SecurityOrigin.cpp [plain text]
#include "config.h"
#include "SecurityOrigin.h"
#include "BlobURL.h"
#include "Document.h"
#include "FileSystem.h"
#include "KURL.h"
#include "SchemeRegistry.h"
#include "SecurityPolicy.h"
#include <wtf/MainThread.h>
#include <wtf/StdLibExtras.h>
#include <wtf/text/StringBuilder.h>
namespace WebCore {
const int InvalidPort = 0;
const int MaxAllowedPort = 65535;
static bool schemeRequiresAuthority(const KURL& url)
{
return url.protocolIsInHTTPFamily() || url.protocolIs("ftp");
}
static bool shouldUseInnerURL(const KURL& url)
{
#if ENABLE(BLOB)
if (url.protocolIs("blob"))
return true;
#endif
#if ENABLE(FILE_SYSTEM)
if (url.protocolIs("filesystem"))
return true;
#endif
UNUSED_PARAM(url);
return false;
}
static KURL extractInnerURL(const KURL& url)
{
if (url.innerURL())
return *url.innerURL();
return KURL(ParsedURLString, decodeURLEscapeSequences(url.path()));
}
static bool shouldTreatAsUniqueOrigin(const KURL& url)
{
if (!url.isValid())
return true;
KURL innerURL = shouldUseInnerURL(url) ? extractInnerURL(url) : url;
if (schemeRequiresAuthority(innerURL) && innerURL.host().isEmpty())
return true;
String protocol = innerURL.protocol().lower();
if (SchemeRegistry::shouldTreatURLSchemeAsNoAccess(protocol))
return true;
return false;
}
SecurityOrigin::SecurityOrigin(const KURL& url)
: m_protocol(url.protocol().isNull() ? "" : url.protocol().lower())
, m_host(url.host().isNull() ? "" : url.host().lower())
, m_port(url.port())
, m_isUnique(false)
, m_universalAccess(false)
, m_domainWasSetInDOM(false)
, m_enforceFilePathSeparation(false)
, m_needsDatabaseIdentifierQuirkForFiles(false)
{
m_domain = m_host;
if (isDefaultPortForProtocol(m_port, m_protocol))
m_port = InvalidPort;
m_canLoadLocalResources = isLocal();
if (m_canLoadLocalResources)
m_filePath = url.path(); }
SecurityOrigin::SecurityOrigin()
: m_protocol("")
, m_host("")
, m_domain("")
, m_port(InvalidPort)
, m_isUnique(true)
, m_universalAccess(false)
, m_domainWasSetInDOM(false)
, m_canLoadLocalResources(false)
, m_enforceFilePathSeparation(false)
, m_needsDatabaseIdentifierQuirkForFiles(false)
{
}
SecurityOrigin::SecurityOrigin(const SecurityOrigin* other)
: m_protocol(other->m_protocol.isolatedCopy())
, m_host(other->m_host.isolatedCopy())
, m_encodedHost(other->m_encodedHost.isolatedCopy())
, m_domain(other->m_domain.isolatedCopy())
, m_filePath(other->m_filePath.isolatedCopy())
, m_port(other->m_port)
, m_isUnique(other->m_isUnique)
, m_universalAccess(other->m_universalAccess)
, m_domainWasSetInDOM(other->m_domainWasSetInDOM)
, m_canLoadLocalResources(other->m_canLoadLocalResources)
, m_enforceFilePathSeparation(other->m_enforceFilePathSeparation)
, m_needsDatabaseIdentifierQuirkForFiles(other->m_needsDatabaseIdentifierQuirkForFiles)
{
}
PassRefPtr<SecurityOrigin> SecurityOrigin::create(const KURL& url)
{
if (shouldTreatAsUniqueOrigin(url)) {
RefPtr<SecurityOrigin> origin = adoptRef(new SecurityOrigin());
if (url.protocolIs("file")) {
origin->m_needsDatabaseIdentifierQuirkForFiles = true;
}
return origin.release();
}
if (shouldUseInnerURL(url))
return adoptRef(new SecurityOrigin(extractInnerURL(url)));
return adoptRef(new SecurityOrigin(url));
}
PassRefPtr<SecurityOrigin> SecurityOrigin::createUnique()
{
RefPtr<SecurityOrigin> origin = adoptRef(new SecurityOrigin());
ASSERT(origin->isUnique());
return origin.release();
}
PassRefPtr<SecurityOrigin> SecurityOrigin::isolatedCopy()
{
return adoptRef(new SecurityOrigin(this));
}
void SecurityOrigin::setDomainFromDOM(const String& newDomain)
{
m_domainWasSetInDOM = true;
m_domain = newDomain.lower();
}
bool SecurityOrigin::canAccess(const SecurityOrigin* other) const
{
if (m_universalAccess)
return true;
if (this == other)
return true;
if (isUnique() || other->isUnique())
return false;
bool canAccess = false;
if (m_protocol == other->m_protocol) {
if (!m_domainWasSetInDOM && !other->m_domainWasSetInDOM) {
if (m_host == other->m_host && m_port == other->m_port)
canAccess = true;
} else if (m_domainWasSetInDOM && other->m_domainWasSetInDOM) {
if (m_domain == other->m_domain)
canAccess = true;
}
}
if (canAccess && isLocal())
canAccess = passesFileCheck(other);
return canAccess;
}
bool SecurityOrigin::passesFileCheck(const SecurityOrigin* other) const
{
ASSERT(isLocal() && other->isLocal());
if (!m_enforceFilePathSeparation && !other->m_enforceFilePathSeparation)
return true;
return (m_filePath == other->m_filePath);
}
bool SecurityOrigin::canRequest(const KURL& url) const
{
if (m_universalAccess)
return true;
if (isUnique())
return false;
RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
if (targetOrigin->isUnique())
return false;
if (isSameSchemeHostPort(targetOrigin.get()))
return true;
if (SecurityPolicy::isAccessWhiteListed(this, targetOrigin.get()))
return true;
return false;
}
bool SecurityOrigin::taintsCanvas(const KURL& url) const
{
