1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "chrome/browser/browsing_data/browsing_data_helper.h"
6
7#include "base/command_line.h"
8#include "base/strings/utf_string_conversions.h"
9#include "chrome/common/chrome_switches.h"
10#include "chrome/common/url_constants.h"
11#include "content/public/browser/child_process_security_policy.h"
12#include "extensions/common/constants.h"
13#include "storage/browser/quota/special_storage_policy.h"
14#include "url/gurl.h"
15
16// Static
17bool BrowsingDataHelper::IsWebScheme(const std::string& scheme) {
18  // Special-case `file://` scheme iff cookies and site data are enabled via
19  // the `--allow-file-cookies` CLI flag.
20  if (scheme == url::kFileScheme) {
21    return base::CommandLine::ForCurrentProcess()->HasSwitch(
22        switches::kEnableFileCookies);
23  }
24
25  // Otherwise, all "web safe" schemes are valid, except `chrome-extension://`
26  // and `chrome-devtools://`.
27  content::ChildProcessSecurityPolicy* policy =
28      content::ChildProcessSecurityPolicy::GetInstance();
29  return (policy->IsWebSafeScheme(scheme) &&
30          !BrowsingDataHelper::IsExtensionScheme(scheme) &&
31          scheme != content::kChromeDevToolsScheme);
32}
33
34// Static
35bool BrowsingDataHelper::HasWebScheme(const GURL& origin) {
36  return BrowsingDataHelper::IsWebScheme(origin.scheme());
37}
38
39// Static
40bool BrowsingDataHelper::IsExtensionScheme(const std::string& scheme) {
41  return scheme == extensions::kExtensionScheme;
42}
43
44// Static
45bool BrowsingDataHelper::HasExtensionScheme(const GURL& origin) {
46  return BrowsingDataHelper::IsExtensionScheme(origin.scheme());
47}
48
49// Static
50bool BrowsingDataHelper::DoesOriginMatchMask(
51    const GURL& origin,
52    int origin_set_mask,
53    storage::SpecialStoragePolicy* policy) {
54  // Packaged apps and extensions match iff EXTENSION.
55  if (BrowsingDataHelper::HasExtensionScheme(origin.GetOrigin()) &&
56      origin_set_mask & EXTENSION)
57    return true;
58
59  // If a websafe origin is unprotected, it matches iff UNPROTECTED_WEB.
60  if ((!policy || !policy->IsStorageProtected(origin.GetOrigin())) &&
61      BrowsingDataHelper::HasWebScheme(origin.GetOrigin()) &&
62      origin_set_mask & UNPROTECTED_WEB)
63    return true;
64
65  // Hosted applications (protected and websafe origins) iff PROTECTED_WEB.
66  if (policy &&
67      policy->IsStorageProtected(origin.GetOrigin()) &&
68      BrowsingDataHelper::HasWebScheme(origin.GetOrigin()) &&
69      origin_set_mask & PROTECTED_WEB)
70    return true;
71
72  return false;
73}
74