third_party/WebKit/Source/platform/weborigin/SchemeRegistry.h - chromium/src - Git at Google

 /*
  * Copyright (C) 2010 Apple Inc. All Rights Reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  *
  * THIS SOFTWARE IS PROVIDED BY APPLE, INC. ``AS IS'' AND ANY
  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE COMPUTER, INC. OR
  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
  * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
  */

 #ifndef SchemeRegistry_h
 #define SchemeRegistry_h

 #include "platform/PlatformExport.h"
 #include "wtf/Allocator.h"
 #include "wtf/HashMap.h"
 #include "wtf/HashSet.h"
 #include "wtf/text/StringHash.h"
 #include "wtf/text/WTFString.h"

 namespace blink {

 using URLSchemesSet = HashSet<String, CaseFoldingHash>;

 template <typename T>
 using URLSchemesMap = HashMap<String, T, CaseFoldingHash>;

 class PLATFORM_EXPORT SchemeRegistry {
   STATIC_ONLY(SchemeRegistry);

  public:
   static void initialize();

   static void registerURLSchemeAsLocal(const String&);
   static bool shouldTreatURLSchemeAsLocal(const String&);

   static void registerURLSchemeAsRestrictingMixedContent(const String&);
   static bool shouldTreatURLSchemeAsRestrictingMixedContent(const String&);

   // Subresources transported by secure schemes do not trigger mixed content
   // warnings. For example, https and data are secure schemes because they
   // cannot be corrupted by active network attackers.
   static void registerURLSchemeAsSecure(const String&);
   static bool shouldTreatURLSchemeAsSecure(const String&);

   static void registerURLSchemeAsNoAccess(const String&);
   static bool shouldTreatURLSchemeAsNoAccess(const String&);

   // Display-isolated schemes can only be displayed (in the sense of
   // SecurityOrigin::canDisplay) by documents from the same scheme.
   static void registerURLSchemeAsDisplayIsolated(const String&);
   static bool shouldTreatURLSchemeAsDisplayIsolated(const String&);

   static void registerURLSchemeAsEmptyDocument(const String&);
   static bool shouldLoadURLSchemeAsEmptyDocument(const String&);

   static void setDomainRelaxationForbiddenForURLScheme(bool forbidden,
                                                        const String&);
   static bool isDomainRelaxationForbiddenForURLScheme(const String&);

   // Such schemes should delegate to SecurityOrigin::canRequest for any URL
   // passed to SecurityOrigin::canDisplay.
   static bool canDisplayOnlyIfCanRequest(const String& scheme);

   // Schemes against which javascript: URLs should not be allowed to run (stop
   // bookmarklets from running on sensitive pages).
   static void registerURLSchemeAsNotAllowingJavascriptURLs(
       const String& scheme);
   static bool shouldTreatURLSchemeAsNotAllowingJavascriptURLs(
       const String& scheme);

   // Allow non-HTTP schemes to be registered to allow CORS requests.
   static void registerURLSchemeAsCORSEnabled(const String& scheme);
   static bool shouldTreatURLSchemeAsCORSEnabled(const String& scheme);

   // Serialize the registered schemes in a comma-separated list.
   static String listOfCORSEnabledURLSchemes();

   // "Legacy" schemes (e.g. 'ftp:', 'gopher:') which we might want to treat
   // differently from "webby" schemes.
   static bool shouldTreatURLSchemeAsLegacy(const String& scheme);

   // Schemes that can register a service worker.
   static void registerURLSchemeAsAllowingServiceWorkers(const String& scheme);
   static bool shouldTreatURLSchemeAsAllowingServiceWorkers(
       const String& scheme);

   // HTTP-like schemes that are treated as supporting the Fetch API.
   static void registerURLSchemeAsSupportingFetchAPI(const String& scheme);
   static bool shouldTreatURLSchemeAsSupportingFetchAPI(const String& scheme);

