Lines Matching full:origin
74 // Per https://html.spec.whatwg.org/multipage/origin.html#origin, an origin is
76 // - a tuple origin of (scheme, host, port) as described in RFC 6454.
77 // - an opaque origin with an internal value, and a memory of the tuple origin
80 // TL;DR: If you need to make a security-relevant decision, use 'url::Origin'.
84 // STL;SDR: If you aren't making actual network connections, use 'url::Origin'.
87 // are "same-origin", and when a canonical serialization of an origin is
88 // required. Note that the canonical serialization of an origin *must not* be
89 // used to determine if two resources are same-origin.
91 // A tuple origin, like 'SchemeHostPort', is composed of a tuple of (scheme,
94 // between contexts. Two tuple origins are same-origin if the tuples are equal.
95 // A tuple origin may also be re-created from its serialization.
97 // An opaque origin has an internal globally unique identifier. When creating a
98 // new opaque origin from a URL, a fresh globally unique identifier is
99 // generated. However, if an opaque origin is copied or moved, the internal
100 // globally unique identifier is preserved. Two opaque origins are same-origin
102 // origin cannot be re-created from its serialization, which is always the
108 // A tuple origin and an opaque origin are never same-origin.
112 // * A default constructed Origin is opaque, with no precursor origin.
117 // * GURLs with schemes of 'filesystem' or 'blob' parse the origin out of the
124 // URLs, which always creates an opaque origin.
130 // flag (this is true for `url::Origin::Create` but also to some extent for
131 // `url::Origin::Resolve`). See docs/security/origin-vs-url.md for more.
133 // * To answer the question "Are |this| and |that| "same-origin" with each
134 // other?", use |Origin::IsSameOriginWith|:
139 class COMPONENT_EXPORT(URL) Origin { in COMPONENT_EXPORT()
141 // Creates an opaque Origin with a nonce that is different from all previously in COMPONENT_EXPORT()
143 Origin(); in COMPONENT_EXPORT()
145 // WARNING: Converting an URL into an Origin is usually a red flag. See in COMPONENT_EXPORT()
146 // //docs/security/origin-vs-url.md for more details. Some discussion about in COMPONENT_EXPORT()
149 // Creates an Origin from `url`, as described at in COMPONENT_EXPORT()
150 // https://url.spec.whatwg.org/#origin, with the following additions: in COMPONENT_EXPORT()
151 // 1. If `url` is invalid or non-standard, an opaque Origin is constructed. in COMPONENT_EXPORT()
152 // 2. 'filesystem' URLs behave as 'blob' URLs (that is, the origin is parsed in COMPONENT_EXPORT()
156 // WARNING: `url::Origin::Create(url)` can give unexpected results if: in COMPONENT_EXPORT()
158 // origin rather than the real origin of the frame) in COMPONENT_EXPORT()
160 // origin, when an opaque one is needed; see also in COMPONENT_EXPORT()
166 // WARNING: The returned Origin may have a different scheme and host from in COMPONENT_EXPORT()
170 // but the precursor origin will be lost (unlike with `url::Origin::Resolve`). in COMPONENT_EXPORT()
171 static Origin Create(const GURL& url); in COMPONENT_EXPORT()
173 // Creates an Origin for the resource `url` as if it were requested in COMPONENT_EXPORT()
175 // (in the sense that it embeds a complete origin, like http/https), in COMPONENT_EXPORT()
181 // Otherwise, returns a new opaque origin derived from `base_origin`. in COMPONENT_EXPORT()
182 // In this case, the resulting opaque origin will inherit the tuple in COMPONENT_EXPORT()
183 // (or precursor tuple) of `base_origin`, but will not be same origin in COMPONENT_EXPORT()
185 static Origin Resolve(const GURL& url, const Origin& base_origin); in COMPONENT_EXPORT()
