• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PSL_MATCHING_HELPER_H_
6 #define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PSL_MATCHING_HELPER_H_
7 
8 #include <string>
9 
10 #include "base/basictypes.h"
11 
12 class GURL;
13 
14 namespace autofill {
15 struct PasswordForm;
16 }  // namespace autofill
17 
18 namespace password_manager {
19 
20 class PSLMatchingHelper {
21  public:
22   // Enum used for histogram tracking PSL Domain triggering.
23   // New entries should only be added to the end of the enum (before *_COUNT) so
24   // as to not disrupt existing data.
25   enum PSLDomainMatchMetric {
26     PSL_DOMAIN_MATCH_DISABLED = 0,
27     PSL_DOMAIN_MATCH_NONE,
28     PSL_DOMAIN_MATCH_FOUND,
29     PSL_DOMAIN_MATCH_COUNT
30   };
31 
32   PSLMatchingHelper();
33   ~PSLMatchingHelper();
34 
35   bool IsMatchingEnabled() const;
36 
37   // Using the public suffix list for matching the origin is only needed for
38   // websites that do not have a single hostname for entering credentials. It
39   // would be better for their users if they did, but until then we help them
40   // find
41   // credentials across different hostnames. We know that accounts.google.com is
42   // the only hostname we should be accepting credentials on for any domain
43   // under
44   // google.com, so we can apply a tighter policy for that domain.
45   // For owners of domains where a single hostname is always used when your
46   // users are entering their credentials, please contact palmer@chromium.org,
47   // nyquist@chromium.org or file a bug at http://crbug.com/ to be added here.
48   bool ShouldPSLDomainMatchingApply(
49       const std::string& registry_controlled_domain) const;
50 
51   // Two URLs are considered a Public Suffix Domain match if they have the same
52   // scheme, ports, and their registry controlled domains are equal.
53   static bool IsPublicSuffixDomainMatch(const std::string& url1,
54                                         const std::string& url2);
55 
56   // Two hosts are considered to belong to the same website when they share the
57   // registry-controlled domain part.
58   static std::string GetRegistryControlledDomain(const GURL& signon_realm);
59 
60   // This overrides both the command line flags and platform restrictions. This
61   // function is not thread safe, and should be called before any other methods
62   // of |PSLMatchingHelper| are called.
63   static void EnablePublicSuffixDomainMatchingForTesting();
64 
65  private:
66   static bool DeterminePSLEnabled();
67 
68   const bool psl_enabled_;
69 
70   // Default is false, once set to true, overrides |psl_enabled_|.
71   static bool psl_enabled_override_;
72 
73   DISALLOW_COPY_AND_ASSIGN(PSLMatchingHelper);
74 };
75 
76 }  // namespace password_manager
77 
78 #endif  // COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PSL_MATCHING_HELPER_H_
79