1 /* 2 * Copyright (C) 2009 Google Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are 6 * met: 7 * 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above 11 * copyright notice, this list of conditions and the following disclaimer 12 * in the documentation and/or other materials provided with the 13 * distribution. 14 * * Neither the name of Google Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived from 16 * this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #include "config.h" 32 #include "public/web/WebSecurityPolicy.h" 33 34 #include "core/loader/FrameLoader.h" 35 #include "platform/weborigin/SchemeRegistry.h" 36 #include "platform/weborigin/SecurityOrigin.h" 37 #include "platform/weborigin/SecurityPolicy.h" 38 #include "public/platform/WebString.h" 39 #include "public/platform/WebURL.h" 40 41 using namespace WebCore; 42 43 namespace blink { 44 45 void WebSecurityPolicy::registerURLSchemeAsLocal(const WebString& scheme) 46 { 47 SchemeRegistry::registerURLSchemeAsLocal(scheme); 48 } 49 50 void WebSecurityPolicy::registerURLSchemeAsNoAccess(const WebString& scheme) 51 { 52 SchemeRegistry::registerURLSchemeAsNoAccess(scheme); 53 } 54 55 void WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(const WebString& scheme) 56 { 57 SchemeRegistry::registerURLSchemeAsDisplayIsolated(scheme); 58 } 59 60 void WebSecurityPolicy::registerURLSchemeAsSecure(const WebString& scheme) 61 { 62 SchemeRegistry::registerURLSchemeAsSecure(scheme); 63 } 64 65 void WebSecurityPolicy::registerURLSchemeAsCORSEnabled(const WebString& scheme) 66 { 67 SchemeRegistry::registerURLSchemeAsCORSEnabled(scheme); 68 } 69 70 void WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(const WebString& scheme) 71 { 72 SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(scheme); 73 } 74 75 void WebSecurityPolicy::registerURLSchemeAsEmptyDocument(const WebString& scheme) 76 { 77 SchemeRegistry::registerURLSchemeAsEmptyDocument(scheme); 78 } 79 80 void WebSecurityPolicy::addOriginAccessWhitelistEntry( 81 const WebURL& sourceOrigin, 82 const WebString& destinationProtocol, 83 const WebString& destinationHost, 84 bool allowDestinationSubdomains) 85 { 86 SecurityPolicy::addOriginAccessWhitelistEntry( 87 *SecurityOrigin::create(sourceOrigin), destinationProtocol, 88 destinationHost, allowDestinationSubdomains); 89 } 90 91 void WebSecurityPolicy::removeOriginAccessWhitelistEntry( 92 const WebURL& sourceOrigin, 93 const WebString& destinationProtocol, 94 const WebString& destinationHost, 95 bool allowDestinationSubdomains) 96 { 97 SecurityPolicy::removeOriginAccessWhitelistEntry( 98 *SecurityOrigin::create(sourceOrigin), destinationProtocol, 99 destinationHost, allowDestinationSubdomains); 100 } 101 102 void WebSecurityPolicy::resetOriginAccessWhitelists() 103 { 104 SecurityPolicy::resetOriginAccessWhitelists(); 105 } 106 107 WebString WebSecurityPolicy::generateReferrerHeader(WebReferrerPolicy referrerPolicy, const WebURL& url, const WebString& referrer) 108 { 109 return SecurityPolicy::generateReferrerHeader(static_cast<ReferrerPolicy>(referrerPolicy), url, referrer); 110 } 111 112 void WebSecurityPolicy::registerURLSchemeAsNotAllowingJavascriptURLs(const WebString& scheme) 113 { 114 SchemeRegistry::registerURLSchemeAsNotAllowingJavascriptURLs(scheme); 115 } 116 117 } // namespace blink 118