188 Origin(const Origin&); in COMPONENT_EXPORT()
189 Origin& operator=(const Origin&); in COMPONENT_EXPORT()
190 Origin(Origin&&) noexcept; in COMPONENT_EXPORT()
191 Origin& operator=(Origin&&) noexcept; in COMPONENT_EXPORT()
193 // Creates an Origin from a |scheme|, |host|, and |port|. All the parameters in COMPONENT_EXPORT()
197 // This constructor should be used in order to pass 'Origin' objects back and in COMPONENT_EXPORT()
201 static absl::optional<Origin> UnsafelyCreateTupleOriginWithoutNormalization( in COMPONENT_EXPORT()
206 // Creates an origin without sanity checking that the host is canonicalized. in COMPONENT_EXPORT()
210 static Origin CreateFromNormalizedTuple(std::string scheme, in COMPONENT_EXPORT()
214 ~Origin(); in COMPONENT_EXPORT()
227 // An ASCII serialization of the Origin as per Section 6.2 of RFC 6454, with in COMPONENT_EXPORT()
231 // Two non-opaque Origins are "same-origin" if their schemes, hosts, and ports in COMPONENT_EXPORT()
232 // are exact matches. Two opaque origins are same-origin only if their in COMPONENT_EXPORT()
233 // internal nonce values match. A non-opaque origin is never same-origin with in COMPONENT_EXPORT()
234 // an opaque origin. in COMPONENT_EXPORT()
235 bool IsSameOriginWith(const Origin& other) const; in COMPONENT_EXPORT()
236 bool operator==(const Origin& other) const { return IsSameOriginWith(other); } in COMPONENT_EXPORT()
237 bool operator!=(const Origin& other) const { in COMPONENT_EXPORT()
241 // Non-opaque origin is "same-origin" with `url` if their schemes, hosts, and in COMPONENT_EXPORT()
242 // ports are exact matches. Opaque origin is never "same-origin" with any in COMPONENT_EXPORT()
244 // "same-origin" with any origin. This method is a shorthand for in COMPONENT_EXPORT()
245 // `origin.IsSameOriginWith(url::Origin::Create(url))`. in COMPONENT_EXPORT()
251 // in an origin compatible with |this|. in COMPONENT_EXPORT()
254 // Get the scheme, host, and port from which this origin derives. For in COMPONENT_EXPORT()
255 // a tuple Origin, this gives the same values as calling scheme(), host() in COMPONENT_EXPORT()
256 // and port(). For an opaque Origin that was created by calling in COMPONENT_EXPORT()
257 // Origin::DeriveNewOpaqueOrigin() on a precursor or Origin::Resolve(), in COMPONENT_EXPORT()
260 // If this Origin is opaque and was created via the default constructor or in COMPONENT_EXPORT()
261 // Origin::Create(), the precursor origin is unknown. in COMPONENT_EXPORT()
267 // opaque origin does not grant privileges initially denied to the original in COMPONENT_EXPORT()
268 // non-opaque origin. in COMPONENT_EXPORT()
277 // for an Origin. in COMPONENT_EXPORT()
279 // as the Origin would. The GURL will have an added "/" path for Origins with in COMPONENT_EXPORT()
287 // Same as GURL::DomainIs. If |this| origin is opaque, then returns false. in COMPONENT_EXPORT()
290 // Allows Origin to be used as a key in STL (for example, a std::set or in COMPONENT_EXPORT()
292 bool operator<(const Origin& other) const; in COMPONENT_EXPORT()
294 // Creates a new opaque origin that is guaranteed to be cross-origin to all in COMPONENT_EXPORT()
295 // currently existing origins. An origin created by this method retains its in COMPONENT_EXPORT()
296 // identity across copies. Copies are guaranteed to be same-origin to each in COMPONENT_EXPORT()
299 // url::Origin page = Origin::Create(GURL("http://example.com")) in COMPONENT_EXPORT()
300 // url::Origin a = page.DeriveNewOpaqueOrigin(); in COMPONENT_EXPORT()
301 // url::Origin b = page.DeriveNewOpaqueOrigin(); in COMPONENT_EXPORT()
302 // url::Origin c = a; in COMPONENT_EXPORT()
303 // url::Origin d = b; in COMPONENT_EXPORT()
