1 | /* |
2 | * Copyright (C) 2011, 2015 Apple Inc. All rights reserved. |
3 | * |
4 | * Redistribution and use in source and binary forms, with or without |
5 | * modification, are permitted provided that the following conditions |
6 | * are met: |
7 | * 1. Redistributions of source code must retain the above copyright |
8 | * notice, this list of conditions and the following disclaimer. |
9 | * 2. Redistributions in binary form must reproduce the above copyright |
10 | * notice, this list of conditions and the following disclaimer in the |
11 | * documentation and/or other materials provided with the distribution. |
12 | * |
13 | * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' |
14 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, |
15 | * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
16 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS |
17 | * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
18 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
19 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
20 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
21 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
22 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF |
23 | * THE POSSIBILITY OF SUCH DAMAGE. |
24 | */ |
25 | |
26 | #include "config.h" |
27 | #include "SecurityOriginData.h" |
28 | |
29 | #include "Document.h" |
30 | #include "Frame.h" |
31 | #include "SecurityOrigin.h" |
32 | #include <wtf/FileSystem.h> |
33 | #include <wtf/text/CString.h> |
34 | #include <wtf/text/StringBuilder.h> |
35 | #include <wtf/text/StringConcatenateNumbers.h> |
36 | |
37 | namespace WebCore { |
38 | |
39 | String SecurityOriginData::toString() const |
40 | { |
41 | if (protocol == "file" ) |
42 | return "file://"_s ; |
43 | |
44 | if (!port) |
45 | return makeString(protocol, "://" , host); |
46 | return makeString(protocol, "://" , host, ':', static_cast<uint32_t>(*port)); |
47 | } |
48 | |
49 | SecurityOriginData SecurityOriginData::fromFrame(Frame* frame) |
50 | { |
51 | if (!frame) |
52 | return SecurityOriginData { }; |
53 | |
54 | auto* document = frame->document(); |
55 | if (!document) |
56 | return SecurityOriginData { }; |
57 | |
58 | return document->securityOrigin().data(); |
59 | } |
60 | |
61 | Ref<SecurityOrigin> SecurityOriginData::securityOrigin() const |
62 | { |
63 | return SecurityOrigin::create(protocol.isolatedCopy(), host.isolatedCopy(), port); |
64 | } |
65 | |
66 | static const char separatorCharacter = '_'; |
67 | |
68 | String SecurityOriginData::databaseIdentifier() const |
69 | { |
70 | // Historically, we've used the following (somewhat non-sensical) string |
71 | // for the databaseIdentifier of local files. We used to compute this |
72 | // string because of a bug in how we handled the scheme for file URLs. |
73 | // Now that we've fixed that bug, we still need to produce this string |
74 | // to avoid breaking existing persistent state. |
75 | if (equalIgnoringASCIICase(protocol, "file" )) |
76 | return "file__0"_s ; |
77 | |
78 | StringBuilder stringBuilder; |
79 | stringBuilder.append(protocol); |
80 | stringBuilder.append(separatorCharacter); |
81 | stringBuilder.append(FileSystem::encodeForFileName(host)); |
82 | stringBuilder.append(separatorCharacter); |
83 | stringBuilder.appendNumber(port.valueOr(0)); |
84 | |
85 | return stringBuilder.toString(); |
86 | } |
87 | |
88 | Optional<SecurityOriginData> SecurityOriginData::fromDatabaseIdentifier(const String& databaseIdentifier) |
89 | { |
90 | // Make sure there's a first separator |
91 | size_t separator1 = databaseIdentifier.find(separatorCharacter); |
92 | if (separator1 == notFound) |
93 | return WTF::nullopt; |
94 | |
95 | // Make sure there's a second separator |
96 | size_t separator2 = databaseIdentifier.reverseFind(separatorCharacter); |
97 | if (separator2 == notFound) |
98 | return WTF::nullopt; |
99 | |
100 | // Ensure there were at least 2 separator characters. Some hostnames on intranets have |
101 | // underscores in them, so we'll assume that any additional underscores are part of the host. |
102 | if (separator1 == separator2) |
103 | return WTF::nullopt; |
104 | |
105 | // Make sure the port section is a valid port number or doesn't exist |
106 | bool portOkay; |
107 | int port = databaseIdentifier.right(databaseIdentifier.length() - separator2 - 1).toInt(&portOkay); |
108 | bool portAbsent = (separator2 == databaseIdentifier.length() - 1); |
109 | if (!(portOkay || portAbsent)) |
110 | return WTF::nullopt; |
111 | |
112 | if (port < 0 || port > std::numeric_limits<uint16_t>::max()) |
113 | return WTF::nullopt; |
114 | |
115 | auto protocol = databaseIdentifier.substring(0, separator1); |
116 | auto host = databaseIdentifier.substring(separator1 + 1, separator2 - separator1 - 1); |
117 | if (!port) |
118 | return SecurityOriginData { protocol, host, WTF::nullopt }; |
119 | |
120 | return SecurityOriginData { protocol, host, static_cast<uint16_t>(port) }; |
121 | } |
122 | |
123 | SecurityOriginData SecurityOriginData::isolatedCopy() const |
124 | { |
125 | SecurityOriginData result; |
126 | |
127 | result.protocol = protocol.isolatedCopy(); |
128 | result.host = host.isolatedCopy(); |
129 | result.port = port; |
130 | |
131 | return result; |
132 | } |
133 | |
134 | bool operator==(const SecurityOriginData& a, const SecurityOriginData& b) |
135 | { |
136 | if (&a == &b) |
137 | return true; |
138 | |
139 | return a.protocol == b.protocol |
140 | && a.host == b.host |
141 | && a.port == b.port; |
142 | } |
143 | |
144 | } // namespace WebCore |
145 | |