SchemeRegistry.cpp [plain text]
#include "config.h"
#include "SchemeRegistry.h"
#include "URLParser.h"
#include <wtf/Lock.h>
#include <wtf/Locker.h>
#include <wtf/MainThread.h>
#include <wtf/NeverDestroyed.h>
#if ENABLE(CONTENT_FILTERING)
#include "ContentFilter.h"
#endif
#if USE(QUICK_LOOK)
#include "QuickLook.h"
#endif
namespace WebCore {
static const URLSchemesMap& builtinLocalURLSchemes();
static const Vector<String>& builtinSecureSchemes();
static const Vector<String>& builtinSchemesWithUniqueOrigins();
static const Vector<String>& builtinEmptyDocumentSchemes();
static const Vector<String>& builtinCanDisplayOnlyIfCanRequestSchemes();
static const Vector<String>& builtinCORSEnabledSchemes();
using StringVectorFunction = const Vector<String>& (*)();
static void add(URLSchemesMap& set, StringVectorFunction function)
{
for (auto& scheme : function())
set.add(scheme);
}
static NeverDestroyed<URLSchemesMap> makeNeverDestroyedSchemeSet(const Vector<String>& (*function)())
{
URLSchemesMap set;
add(set, function);
return set;
}
static const URLSchemesMap& allBuiltinSchemes()
{
static const auto schemes = makeNeverDestroyed([] {
static const StringVectorFunction functions[] {
builtinSecureSchemes,
builtinSchemesWithUniqueOrigins,
builtinEmptyDocumentSchemes,
builtinCanDisplayOnlyIfCanRequestSchemes,
builtinCORSEnabledSchemes,
};
static const char* const otherSchemes[] = {
"webkit-fake-url",
#if PLATFORM(MAC)
"safari-extension",
#endif
#if USE(QUICK_LOOK)
QLPreviewProtocol(),
#endif
#if ENABLE(CONTENT_FILTERING)
ContentFilter::urlScheme(),
#endif
};
URLSchemesMap set;
for (auto& scheme : builtinLocalURLSchemes())
set.add(scheme);
for (auto& function : functions)
add(set, function);
for (auto& scheme : otherSchemes)
set.add(scheme);
return set;
}());
return schemes;
}
static const URLSchemesMap& builtinLocalURLSchemes()
{
static const auto schemes = makeNeverDestroyed(URLSchemesMap {
"file",
#if PLATFORM(COCOA)
"applewebdata",
#endif
});
return schemes;
}
static Lock& localURLSchemesLock()
{
static NeverDestroyed<Lock> lock;
return lock;
}
static URLSchemesMap& localURLSchemes()
{
ASSERT(localURLSchemesLock().isHeld());
static NeverDestroyed<URLSchemesMap> localSchemes = builtinLocalURLSchemes();
return localSchemes;
}
static URLSchemesMap& displayIsolatedURLSchemes()
{
static NeverDestroyed<URLSchemesMap> displayIsolatedSchemes;
return displayIsolatedSchemes;
}
const Vector<String>& builtinSecureSchemes()
{
static const auto schemes = makeNeverDestroyed(Vector<String> {
"https",
"about",
"data",
"wss",
#if PLATFORM(GTK) || PLATFORM(WPE)
"resource",
#endif
});
return schemes;
}
static Lock& secureSchemesLock()
{
static NeverDestroyed<Lock> lock;
return lock;
}
static URLSchemesMap& secureSchemes()
{
ASSERT(secureSchemesLock().isHeld());
static auto secureSchemes = makeNeverDestroyedSchemeSet(builtinSecureSchemes);
return secureSchemes;
}
const Vector<String>& builtinSchemesWithUniqueOrigins()
{
static const auto schemes = makeNeverDestroyed(Vector<String> {
"about",
"javascript",
"data",
});
return schemes;
}
static URLSchemesMap& schemesWithUniqueOrigins()
{
static auto schemesWithUniqueOrigins = makeNeverDestroyedSchemeSet(builtinSchemesWithUniqueOrigins);
return schemesWithUniqueOrigins;
}
const Vector<String>& builtinEmptyDocumentSchemes()
{
static const auto schemes = makeNeverDestroyed(Vector<String> { "about" });
return schemes;
}
static URLSchemesMap& emptyDocumentSchemes()
{
static auto emptyDocumentSchemes = makeNeverDestroyedSchemeSet(builtinEmptyDocumentSchemes);
return emptyDocumentSchemes;
}
static URLSchemesMap& schemesForbiddenFromDomainRelaxation()
{
static NeverDestroyed<URLSchemesMap> schemes;
return schemes;
}
const Vector<String>& builtinCanDisplayOnlyIfCanRequestSchemes()
{
static const auto schemes = makeNeverDestroyed(Vector<String> { "blob" });
return schemes;
}
static URLSchemesMap& canDisplayOnlyIfCanRequestSchemes()
{