305 // |a| and |c| are same-origin, since |c| was copied from |a|. |b| and |d| are in COMPONENT_EXPORT()
306 // same-origin as well, since |d| was copied from |b|. All other combinations in COMPONENT_EXPORT()
307 // of origins are considered cross-origin, e.g. |a| is cross-origin to |b| and in COMPONENT_EXPORT()
308 // |d|, |b| is cross-origin to |a| and |c|, |c| is cross-origin to |b| and in COMPONENT_EXPORT()
309 // |d|, and |d| is cross-origin to |a| and |c|. in COMPONENT_EXPORT()
310 Origin DeriveNewOpaqueOrigin() const; in COMPONENT_EXPORT()
319 static Origin FromJavaObject( in COMPONENT_EXPORT()
341 friend struct ipc_fuzzer::FuzzTraits<Origin>; in COMPONENT_EXPORT()
342 friend struct mojo::StructTraits<url::mojom::OriginDataView, url::Origin>; in COMPONENT_EXPORT()
343 friend IPC::ParamTraits<url::Origin>; in COMPONENT_EXPORT()
345 const Origin& origin); in COMPONENT_EXPORT()
348 // Origin::Nonce is a wrapper around base::UnguessableToken that generates in COMPONENT_EXPORT()
350 // allows Origin to be default-constructed quickly, without spending time in COMPONENT_EXPORT()
394 // This needs to be friended within Origin as well, since Nonce is a private in COMPONENT_EXPORT()
395 // nested class of Origin. in COMPONENT_EXPORT()
399 // Creates an origin without sanity checking that the host is canonicalized. in COMPONENT_EXPORT()
403 static Origin CreateOpaqueFromNormalizedPrecursorTuple( in COMPONENT_EXPORT()
409 // Creates an opaque Origin with the identity given by |nonce|, and an in COMPONENT_EXPORT()
410 // optional precursor origin given by |precursor_scheme|, |precursor_host| and in COMPONENT_EXPORT()
414 // This factory method should be used in order to pass opaque Origin objects in COMPONENT_EXPORT()
417 static absl::optional<Origin> UnsafelyCreateOpaqueOriginWithoutNormalization( in COMPONENT_EXPORT()
423 // Constructs a non-opaque tuple origin. |tuple| must be valid. in COMPONENT_EXPORT()
424 explicit Origin(SchemeHostPort tuple); in COMPONENT_EXPORT()
426 // Constructs an opaque origin derived from the |precursor| tuple, with the in COMPONENT_EXPORT()
428 Origin(const Nonce& nonce, SchemeHostPort precursor); in COMPONENT_EXPORT()
430 // Get the nonce associated with this origin, if it is opaque, or nullptr in COMPONENT_EXPORT()
431 // otherwise. This should be used only when trying to send an Origin across an in COMPONENT_EXPORT()
435 // Serializes this Origin, including its nonce if it is opaque. If an opaque in COMPONENT_EXPORT()
436 // origin's |tuple_| is invalid nullopt is returned. If the nonce is not in COMPONENT_EXPORT()
438 // an opaque origin will never be matchable in future browser sessions. in COMPONENT_EXPORT()
447 // Deserializes an origin from |ToValueWithNonce|. Returns nullopt if the in COMPONENT_EXPORT()
449 static absl::optional<Origin> Deserialize(const std::string& value); in COMPONENT_EXPORT()
452 // well as for opaque origins, where it tracks the tuple origin from which in COMPONENT_EXPORT()
453 // the opaque origin was initially derived (we call this the "precursor" in COMPONENT_EXPORT()
454 // origin). in COMPONENT_EXPORT()
457 // The nonce is used for maintaining identity of an opaque origin. This in COMPONENT_EXPORT()
458 // nonce is preserved when an opaque origin is copied or moved. An Origin in COMPONENT_EXPORT()
465 std::ostream& operator<<(std::ostream& out, const Origin& origin);
467 std::ostream& operator<<(std::ostream& out, const Origin::Nonce& origin);
471 // DEBUG_ALIAS_FOR_ORIGIN(var_name, origin) copies `origin` into a new
473 // value of `origin` gets preserved in crash dumps.
474 #define DEBUG_ALIAS_FOR_ORIGIN(var_name, origin) \
475 DEBUG_ALIAS_FOR_CSTR(var_name, (origin).Serialize().c_str(), 128)
482 const url::Origin* value);