Home | History | Annotate | Download | only in browsing_data 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "chrome/browser/browsing_data/browsing_data_helper.h"
      6 
      7 #include "base/command_line.h"
      8 #include "base/strings/utf_string_conversions.h"
      9 #include "chrome/common/chrome_switches.h"
     10 #include "chrome/common/url_constants.h"
     11 #include "content/public/browser/child_process_security_policy.h"
     12 #include "extensions/common/constants.h"
     13 #include "storage/browser/quota/special_storage_policy.h"
     14 #include "url/gurl.h"
     15 
     16 // Static
     17 bool BrowsingDataHelper::IsWebScheme(const std::string& scheme) {
     18   // Special-case `file://` scheme iff cookies and site data are enabled via
     19   // the `--allow-file-cookies` CLI flag.
     20   if (scheme == url::kFileScheme) {
     21     return base::CommandLine::ForCurrentProcess()->HasSwitch(
     22         switches::kEnableFileCookies);
     23   }
     24 
     25   // Otherwise, all "web safe" schemes are valid, except `chrome-extension://`
     26   // and `chrome-devtools://`.
     27   content::ChildProcessSecurityPolicy* policy =
     28       content::ChildProcessSecurityPolicy::GetInstance();
     29   return (policy->IsWebSafeScheme(scheme) &&
     30           !BrowsingDataHelper::IsExtensionScheme(scheme) &&
     31           scheme != content::kChromeDevToolsScheme);
     32 }
     33 
     34 // Static
     35 bool BrowsingDataHelper::HasWebScheme(const GURL& origin) {
     36   return BrowsingDataHelper::IsWebScheme(origin.scheme());
     37 }
     38 
     39 // Static
     40 bool BrowsingDataHelper::IsExtensionScheme(const std::string& scheme) {
     41   return scheme == extensions::kExtensionScheme;
     42 }
     43 
     44 // Static
     45 bool BrowsingDataHelper::HasExtensionScheme(const GURL& origin) {
     46   return BrowsingDataHelper::IsExtensionScheme(origin.scheme());
     47 }
     48 
     49 // Static
     50 bool BrowsingDataHelper::DoesOriginMatchMask(
     51     const GURL& origin,
     52     int origin_set_mask,
     53     storage::SpecialStoragePolicy* policy) {
     54   // Packaged apps and extensions match iff EXTENSION.
     55   if (BrowsingDataHelper::HasExtensionScheme(origin.GetOrigin()) &&
     56       origin_set_mask & EXTENSION)
     57     return true;
     58 
     59   // If a websafe origin is unprotected, it matches iff UNPROTECTED_WEB.
     60   if ((!policy || !policy->IsStorageProtected(origin.GetOrigin())) &&
     61       BrowsingDataHelper::HasWebScheme(origin.GetOrigin()) &&
     62       origin_set_mask & UNPROTECTED_WEB)
     63     return true;
     64 
     65   // Hosted applications (protected and websafe origins) iff PROTECTED_WEB.
     66   if (policy &&
     67       policy->IsStorageProtected(origin.GetOrigin()) &&
     68       BrowsingDataHelper::HasWebScheme(origin.GetOrigin()) &&
     69       origin_set_mask & PROTECTED_WEB)
     70     return true;
     71 
     72   return false;
     73 }
     74