• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "chrome/browser/browsing_data/browsing_data_helper.h"
6 
7 #include "base/command_line.h"
8 #include "base/strings/utf_string_conversions.h"
9 #include "chrome/browser/extensions/extension_special_storage_policy.h"
10 #include "chrome/common/chrome_switches.h"
11 #include "chrome/common/url_constants.h"
12 #include "content/public/browser/child_process_security_policy.h"
13 #include "extensions/common/constants.h"
14 #include "url/gurl.h"
15 
16 // Static
IsWebScheme(const std::string & scheme)17 bool BrowsingDataHelper::IsWebScheme(const std::string& scheme) {
18   // Special-case `file://` scheme iff cookies and site data are enabled via
19   // the `--allow-file-cookies` CLI flag.
20   if (scheme == chrome::kFileScheme) {
21     return CommandLine::ForCurrentProcess()->HasSwitch(
22         switches::kEnableFileCookies);
23 
24   // Otherwise, all "web safe" schemes are valid, except `chrome-extension://`
25   // and `chrome-devtools://`.
26   } else {
27     content::ChildProcessSecurityPolicy* policy =
28         content::ChildProcessSecurityPolicy::GetInstance();
29     return (policy->IsWebSafeScheme(scheme) &&
30             !BrowsingDataHelper::IsExtensionScheme(scheme) &&
31             scheme != chrome::kChromeDevToolsScheme);
32   }
33 }
34 
35 // Static
HasWebScheme(const GURL & origin)36 bool BrowsingDataHelper::HasWebScheme(const GURL& origin) {
37   return BrowsingDataHelper::IsWebScheme(origin.scheme());
38 }
39 
40 // Static
IsExtensionScheme(const std::string & scheme)41 bool BrowsingDataHelper::IsExtensionScheme(const std::string& scheme) {
42   return scheme == extensions::kExtensionScheme;
43 }
44 
45 // Static
HasExtensionScheme(const GURL & origin)46 bool BrowsingDataHelper::HasExtensionScheme(const GURL& origin) {
47   return BrowsingDataHelper::IsExtensionScheme(origin.scheme());
48 }
49 
50 // Static
DoesOriginMatchMask(const GURL & origin,int origin_set_mask,ExtensionSpecialStoragePolicy * policy)51 bool BrowsingDataHelper::DoesOriginMatchMask(const GURL& origin,
52     int origin_set_mask, ExtensionSpecialStoragePolicy* policy) {
53   // Packaged apps and extensions match iff EXTENSION.
54   if (BrowsingDataHelper::HasExtensionScheme(origin.GetOrigin()) &&
55       origin_set_mask & EXTENSION)
56     return true;
57 
58   // If a websafe origin is unprotected, it matches iff UNPROTECTED_WEB.
59   if (!policy->IsStorageProtected(origin.GetOrigin()) &&
60       BrowsingDataHelper::HasWebScheme(origin.GetOrigin()) &&
61       origin_set_mask & UNPROTECTED_WEB)
62     return true;
63 
64   // Hosted applications (protected and websafe origins) iff PROTECTED_WEB.
65   if (policy->IsStorageProtected(origin.GetOrigin()) &&
66       BrowsingDataHelper::HasWebScheme(origin.GetOrigin()) &&
67       origin_set_mask & PROTECTED_WEB)
68     return true;
69 
70   return false;
71 }
72