   // Schemes which override the first-/third-party checks on a Document.
   static void registerURLSchemeAsFirstPartyWhenTopLevel(const String& scheme);
   static void removeURLSchemeAsFirstPartyWhenTopLevel(const String& scheme);
   static bool shouldTreatURLSchemeAsFirstPartyWhenTopLevel(
       const String& scheme);

   // Schemes that can be used in a referrer.
   static void registerURLSchemeAsAllowedForReferrer(const String& scheme);
   static void removeURLSchemeAsAllowedForReferrer(const String& scheme);
   static bool shouldTreatURLSchemeAsAllowedForReferrer(const String& scheme);

   // Allow resources from some schemes to load on a page, regardless of its
   // Content Security Policy.
   // This enum should be kept in sync with public/web/WebSecurityPolicy.h.
   // Enforced in AssertMatchingEnums.cpp.
   enum PolicyAreas : uint32_t {
     PolicyAreaNone = 0,
     PolicyAreaImage = 1 << 0,
     PolicyAreaStyle = 1 << 1,
     // Add more policy areas as needed by clients.
     PolicyAreaAll = ~static_cast<uint32_t>(0),
   };
   static void registerURLSchemeAsBypassingContentSecurityPolicy(
       const String& scheme,
       PolicyAreas = PolicyAreaAll);
   static void removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(
       const String& scheme);
   static bool schemeShouldBypassContentSecurityPolicy(
       const String& scheme,
       PolicyAreas = PolicyAreaAll);

   // Schemes which bypass Secure Context checks defined in
   // https://w3c.github.io/webappsec/specs/powerfulfeatures/#is-origin-trustworthy.
   static void registerURLSchemeBypassingSecureContextCheck(
       const String& scheme);
   static bool schemeShouldBypassSecureContextCheck(const String& scheme);

  private:
   static const URLSchemesSet& localSchemes();
 };

 }  // namespace blink

 #endif  // SchemeRegistry_h
	/*
	* Copyright (C) 2010 Apple Inc. All Rights Reserved.
	*
	* Redistribution and use in source and binary forms, with or without
	* modification, are permitted provided that the following conditions
	* are met:
	* 1. Redistributions of source code must retain the above copyright
	* notice, this list of conditions and the following disclaimer.
	* 2. Redistributions in binary form must reproduce the above copyright
	* notice, this list of conditions and the following disclaimer in the
	* documentation and/or other materials provided with the distribution.
	*
	* THIS SOFTWARE IS PROVIDED BY APPLE, INC. ``AS IS'' AND ANY
	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
	* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
	* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
	* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
	* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
	* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	*
	*/

	#ifndef SchemeRegistry_h
	#define SchemeRegistry_h

	#include "platform/PlatformExport.h"
	#include "wtf/Allocator.h"
	#include "wtf/HashMap.h"
	#include "wtf/HashSet.h"
	#include "wtf/text/StringHash.h"
	#include "wtf/text/WTFString.h"

	namespace blink {

	using URLSchemesSet = HashSet<String, CaseFoldingHash>;

	template <typename T>
	using URLSchemesMap = HashMap<String, T, CaseFoldingHash>;

	class PLATFORM_EXPORT SchemeRegistry {
	STATIC_ONLY(SchemeRegistry);

	public:
	static void initialize();

	static void registerURLSchemeAsLocal(const String&);
	static bool shouldTreatURLSchemeAsLocal(const String&);

	static void registerURLSchemeAsRestrictingMixedContent(const String&);
	static bool shouldTreatURLSchemeAsRestrictingMixedContent(const String&);

	// Subresources transported by secure schemes do not trigger mixed content
	// warnings. For example, https and data are secure schemes because they
	// cannot be corrupted by active network attackers.
	static void registerURLSchemeAsSecure(const String&);
	static bool shouldTreatURLSchemeAsSecure(const String&);

	static void registerURLSchemeAsNoAccess(const String&);
	static bool shouldTreatURLSchemeAsNoAccess(const String&);