static auto canDisplayOnlyIfCanRequestSchemes = makeNeverDestroyedSchemeSet(builtinCanDisplayOnlyIfCanRequestSchemes);
return canDisplayOnlyIfCanRequestSchemes;
}
static URLSchemesMap& notAllowingJavascriptURLsSchemes()
{
static NeverDestroyed<URLSchemesMap> notAllowingJavascriptURLsSchemes;
return notAllowingJavascriptURLsSchemes;
}
void SchemeRegistry::registerURLSchemeAsLocal(const String& scheme)
{
if (scheme.isNull())
return;
Locker<Lock> locker(localURLSchemesLock());
localURLSchemes().add(scheme);
}
void SchemeRegistry::removeURLSchemeRegisteredAsLocal(const String& scheme)
{
Locker<Lock> locker(localURLSchemesLock());
if (builtinLocalURLSchemes().contains(scheme))
return;
localURLSchemes().remove(scheme);
}
static URLSchemesMap& schemesAllowingLocalStorageAccessInPrivateBrowsing()
{
static NeverDestroyed<URLSchemesMap> schemesAllowingLocalStorageAccessInPrivateBrowsing;
return schemesAllowingLocalStorageAccessInPrivateBrowsing;
}
static URLSchemesMap& schemesAllowingDatabaseAccessInPrivateBrowsing()
{
static NeverDestroyed<URLSchemesMap> schemesAllowingDatabaseAccessInPrivateBrowsing;
return schemesAllowingDatabaseAccessInPrivateBrowsing;
}
const Vector<String>& builtinCORSEnabledSchemes()
{
static const auto schemes = makeNeverDestroyed(Vector<String> { "http", "https" });
return schemes;
}
static URLSchemesMap& CORSEnabledSchemes()
{
static auto schemes = makeNeverDestroyedSchemeSet(builtinCORSEnabledSchemes);
return schemes;
}
static URLSchemesMap& ContentSecurityPolicyBypassingSchemes()
{
static NeverDestroyed<URLSchemesMap> schemes;
return schemes;
}
static URLSchemesMap& cachePartitioningSchemes()
{
static NeverDestroyed<URLSchemesMap> schemes;
return schemes;
}
static Lock& serviceWorkerSchemesLock()
{
static NeverDestroyed<Lock> lock;
return lock;
}
static URLSchemesMap& serviceWorkerSchemes()
{
ASSERT(serviceWorkerSchemesLock().isHeld());
static NeverDestroyed<URLSchemesMap> schemes;
return schemes;
}
static URLSchemesMap& alwaysRevalidatedSchemes()
{
static NeverDestroyed<URLSchemesMap> schemes;
return schemes;
}
bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme)
{
if (scheme.isNull())
return false;
Locker<Lock> locker(localURLSchemesLock());
return localURLSchemes().contains(scheme);
}
void SchemeRegistry::registerURLSchemeAsNoAccess(const String& scheme)
{
if (scheme.isNull())
return;
schemesWithUniqueOrigins().add(scheme);
}
bool SchemeRegistry::shouldTreatURLSchemeAsNoAccess(const String& scheme)
{
return !scheme.isNull() && schemesWithUniqueOrigins().contains(scheme);
}
void SchemeRegistry::registerURLSchemeAsDisplayIsolated(const String& scheme)
{
if (scheme.isNull())
return;
displayIsolatedURLSchemes().add(scheme);
}
bool SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated(const String& scheme)
{
return !scheme.isNull() && displayIsolatedURLSchemes().contains(scheme);
}
void SchemeRegistry::registerURLSchemeAsSecure(const String& scheme)
{
if (scheme.isNull())
return;
Locker<Lock> locker(secureSchemesLock());
secureSchemes().add(scheme);
}
bool SchemeRegistry::shouldTreatURLSchemeAsSecure(const String& scheme)
{
if (scheme.isNull())
return false;
Locker<Lock> locker(secureSchemesLock());
return secureSchemes().contains(scheme);
}
void SchemeRegistry::registerURLSchemeAsEmptyDocument(const String& scheme)
{
if (scheme.isNull())
return;
emptyDocumentSchemes().add(scheme);
}
bool SchemeRegistry::shouldLoadURLSchemeAsEmptyDocument(const String& scheme)
{
return !scheme.isNull() && emptyDocumentSchemes().contains(scheme);
}
void SchemeRegistry::setDomainRelaxationForbiddenForURLScheme(bool forbidden, const String& scheme)
{
if (scheme.isNull())
return;
if (forbidden)
schemesForbiddenFromDomainRelaxation().add(scheme);
else
schemesForbiddenFromDomainRelaxation().remove(scheme);
}
bool SchemeRegistry::isDomainRelaxationForbiddenForURLScheme(const String& scheme)
{
return !scheme.isNull() && schemesForbiddenFromDomainRelaxation().contains(scheme);
}
