1 // Copyright (c) 2022 Marshall A. Greenblatt. All rights reserved. 2 // 3 // Redistribution and use in source and binary forms, with or without 4 // modification, are permitted provided that the following conditions are 5 // met: 6 // 7 // * Redistributions of source code must retain the above copyright 8 // notice, this list of conditions and the following disclaimer. 9 // * Redistributions in binary form must reproduce the above 10 // copyright notice, this list of conditions and the following disclaimer 11 // in the documentation and/or other materials provided with the 12 // distribution. 13 // * Neither the name of Google Inc. nor the name Chromium Embedded 14 // Framework nor the names of its contributors may be used to endorse 15 // or promote products derived from this software without specific prior 16 // written permission. 17 // 18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 // 30 // --------------------------------------------------------------------------- 31 // 32 // This file was generated by the CEF translator tool and should not edited 33 // by hand. See the translator.README.txt file in the tools directory for 34 // more information. 35 // 36 // $hash=0939a44345bea8df7ca5f1dbd6afbe41972121f2$ 37 // 38 39 #ifndef CEF_INCLUDE_CAPI_CEF_ORIGIN_WHITELIST_CAPI_H_ 40 #define CEF_INCLUDE_CAPI_CEF_ORIGIN_WHITELIST_CAPI_H_ 41 #pragma once 42 43 #include "include/capi/cef_base_capi.h" 44 45 #ifdef __cplusplus 46 extern "C" { 47 #endif 48 49 /// 50 // Add an entry to the cross-origin access whitelist. 51 // 52 // The same-origin policy restricts how scripts hosted from different origins 53 // (scheme + domain + port) can communicate. By default, scripts can only access 54 // resources with the same origin. Scripts hosted on the HTTP and HTTPS schemes 55 // (but no other schemes) can use the "Access-Control-Allow-Origin" header to 56 // allow cross-origin requests. For example, https://source.example.com can make 57 // XMLHttpRequest requests on http://target.example.com if the 58 // http://target.example.com request returns an "Access-Control-Allow-Origin: 59 // https://source.example.com" response header. 60 // 61 // Scripts in separate frames or iframes and hosted from the same protocol and 62 // domain suffix can execute cross-origin JavaScript if both pages set the 63 // document.domain value to the same domain suffix. For example, 64 // scheme://foo.example.com and scheme://bar.example.com can communicate using 65 // JavaScript if both domains set document.domain="example.com". 66 // 67 // This function is used to allow access to origins that would otherwise violate 68 // the same-origin policy. Scripts hosted underneath the fully qualified 69 // |source_origin| URL (like http://www.example.com) will be allowed access to 70 // all resources hosted on the specified |target_protocol| and |target_domain|. 71 // If |target_domain| is non-NULL and |allow_target_subdomains| if false (0) 72 // only exact domain matches will be allowed. If |target_domain| contains a top- 73 // level domain component (like "example.com") and |allow_target_subdomains| is 74 // true (1) sub-domain matches will be allowed. If |target_domain| is NULL and 75 // |allow_target_subdomains| if true (1) all domains and IP addresses will be 76 // allowed. 77 // 78 // This function cannot be used to bypass the restrictions on local or display 79 // isolated schemes. See the comments on CefRegisterCustomScheme for more 80 // information. 81 // 82 // This function may be called on any thread. Returns false (0) if 83 // |source_origin| is invalid or the whitelist cannot be accessed. 84 /// 85 CEF_EXPORT int cef_add_cross_origin_whitelist_entry( 86 const cef_string_t* source_origin, 87 const cef_string_t* target_protocol, 88 const cef_string_t* target_domain, 89 int allow_target_subdomains); 90 91 /// 92 // Remove an entry from the cross-origin access whitelist. Returns false (0) if 93 // |source_origin| is invalid or the whitelist cannot be accessed. 94 /// 95 CEF_EXPORT int cef_remove_cross_origin_whitelist_entry( 96 const cef_string_t* source_origin, 97 const cef_string_t* target_protocol, 98 const cef_string_t* target_domain, 99 int allow_target_subdomains); 100 101 /// 102 // Remove all entries from the cross-origin access whitelist. Returns false (0) 103 // if the whitelist cannot be accessed. 104 /// 105 CEF_EXPORT int cef_clear_cross_origin_whitelist(); 106 107 #ifdef __cplusplus 108 } 109 #endif 110 111 #endif // CEF_INCLUDE_CAPI_CEF_ORIGIN_WHITELIST_CAPI_H_ 112