1/*
2 * Copyright (C) 2011, 2015 Apple Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23 * THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26#include "config.h"
27#include "SecurityOriginData.h"
28
29#include "Document.h"
30#include "Frame.h"
31#include "SecurityOrigin.h"
32#include <wtf/FileSystem.h>
33#include <wtf/text/CString.h>
34#include <wtf/text/StringBuilder.h>
35#include <wtf/text/StringConcatenateNumbers.h>
36
37namespace WebCore {
38
39String SecurityOriginData::toString() const
40{
41 if (protocol == "file")
42 return "file://"_s;
43
44 if (!port)
45 return makeString(protocol, "://", host);
46 return makeString(protocol, "://", host, ':', static_cast<uint32_t>(*port));
47}
48
49SecurityOriginData SecurityOriginData::fromFrame(Frame* frame)
50{
51 if (!frame)
52 return SecurityOriginData { };
53
54 auto* document = frame->document();
55 if (!document)
56 return SecurityOriginData { };
57
58 return document->securityOrigin().data();
59}
60
61Ref<SecurityOrigin> SecurityOriginData::securityOrigin() const
62{
63 return SecurityOrigin::create(protocol.isolatedCopy(), host.isolatedCopy(), port);
64}
65
66static const char separatorCharacter = '_';
67
68String SecurityOriginData::databaseIdentifier() const
69{
70 // Historically, we've used the following (somewhat non-sensical) string
71 // for the databaseIdentifier of local files. We used to compute this
72 // string because of a bug in how we handled the scheme for file URLs.
73 // Now that we've fixed that bug, we still need to produce this string
74 // to avoid breaking existing persistent state.
75 if (equalIgnoringASCIICase(protocol, "file"))
76 return "file__0"_s;
77
78 StringBuilder stringBuilder;
79 stringBuilder.append(protocol);
80 stringBuilder.append(separatorCharacter);
81 stringBuilder.append(FileSystem::encodeForFileName(host));
82 stringBuilder.append(separatorCharacter);
83 stringBuilder.appendNumber(port.valueOr(0));
84
85 return stringBuilder.toString();
86}
87
88Optional<SecurityOriginData> SecurityOriginData::fromDatabaseIdentifier(const String& databaseIdentifier)
89{
90 // Make sure there's a first separator
91 size_t separator1 = databaseIdentifier.find(separatorCharacter);
92 if (separator1 == notFound)
93 return WTF::nullopt;
94
95 // Make sure there's a second separator
96 size_t separator2 = databaseIdentifier.reverseFind(separatorCharacter);
97 if (separator2 == notFound)
98 return WTF::nullopt;
99
100 // Ensure there were at least 2 separator characters. Some hostnames on intranets have
101 // underscores in them, so we'll assume that any additional underscores are part of the host.
102 if (separator1 == separator2)
103 return WTF::nullopt;
104
105 // Make sure the port section is a valid port number or doesn't exist
106 bool portOkay;
107 int port = databaseIdentifier.right(databaseIdentifier.length() - separator2 - 1).toInt(&portOkay);
108 bool portAbsent = (separator2 == databaseIdentifier.length() - 1);
109 if (!(portOkay || portAbsent))
110 return WTF::nullopt;
111
112 if (port < 0 || port > std::numeric_limits<uint16_t>::max())
113 return WTF::nullopt;
114
115 auto protocol = databaseIdentifier.substring(0, separator1);
116 auto host = databaseIdentifier.substring(separator1 + 1, separator2 - separator1 - 1);
117 if (!port)
118 return SecurityOriginData { protocol, host, WTF::nullopt };
119
120 return SecurityOriginData { protocol, host, static_cast<uint16_t>(port) };
121}
122
123SecurityOriginData SecurityOriginData::isolatedCopy() const
124{
125 SecurityOriginData result;
126
127 result.protocol = protocol.isolatedCopy();
128 result.host = host.isolatedCopy();
129 result.port = port;
130
131 return result;
132}
133
134bool operator==(const SecurityOriginData& a, const SecurityOriginData& b)
135{
136 if (&a == &b)
137 return true;
138
139 return a.protocol == b.protocol
140 && a.host == b.host
141 && a.port == b.port;
142}
143
144} // namespace WebCore
145