chromium/src
0
Fork 0
Code Activity
Files
513c95c08c11a9bd62796c60ae8690c956034821
src/content/browser/isolated_origin_util.h
Avi Drissman 4e1b7bc33d Update copyright headers in content/ 
The methodology used to generate this CL is documented in
https://crbug.com/1098010#c34.

No-Try: true
No-Presubmit: true
Bug: 1098010
Change-Id: I8c0f009d16350271f07d8e5e561085822cc9dd27
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3895935
Owners-Override: Avi Drissman <avi@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
Auto-Submit: Avi Drissman <avi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1047456}
2022-09-15 14:03:50 +00:00

119 lines
5.1 KiB
C++
Raw Blame History

// Copyright 2017 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CONTENT_BROWSER_ISOLATED_ORIGIN_UTIL_H_
#define CONTENT_BROWSER_ISOLATED_ORIGIN_UTIL_H_
#include <string>
#include "base/gtest_prod_util.h"
#include "base/strings/string_util.h"
#include "content/common/content_export.h"
#include "url/origin.h"
namespace content {
// This class holds isolated origin patterns, providing support for double
// wildcard origins, e.g. https://[*.]foo.com indicates that all domains under
// foo.com are to be treated as if they are distinct isolated
// origins. Non-wildcard origins to be isolated are also supported, e.g.
// https://bar.com.
class CONTENT_EXPORT IsolatedOriginPattern {
public:
explicit IsolatedOriginPattern(base::StringPiece pattern);
explicit IsolatedOriginPattern(const url::Origin& origin);
~IsolatedOriginPattern();
// Copying and moving supported.
IsolatedOriginPattern(const IsolatedOriginPattern& other);
IsolatedOriginPattern& operator=(const IsolatedOriginPattern& other);
IsolatedOriginPattern(IsolatedOriginPattern&& other);
IsolatedOriginPattern& operator=(IsolatedOriginPattern&& other);
bool operator==(const IsolatedOriginPattern& other) const {
// |pattern_| is deliberately not considered during equality comparison as
// it stores the pattern as supplied at construction time, before
// normalisation. This leads to erroneous cases of mismatch where
// IsolatedOriginPattern("foo.com") and IsolatedOriginPattern("foo.com/")
// will fail equality comparison, despite both resolving to the same origin.
return origin_ == other.origin_ &&
isolate_all_subdomains_ == other.isolate_all_subdomains_ &&
is_valid_ == other.is_valid_;
}
// Returns the url::Origin corresponding to the pattern supplied at
// construction time or via a call to Parse. In the event of parsing failure
// this oriqin will be opaque.
const url::Origin& origin() const { return origin_; }
// True if the supplied pattern was of the form https://[*.]foo.com,
// indicating all subdomains of foo.com are to be isolated.
bool isolate_all_subdomains() const { return isolate_all_subdomains_; }
// Return the original pattern used to construct this instance.
const base::StringPiece pattern() const { return pattern_; }
// Return if this origin is valid for isolation purposes.
bool is_valid() const { return is_valid_; }
private:
friend class ChildProcessSecurityPolicyTest;
FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyTest,
IsolatedOriginPattern);
// Checks if |pattern| is a wildcard pattern, checks the scheme is one of
// {http, https} and constructs a url::Origin() that can be retrieved if
// parsing is successful. Returns true on successful parsing.
bool Parse(const base::StringPiece& pattern);
std::string pattern_;
url::Origin origin_;
bool isolate_all_subdomains_;
bool is_valid_;
};
class CONTENT_EXPORT IsolatedOriginUtil {
public:
// Checks whether |origin| matches the isolated origin specified by
// |isolated_origin|. Subdomains are considered to match isolated origins,
// so this will be true if
// (1) |origin| has the same scheme, host, and port as |isolated_origin|, or
// (2) |origin| has the same scheme and port as |isolated_origin|, and its
// host is a subdomain of |isolated_origin|'s host.
// This does not consider site URLs, which don't care about port.
//
// For example, if |isolated_origin| is https://isolated.foo.com, this will
// return true if |origin| is https://isolated.foo.com or
// https://bar.isolated.foo.com, but it will return false for an |origin| of
// https://unisolated.foo.com or https://foo.com.
static bool DoesOriginMatchIsolatedOrigin(const url::Origin& origin,
const url::Origin& isolated_origin);
// Check if |origin| is a valid isolated origin. Invalid isolated origins
// include opaque origins, origins that don't have an HTTP or HTTPS scheme,
// and origins without a valid registry-controlled domain. IP addresses are
// allowed.
static bool IsValidIsolatedOrigin(const url::Origin& origin);
// Check if |origin| is a valid origin for opt-in origin isolation. Invalid
// origins for this purpose include opaque origins, origins that don't have a
// HTTP or HTTPS scheme, and origins that are not secure contexts.
static bool IsValidOriginForOptInIsolation(const url::Origin& origin);
// Check if |origin| is a valid origin for opting out of origin isolation.
// Invalid origins for this purpose include opaque origins, and origins that
// don't have a HTTP or HTTPS scheme.
static bool IsValidOriginForOptOutIsolation(const url::Origin& origin);
private:
// Used to implement both IsValidIsolatedOrigin and
// IsValidOriginForOptInIsolation.
static bool IsValidIsolatedOriginImpl(const url::Origin& origin,
bool check_has_registry_domain);
};
} // namespace content
#endif // CONTENT_BROWSER_ISOLATED_ORIGIN_UTIL_H_
View Git Blame Copy Permalink