const WebString& databaseIdentifier);
     60     WEBKIT_EXPORT static WebSecurityOrigin createFromString(const WebString&);
     61     WEBKIT_EXPORT static WebSecurityOrigin create(const WebURL&);
     62 
     63     WEBKIT_EXPORT void reset();
     64     WEBKIT_EXPORT void assign(const WebSecurityOrigin&);
     65 
     66     bool isNull() const { return !m_private; }
     67 
     68     WEBKIT_EXPORT WebString protocol() const;
     69     WEBKIT_EXPORT WebString host() const;
     70     WEBKIT_EXPORT unsigned short port() const;
     71 
     72     // A unique WebSecurityOrigin is the least privileged WebSecurityOrigin.
     73     WEBKIT_EXPORT bool isUnique() const;
     74 
     75     // Returns true if this WebSecurityOrigin can script objects in the given
     76     // SecurityOrigin. For example, call this function before allowing
     77     // script from one security origin to read or write objects from
     78     // another SecurityOrigin.
     79     WEBKIT_EXPORT bool canAccess(const WebSecurityOrigin&) const;
     80 
     81     // Returns true if this WebSecurityOrigin can read content retrieved from
     82     // the given URL. For example, call this function before allowing script
     83     // from a given security origin to receive contents from a given URL.
     84     WEBKIT_EXPORT bool canRequest(const WebURL&) const;
     85 
     86     // Returns a string representation of the WebSecurityOrigin.  The empty
     87     // WebSecurityOrigin is represented by "null".  The representation of a
     88     // non-empty WebSecurityOrigin resembles a standard URL.
     89     WEBKIT_EXPORT WebString toString() const;
     90 
     91     // Returns a string representation of this WebSecurityOrigin that can
     92     // be used as a file.  Should be used in storage APIs only.
     93     WEBKIT_EXPORT WebString databaseIdentifier() const;
     94 
     95     // Returns true if this WebSecurityOrigin can access usernames and
     96     // passwords stored in password manager.
     97     WEBKIT_EXPORT bool canAccessPasswordManager() const;
     98 
     99     // Allows this WebSecurityOrigin access to local resources.
    100     WEBKIT_EXPORT void grantLoadLocalResources() const;
    101 
    102 #if WEBKIT_IMPLEMENTATION
    103     WebSecurityOrigin(const WTF::PassRefPtr<WebCore::SecurityOrigin>&);
    104     WebSecurityOrigin& operator=(const WTF::PassRefPtr<WebCore::SecurityOrigin>&);
    105     operator WTF::PassRefPtr<WebCore::SecurityOrigin>() const;
    106     WebCore::SecurityOrigin* get() const;
    107 #endif
    108 
    109 private:
    110     void assign(WebSecurityOriginPrivate*);
    111     WebSecurityOriginPrivate* m_private;
    112 };
    113 
    114 } // namespace WebKit
    115 
    116 #endif
    117