blob: 1f2624eda15077edb93545366c835b46b3689172 [file] [log] [blame]
/*
* Copyright (C) 2007,2008 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of
* its contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef SecurityOrigin_h
#define SecurityOrigin_h
#include <wtf/RefCounted.h>
#include <wtf/PassRefPtr.h>
#include <wtf/Threading.h>
#include "PlatformString.h"
namespace WebCore {
class KURL;
class SecurityOrigin : public ThreadSafeShared<SecurityOrigin> {
public:
static PassRefPtr<SecurityOrigin> createFromDatabaseIdentifier(const String&);
static PassRefPtr<SecurityOrigin> createFromString(const String&);
static PassRefPtr<SecurityOrigin> create(const KURL&);
static PassRefPtr<SecurityOrigin> createEmpty();
// Create a deep copy of this SecurityOrigin. This method is useful
// when marshalling a SecurityOrigin to another thread.
PassRefPtr<SecurityOrigin> copy();
// Set the domain property of this security origin to newDomain. This
// function does not check whether newDomain is a suffix of the current
// domain. The caller is responsible for validating newDomain.
void setDomainFromDOM(const String& newDomain);
bool domainWasSetInDOM() const { return m_domainWasSetInDOM; }
String protocol() const { return m_protocol; }
String host() const { return m_host; }
String domain() const { return m_domain; }
unsigned short port() const { return m_port; }
// Returns true if this SecurityOrigin can script objects in the given
// SecurityOrigin. For example, call this function before allowing
// script from one security origin to read or write objects from
// another SecurityOrigin.
bool canAccess(const SecurityOrigin*) const;
// Returns true if this SecurityOrigin can read content retrieved from
// the given URL. For example, call this function before issuing
// XMLHttpRequests.
bool canRequest(const KURL&) const;
// Returns true if this SecurityOrigin can load local resources, such
// as images, iframes, and style sheets, and can link to local URLs.
// For example, call this function before creating an iframe to a
// file:// URL.
//
// Note: A SecurityOrigin might be allowed to load local resources
// without being able to issue an XMLHttpRequest for a local URL.
// To determine whether the SecurityOrigin can issue an
// XMLHttpRequest for a URL, call canRequest(url).
bool canLoadLocalResources() const { return m_canLoadLocalResources; }
// Explicitly grant the ability to load local resources to this
// SecurityOrigin.
//
// Note: This method exists only to support backwards compatibility
// with older versions of WebKit.
void grantLoadLocalResources();
bool isSecureTransitionTo(const KURL&) const;
// The local SecurityOrigin is the most privileged SecurityOrigin.
// The local SecurityOrigin can script any document, navigate to local
// resources, and can set arbitrary headers on XMLHttpRequests.
bool isLocal() const;
// The empty SecurityOrigin is the least privileged SecurityOrigin.
bool isEmpty() const;
// Convert this SecurityOrigin into a string. The string
// representation of a SecurityOrigin is similar to a URL, except it
// lacks a path component. The string representation does not encode
// the value of the SecurityOrigin's domain property. The empty
// SecurityOrigin is represented with the string "null".
String toString() const;
// Serialize the security origin for storage in the database. This format is
// deprecated and should be used only for compatibility with old databases;
// use toString() and createFromString() instead.
String databaseIdentifier() const;
// This method checks for equality between SecurityOrigins, not whether
// one origin can access another. It is used for hash table keys.
// For access checks, use canAccess().
// FIXME: If this method is really only useful for hash table keys, it
// should be refactored into SecurityOriginHash.
bool equal(const SecurityOrigin*) const;
// This method checks for equality, ignoring the value of document.domain
// (and whether it was set) but considering the host. It is used for postMessage.
bool isSameSchemeHostPort(const SecurityOrigin*) const;
private:
explicit SecurityOrigin(const KURL&);
explicit SecurityOrigin(const SecurityOrigin*);
String m_protocol;
String m_host;
String m_domain;
unsigned short m_port;
bool m_noAccess;
bool m_domainWasSetInDOM;
bool m_canLoadLocalResources;
};
} // namespace WebCore
#endif // SecurityOrigin_h