	// Display-isolated schemes can only be displayed (in the sense of
	// SecurityOrigin::canDisplay) by documents from the same scheme.
	static void registerURLSchemeAsDisplayIsolated(const String&);
	static bool shouldTreatURLSchemeAsDisplayIsolated(const String&);

	static void registerURLSchemeAsEmptyDocument(const String&);
	static bool shouldLoadURLSchemeAsEmptyDocument(const String&);

	static void setDomainRelaxationForbiddenForURLScheme(bool forbidden,
	const String&);
	static bool isDomainRelaxationForbiddenForURLScheme(const String&);

	// Such schemes should delegate to SecurityOrigin::canRequest for any URL
	// passed to SecurityOrigin::canDisplay.
	static bool canDisplayOnlyIfCanRequest(const String& scheme);

	// Schemes against which javascript: URLs should not be allowed to run (stop
	// bookmarklets from running on sensitive pages).
	static void registerURLSchemeAsNotAllowingJavascriptURLs(
	const String& scheme);
	static bool shouldTreatURLSchemeAsNotAllowingJavascriptURLs(
	const String& scheme);

	// Allow non-HTTP schemes to be registered to allow CORS requests.
	static void registerURLSchemeAsCORSEnabled(const String& scheme);
	static bool shouldTreatURLSchemeAsCORSEnabled(const String& scheme);

	// Serialize the registered schemes in a comma-separated list.
	static String listOfCORSEnabledURLSchemes();

	// "Legacy" schemes (e.g. 'ftp:', 'gopher:') which we might want to treat
	// differently from "webby" schemes.
	static bool shouldTreatURLSchemeAsLegacy(const String& scheme);

	// Schemes that can register a service worker.
	static void registerURLSchemeAsAllowingServiceWorkers(const String& scheme);
	static bool shouldTreatURLSchemeAsAllowingServiceWorkers(
	const String& scheme);

	// HTTP-like schemes that are treated as supporting the Fetch API.
	static void registerURLSchemeAsSupportingFetchAPI(const String& scheme);
	static bool shouldTreatURLSchemeAsSupportingFetchAPI(const String& scheme);

	// Schemes which override the first-/third-party checks on a Document.
	static void registerURLSchemeAsFirstPartyWhenTopLevel(const String& scheme);
	static void removeURLSchemeAsFirstPartyWhenTopLevel(const String& scheme);
	static bool shouldTreatURLSchemeAsFirstPartyWhenTopLevel(
	const String& scheme);

	// Schemes that can be used in a referrer.
	static void registerURLSchemeAsAllowedForReferrer(const String& scheme);
	static void removeURLSchemeAsAllowedForReferrer(const String& scheme);
	static bool shouldTreatURLSchemeAsAllowedForReferrer(const String& scheme);

	// Allow resources from some schemes to load on a page, regardless of its
	// Content Security Policy.
	// This enum should be kept in sync with public/web/WebSecurityPolicy.h.
	// Enforced in AssertMatchingEnums.cpp.
	enum PolicyAreas : uint32_t {
	PolicyAreaNone = 0,
	PolicyAreaImage = 1 << 0,
	PolicyAreaStyle = 1 << 1,
	// Add more policy areas as needed by clients.
	PolicyAreaAll = ~static_cast<uint32_t>(0),
	};
	static void registerURLSchemeAsBypassingContentSecurityPolicy(
	const String& scheme,
	PolicyAreas = PolicyAreaAll);
	static void removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(
	const String& scheme);
	static bool schemeShouldBypassContentSecurityPolicy(
	const String& scheme,
	PolicyAreas = PolicyAreaAll);

	// Schemes which bypass Secure Context checks defined in
	// https://w3c.github.io/webappsec/specs/powerfulfeatures/#is-origin-trustworthy.
	static void registerURLSchemeBypassingSecureContextCheck(
	const String& scheme);
	static bool schemeShouldBypassSecureContextCheck(const String& scheme);

	private:
	static const URLSchemesSet& localSchemes();
	};

	} // namespace blink

	#endif // SchemeRegistry_h