Home | History | Annotate | Download | only in browser 
      1 // Copyright 2013 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PSL_MATCHING_HELPER_H_
      6 #define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PSL_MATCHING_HELPER_H_
      7 
      8 #include <string>
      9 
     10 #include "base/basictypes.h"
     11 
     12 class GURL;
     13 
     14 namespace autofill {
     15 struct PasswordForm;
     16 }  // namespace autofill
     17 
     18 namespace password_manager {
     19 
     20 class PSLMatchingHelper {
     21  public:
     22   // Enum used for histogram tracking PSL Domain triggering.
     23   // New entries should only be added to the end of the enum (before *_COUNT) so
     24   // as to not disrupt existing data.
     25   enum PSLDomainMatchMetric {
     26     PSL_DOMAIN_MATCH_DISABLED = 0,
     27     PSL_DOMAIN_MATCH_NONE,
     28     PSL_DOMAIN_MATCH_FOUND,
     29     PSL_DOMAIN_MATCH_COUNT
     30   };
     31 
     32   PSLMatchingHelper();
     33   ~PSLMatchingHelper();
     34 
     35   bool IsMatchingEnabled() const;
     36 
     37   // Using the public suffix list for matching the origin is only needed for
     38   // websites that do not have a single hostname for entering credentials. It
     39   // would be better for their users if they did, but until then we help them
     40   // find
     41   // credentials across different hostnames. We know that accounts.google.com is
     42   // the only hostname we should be accepting credentials on for any domain
     43   // under
     44   // google.com, so we can apply a tighter policy for that domain.
     45   // For owners of domains where a single hostname is always used when your
     46   // users are entering their credentials, please contact palmer (at) chromium.org,
     47   // nyquist (at) chromium.org or file a bug at http://crbug.com/ to be added here.
     48   bool ShouldPSLDomainMatchingApply(
     49       const std::string& registry_controlled_domain) const;
     50 
     51   // Two URLs are considered a Public Suffix Domain match if they have the same
     52   // scheme, ports, and their registry controlled domains are equal.
     53   static bool IsPublicSuffixDomainMatch(const std::string& url1,
     54                                         const std::string& url2);
     55 
     56   // Two hosts are considered to belong to the same website when they share the
     57   // registry-controlled domain part.
     58   static std::string GetRegistryControlledDomain(const GURL& signon_realm);
     59 
     60   // This overrides both the command line flags and platform restrictions. This
     61   // function is not thread safe, and should be called before any other methods
     62   // of |PSLMatchingHelper| are called.
     63   static void EnablePublicSuffixDomainMatchingForTesting();
     64 
     65  private:
     66   static bool DeterminePSLEnabled();
     67 
     68   const bool psl_enabled_;
     69 
     70   // Default is false, once set to true, overrides |psl_enabled_|.
     71   static bool psl_enabled_override_;
     72 
     73   DISALLOW_COPY_AND_ASSIGN(PSLMatchingHelper);
     74 };
     75 
     76 }  // namespace password_manager
     77 
     78 #endif  // COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PSL_MATCHING_HELPER_H_
     79