bool SchemeRegistry::canDisplayOnlyIfCanRequest(const String& scheme)
{
return !scheme.isNull() && canDisplayOnlyIfCanRequestSchemes().contains(scheme);
}
void SchemeRegistry::registerAsCanDisplayOnlyIfCanRequest(const String& scheme)
{
if (scheme.isNull())
return;
canDisplayOnlyIfCanRequestSchemes().add(scheme);
}
void SchemeRegistry::registerURLSchemeAsNotAllowingJavascriptURLs(const String& scheme)
{
if (scheme.isNull())
return;
notAllowingJavascriptURLsSchemes().add(scheme);
}
bool SchemeRegistry::shouldTreatURLSchemeAsNotAllowingJavascriptURLs(const String& scheme)
{
return !scheme.isNull() && notAllowingJavascriptURLsSchemes().contains(scheme);
}
void SchemeRegistry::registerURLSchemeAsAllowingLocalStorageAccessInPrivateBrowsing(const String& scheme)
{
if (scheme.isNull())
return;
schemesAllowingLocalStorageAccessInPrivateBrowsing().add(scheme);
}
bool SchemeRegistry::allowsLocalStorageAccessInPrivateBrowsing(const String& scheme)
{
return !scheme.isNull() && schemesAllowingLocalStorageAccessInPrivateBrowsing().contains(scheme);
}
void SchemeRegistry::registerURLSchemeAsAllowingDatabaseAccessInPrivateBrowsing(const String& scheme)
{
if (scheme.isNull())
return;
schemesAllowingDatabaseAccessInPrivateBrowsing().add(scheme);
}
bool SchemeRegistry::allowsDatabaseAccessInPrivateBrowsing(const String& scheme)
{
return !scheme.isNull() && schemesAllowingDatabaseAccessInPrivateBrowsing().contains(scheme);
}
void SchemeRegistry::registerURLSchemeAsCORSEnabled(const String& scheme)
{
if (scheme.isNull())
return;
CORSEnabledSchemes().add(scheme);
}
bool SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(const String& scheme)
{
return !scheme.isNull() && CORSEnabledSchemes().contains(scheme);
}
void SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(const String& scheme)
{
if (scheme.isNull())
return;
ContentSecurityPolicyBypassingSchemes().add(scheme);
}
void SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(const String& scheme)
{
if (scheme.isNull())
return;
ContentSecurityPolicyBypassingSchemes().remove(scheme);
}
bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& scheme)
{
return !scheme.isNull() && ContentSecurityPolicyBypassingSchemes().contains(scheme);
}
void SchemeRegistry::registerURLSchemeAsAlwaysRevalidated(const String& scheme)
{
if (scheme.isNull())
return;
alwaysRevalidatedSchemes().add(scheme);
}
bool SchemeRegistry::shouldAlwaysRevalidateURLScheme(const String& scheme)
{
return !scheme.isNull() && alwaysRevalidatedSchemes().contains(scheme);
}
void SchemeRegistry::registerURLSchemeAsCachePartitioned(const String& scheme)
{
if (scheme.isNull())
return;
cachePartitioningSchemes().add(scheme);
}
bool SchemeRegistry::shouldPartitionCacheForURLScheme(const String& scheme)
{
return !scheme.isNull() && cachePartitioningSchemes().contains(scheme);
}
void SchemeRegistry::registerURLSchemeServiceWorkersCanHandle(const String& scheme)
{
if (scheme.isNull())
return;
Locker<Lock> locker(serviceWorkerSchemesLock());
serviceWorkerSchemes().add(scheme);
}
bool SchemeRegistry::canServiceWorkersHandleURLScheme(const String& scheme)
{
if (scheme.isNull())
return false;
if (scheme.startsWithIgnoringASCIICase(ASCIILiteral("http"))) {
if (scheme.length() == 4)
return true;
if (scheme.length() == 5 && isASCIIAlphaCaselessEqual(scheme[4], 's'))
return true;
}
Locker<Lock> locker(serviceWorkerSchemesLock());
return serviceWorkerSchemes().contains(scheme);
}
bool SchemeRegistry::isServiceWorkerContainerCustomScheme(const String& scheme)
{
Locker<Lock> locker(serviceWorkerSchemesLock());
return !scheme.isNull() && serviceWorkerSchemes().contains(scheme);
}
bool SchemeRegistry::isUserExtensionScheme(const String& scheme)
{
#if PLATFORM(MAC)
if (scheme == "safari-extension")
return true;
#else
UNUSED_PARAM(scheme);
#endif
return false;
}
bool SchemeRegistry::isBuiltinScheme(const String& scheme)
{
return !scheme.isNull() && (allBuiltinSchemes().contains(scheme) || URLParser::isSpecialScheme(scheme));
}
}