if (canRequest(url))
return false;
if (url.protocolIsData())
return false;
return true;
}
bool SecurityOrigin::canReceiveDragData(const SecurityOrigin* dragInitiator) const
{
if (this == dragInitiator)
return true;
return canAccess(dragInitiator);
}
static bool isFeedWithNestedProtocolInHTTPFamily(const KURL& url)
{
const String& urlString = url.string();
if (!urlString.startsWith("feed", false))
return false;
return urlString.startsWith("feed://", false)
|| urlString.startsWith("feed:http:", false) || urlString.startsWith("feed:https:", false)
|| urlString.startsWith("feeds:http:", false) || urlString.startsWith("feeds:https:", false)
|| urlString.startsWith("feedsearch:http:", false) || urlString.startsWith("feedsearch:https:", false);
}
bool SecurityOrigin::canDisplay(const KURL& url) const
{
String protocol = url.protocol().lower();
if (isFeedWithNestedProtocolInHTTPFamily(url))
return true;
if (SchemeRegistry::canDisplayOnlyIfCanRequest(protocol))
return canRequest(url);
if (SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated(protocol))
return m_protocol == protocol || SecurityPolicy::isAccessToURLWhiteListed(this, url);
if (SecurityPolicy::restrictAccessToLocal() && SchemeRegistry::shouldTreatURLSchemeAsLocal(protocol))
return canLoadLocalResources() || SecurityPolicy::isAccessToURLWhiteListed(this, url);
return true;
}
SecurityOrigin::Policy SecurityOrigin::canShowNotifications() const
{
if (m_universalAccess)
return AlwaysAllow;
if (isUnique())
return AlwaysDeny;
return Ask;
}
void SecurityOrigin::grantLoadLocalResources()
{
ASSERT(isUnique() || SecurityPolicy::allowSubstituteDataAccessToLocal());
m_canLoadLocalResources = true;
}
void SecurityOrigin::grantUniversalAccess()
{
m_universalAccess = true;
}
void SecurityOrigin::enforceFilePathSeparation()
{
ASSERT(isLocal());
m_enforceFilePathSeparation = true;
}
bool SecurityOrigin::isLocal() const
{
return SchemeRegistry::shouldTreatURLSchemeAsLocal(m_protocol);
}
String SecurityOrigin::toString() const
{
if (isUnique())
return "null";
if (m_protocol == "file" && m_enforceFilePathSeparation)
return "null";
return toRawString();
}
String SecurityOrigin::toRawString() const
{
if (m_protocol == "file")
return "file://";
StringBuilder result;
result.reserveCapacity(m_protocol.length() + m_host.length() + 10);
result.append(m_protocol);
result.append("://");
result.append(m_host);
if (m_port) {
result.append(":");
result.append(String::number(m_port));
}
return result.toString();
}
PassRefPtr<SecurityOrigin> SecurityOrigin::createFromString(const String& originString)
{
return SecurityOrigin::create(KURL(KURL(), originString));
}
static const char SeparatorCharacter = '_';
PassRefPtr<SecurityOrigin> SecurityOrigin::createFromDatabaseIdentifier(const String& databaseIdentifier)
{
size_t separator1 = databaseIdentifier.find(SeparatorCharacter);
if (separator1 == notFound)
return create(KURL());
size_t separator2 = databaseIdentifier.reverseFind(SeparatorCharacter);
if (separator2 == notFound)
return create(KURL());
if (separator1 == separator2)
return create(KURL());
bool portOkay;
int port = databaseIdentifier.right(databaseIdentifier.length() - separator2 - 1).toInt(&portOkay);
bool portAbsent = (separator2 == databaseIdentifier.length() - 1);
if (!(portOkay || portAbsent))
return create(KURL());
if (port < 0 || port > MaxAllowedPort)
return create(KURL());
String protocol = databaseIdentifier.substring(0, separator1);
String host = databaseIdentifier.substring(separator1 + 1, separator2 - separator1 - 1);
host = decodeURLEscapeSequences(host);
return create(KURL(KURL(), protocol + "://" + host + ":" + String::number(port)));
}
PassRefPtr<SecurityOrigin> SecurityOrigin::create(const String& protocol, const String& host, int port)
{
if (port < 0 || port > MaxAllowedPort)
createUnique();
String decodedHost = decodeURLEscapeSequences(host);
return create(KURL(KURL(), protocol + "://" + host + ":" + String::number(port)));
}
String SecurityOrigin::databaseIdentifier() const
{
if (m_needsDatabaseIdentifierQuirkForFiles)
return "file__0";
String separatorString(&SeparatorCharacter, 1);
if (m_encodedHost.isEmpty())
m_encodedHost = encodeForFileName(m_host);
return m_protocol + separatorString + m_encodedHost + separatorString + String::number(m_port);
}
bool SecurityOrigin::equal(const SecurityOrigin* other) const
{
if (other == this)
return true;
if (!isSameSchemeHostPort(other))
return false;
if (m_domainWasSetInDOM != other->m_domainWasSetInDOM)
return false;
if (m_domainWasSetInDOM && m_domain != other->m_domain)
return false;
return true;
}
bool SecurityOrigin::isSameSchemeHostPort(const SecurityOrigin* other) const
{
if (m_host != other->m_host)
return false;
if (m_protocol != other->m_protocol)
return false;
if (m_port != other->m_port)
return false;
if (isLocal() && !passesFileCheck(other))
return false;
return true;
}
}