Home | History | Annotate | Download | only in loader 
      1 /*
      2  * Copyright (C) 2012 Google Inc. All rights reserved.
      3  *
      4  * Redistribution and use in source and binary forms, with or without
      5  * modification, are permitted provided that the following conditions are
      6  * met:
      7  *
      8  *     * Redistributions of source code must retain the above copyright
      9  * notice, this list of conditions and the following disclaimer.
     10  *     * Redistributions in binary form must reproduce the above
     11  * copyright notice, this list of conditions and the following disclaimer
     12  * in the documentation and/or other materials provided with the
     13  * distribution.
     14  *     * Neither the name of Google Inc. nor the names of its
     15  * contributors may be used to endorse or promote products derived from
     16  * this software without specific prior written permission.
     17  *
     18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
     19  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
     20  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
     21  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
     22  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
     23  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
     24  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
     25  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
     26  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     28  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     29  */
     30 
     31 #ifndef MixedContentChecker_h
     32 #define MixedContentChecker_h
     33 
     34 #include "wtf/text/WTFString.h"
     35 
     36 namespace WebCore {
     37 
     38 class LocalFrame;
     39 class FrameLoaderClient;
     40 class KURL;
     41 class SecurityOrigin;
     42 
     43 class MixedContentChecker {
     44     WTF_MAKE_NONCOPYABLE(MixedContentChecker);
     45 public:
     46     MixedContentChecker(LocalFrame*);
     47 
     48     bool canDisplayInsecureContent(SecurityOrigin* securityOrigin, const KURL& url) const
     49     {
     50         return canDisplayInsecureContentInternal(securityOrigin, url, MixedContentChecker::Display);
     51     }
     52 
     53     bool canRunInsecureContent(SecurityOrigin* securityOrigin, const KURL& url) const
     54     {
     55         return canRunInsecureContentInternal(securityOrigin, url, MixedContentChecker::Execution);
     56     }
     57     bool canConnectInsecureWebSocket(SecurityOrigin* securityOrigin, const KURL& url) const
     58     {
     59         return canRunInsecureContentInternal(securityOrigin, url, MixedContentChecker::WebSocket);
     60     }
     61 
     62     bool canSubmitToInsecureForm(SecurityOrigin*, const KURL&) const;
     63     static bool isMixedContent(SecurityOrigin*, const KURL&);
     64 
     65 private:
     66     enum MixedContentType {
     67         Display,
     68         Execution,
     69         WebSocket,
     70         Submission
     71     };
     72 
     73     // FIXME: This should probably have a separate client from FrameLoader.
     74     FrameLoaderClient* client() const;
     75 
     76     bool canDisplayInsecureContentInternal(SecurityOrigin*, const KURL&, const MixedContentType) const;
     77 
     78     bool canRunInsecureContentInternal(SecurityOrigin*, const KURL&, const MixedContentType) const;
     79 
     80     void logWarning(bool allowed, const KURL& i, const MixedContentType) const;
     81 
     82     LocalFrame* m_frame;
     83 };
     84 
     85 } // namespace WebCore
     86 
     87 #endif // MixedContentChecker_h
     88