1 // Copyright (c) 2013 The Chromium Embedded Framework Authors. All rights
2 // reserved. Use of this source code is governed by a BSD-style license that
3 // can be found in the LICENSE file.
4
5 #include "libcef/common/net/scheme_registration.h"
6
7 #include "libcef/common/app_manager.h"
8 #include "libcef/common/net/scheme_info.h"
9 #include "libcef/features/runtime.h"
10
11 #include "base/containers/contains.h"
12 #include "content/public/common/url_constants.h"
13 #include "extensions/common/constants.h"
14 #include "url/url_constants.h"
15 #include "url/url_util.h"
16
17 namespace scheme {
18
AddInternalSchemes(content::ContentClient::Schemes * schemes)19 void AddInternalSchemes(content::ContentClient::Schemes* schemes) {
20 if (!cef::IsAlloyRuntimeEnabled())
21 return;
22
23 // chrome: and chrome-devtools: schemes are registered in
24 // RenderThreadImpl::RegisterSchemes().
25 // Access restrictions for chrome-extension: and chrome-extension-resource:
26 // schemes will be applied in AlloyContentRendererClient::WillSendRequest().
27 static CefSchemeInfo internal_schemes[] = {
28 {
29 extensions::kExtensionScheme, true, /* is_standard */
30 false, /* is_local */
31 false, /* is_display_isolated */
32 true, /* is_secure */
33 true, /* is_cors_enabled */
34 true, /* is_csp_bypassing */
35 },
36 };
37
38 // The |is_display_isolated| value is excluded here because it's registered
39 // with Blink only.
40 for (size_t i = 0; i < sizeof(internal_schemes) / sizeof(internal_schemes[0]);
41 ++i) {
42 if (internal_schemes[i].is_standard)
43 schemes->standard_schemes.push_back(internal_schemes[i].scheme_name);
44 if (internal_schemes[i].is_local)
45 schemes->local_schemes.push_back(internal_schemes[i].scheme_name);
46 if (internal_schemes[i].is_secure)
47 schemes->secure_schemes.push_back(internal_schemes[i].scheme_name);
48 if (internal_schemes[i].is_cors_enabled)
49 schemes->cors_enabled_schemes.push_back(internal_schemes[i].scheme_name);
50 if (internal_schemes[i].is_csp_bypassing)
51 schemes->csp_bypassing_schemes.push_back(internal_schemes[i].scheme_name);
52 CefAppManager::Get()->AddCustomScheme(&internal_schemes[i]);
53 }
54 }
55
IsInternalHandledScheme(const std::string & scheme)56 bool IsInternalHandledScheme(const std::string& scheme) {
57 static const char* schemes[] = {
58 url::kAboutScheme,
59 url::kBlobScheme,
60 content::kChromeDevToolsScheme,
61 content::kChromeUIScheme,
62 content::kChromeUIUntrustedScheme,
63 url::kDataScheme,
64 extensions::kExtensionScheme,
65 url::kFileScheme,
66 url::kFileSystemScheme,
67 url::kHttpScheme,
68 url::kHttpsScheme,
69 url::kJavaScriptScheme,
70 url::kWsScheme,
71 url::kWssScheme,
72 };
73
74 for (size_t i = 0; i < sizeof(schemes) / sizeof(schemes[0]); ++i) {
75 if (scheme == schemes[i])
76 return true;
77 }
78
79 return false;
80 }
81
IsStandardScheme(const std::string & scheme)82 bool IsStandardScheme(const std::string& scheme) {
83 url::Component scheme_comp(0, scheme.length());
84 return url::IsStandard(scheme.c_str(), scheme_comp);
85 }
86
87 // Should return the same value as SecurityOrigin::isLocal and
88 // SchemeRegistry::shouldTreatURLSchemeAsCorsEnabled.
IsCorsEnabledScheme(const std::string & scheme)89 bool IsCorsEnabledScheme(const std::string& scheme) {
90 return base::Contains(url::GetCorsEnabledSchemes(), scheme);
91 }
92
93 } // namespace scheme
94