Home | History | Annotate | Download | only in weborigin 
      1 /*
      2  * Copyright (C) 2011 Google Inc. All rights reserved.
      3  *
      4  * Redistribution and use in source and binary forms, with or without
      5  * modification, are permitted provided that the following conditions
      6  * are met:
      7  *
      8  * 1.  Redistributions of source code must retain the above copyright
      9  *     notice, this list of conditions and the following disclaimer.
     10  * 2.  Redistributions in binary form must reproduce the above copyright
     11  *     notice, this list of conditions and the following disclaimer in the
     12  *     documentation and/or other materials provided with the distribution.
     13  * 3.  Neither the name of Google, Inc. ("Google") nor the names of
     14  *     its contributors may be used to endorse or promote products derived
     15  *     from this software without specific prior written permission.
     16  *
     17  * THIS SOFTWARE IS PROVIDED BY GOOGLE AND ITS CONTRIBUTORS "AS IS" AND ANY
     18  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
     19  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
     20  * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
     21  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
     22  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
     23  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
     24  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     25  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
     26  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     27  */
     28 
     29 #include "config.h"
     30 #include "platform/weborigin/SecurityPolicy.h"
     31 
     32 #include "platform/weborigin/KURL.h"
     33 #include "platform/weborigin/OriginAccessEntry.h"
     34 #include "platform/weborigin/SecurityOrigin.h"
     35 #include "wtf/HashMap.h"
     36 #include "wtf/MainThread.h"
     37 #include "wtf/OwnPtr.h"
     38 #include "wtf/PassOwnPtr.h"
     39 #include "wtf/text/StringHash.h"
     40 
     41 namespace blink {
     42 
     43 typedef Vector<OriginAccessEntry> OriginAccessWhiteList;
     44 typedef HashMap<String, OwnPtr<OriginAccessWhiteList> > OriginAccessMap;
     45 
     46 static OriginAccessMap& originAccessMap()
     47 {
     48     DEFINE_STATIC_LOCAL(OriginAccessMap, originAccessMap, ());
     49     return originAccessMap;
     50 }
     51 
     52 bool SecurityPolicy::shouldHideReferrer(const KURL& url, const String& referrer)
     53 {
     54     bool referrerIsSecureURL = protocolIs(referrer, "https");
     55     bool referrerIsWebURL = referrerIsSecureURL || protocolIs(referrer, "http");
     56 
     57     if (!referrerIsWebURL)
     58         return true;
     59 
     60     if (!referrerIsSecureURL)
     61         return false;
     62 
     63     bool URLIsSecureURL = url.protocolIs("https");
     64 
     65     return !URLIsSecureURL;
     66 }
     67 
     68 String SecurityPolicy::generateReferrerHeader(ReferrerPolicy referrerPolicy, const KURL& url, const String& referrer)
     69 {
     70     if (referrer.isEmpty())
     71         return String();
     72 
     73     if (!(protocolIs(referrer, "https") || protocolIs(referrer, "http")))
     74         return String();
     75 
     76     switch (referrerPolicy) {
     77     case ReferrerPolicyNever:
     78         return String();
     79     case ReferrerPolicyAlways:
     80         return referrer;
     81     case ReferrerPolicyOrigin: {
     82         String origin = SecurityOrigin::createFromString(referrer)->toString();
     83         if (origin == "null")
     84             return String();
     85         // A security origin is not a canonical URL as it lacks a path. Add /
     86         // to turn it into a canonical URL we can use as referrer.
     87         return origin + "/";
     88     }
     89     case ReferrerPolicyDefault:
     90         break;
     91     }
     92 
     93     return shouldHideReferrer(url, referrer) ? String() : referrer;
     94 }
     95 
     96 bool SecurityPolicy::isAccessWhiteListed(const SecurityOrigin* activeOrigin, const SecurityOrigin* targetOrigin)
     97 {
     98     if (OriginAccessWhiteList* list = originAccessMap().get(activeOrigin->toString())) {
     99         for (size_t i = 0; i < list->size();  ++i) {
    100             if (list->at(i).matchesOrigin(*targetOrigin) != OriginAccessEntry::DoesNotMatchOrigin)
    101                 return true;
    102         }
    103     }
    104     return false;
    105 }
    106 
    107 bool SecurityPolicy::isAccessToURLWhiteListed(const SecurityOrigin* activeOrigin, const KURL& url)
    108 {
    109     RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
    110     return isAccessWhiteListed(activeOrigin, targetOrigin.get());
    111 }
    112 
    113 void SecurityPolicy::addOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin, const String& destinationProtocol, const String& destinationDomain, bool allowDestinationSubdomains)
    114 {
    115     ASSERT(isMainThread());
    116     ASSERT(!sourceOrigin.isUnique());
    117     if (sourceOrigin.isUnique())
    118         return;
    119 
    120     String sourceString = sourceOrigin.toString();
    121     OriginAccessMap::AddResult result = originAccessMap().add(sourceString, nullptr);
    122     if (result.isNewEntry)
    123         result.storedValue->value = adoptPtr(new OriginAccessWhiteList);
    124 
    125     OriginAccessWhiteList* list = result.storedValue->value.get();
    126     list->append(OriginAccessEntry(destinationProtocol, destinationDomain, allowDestinationSubdomains ? OriginAccessEntry::AllowSubdomains : OriginAccessEntry::DisallowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress));
    127 }
    128 
    129 void SecurityPolicy::removeOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin, const String& destinationProtocol, const String& destinationDomain, bool allowDestinationSubdomains)
    130 {
    131     ASSERT(isMainThread());
    132     ASSERT(!sourceOrigin.isUnique());
    133     if (sourceOrigin.isUnique())
    134         return;
    135 
    136     String sourceString = sourceOrigin.toString();
    137     OriginAccessMap& map = originAccessMap();
    138     OriginAccessMap::iterator it = map.find(sourceString);
    139     if (it == map.end())
    140         return;
    141 
    142     OriginAccessWhiteList* list = it->value.get();
    143     size_t index = list->find(OriginAccessEntry(destinationProtocol, destinationDomain, allowDestinationSubdomains ? OriginAccessEntry::AllowSubdomains : OriginAccessEntry::DisallowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress));
    144     if (index == kNotFound)
    145         return;
    146 
    147     list->remove(index);
    148 
    149     if (list->isEmpty())
    150         map.remove(it);
    151 }
    152 
    153 void SecurityPolicy::resetOriginAccessWhitelists()
    154 {
    155     ASSERT(isMainThread());
    156     originAccessMap().clear();
    157 }
    158 
    159 } // namespace blink
    160