1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chrome/browser/browsing_data/browsing_data_helper.h" 6 7#include "base/command_line.h" 8#include "base/strings/utf_string_conversions.h" 9#include "chrome/common/chrome_switches.h" 10#include "chrome/common/url_constants.h" 11#include "content/public/browser/child_process_security_policy.h" 12#include "extensions/common/constants.h" 13#include "storage/browser/quota/special_storage_policy.h" 14#include "url/gurl.h" 15 16// Static 17bool BrowsingDataHelper::IsWebScheme(const std::string& scheme) { 18 // Special-case `file://` scheme iff cookies and site data are enabled via 19 // the `--allow-file-cookies` CLI flag. 20 if (scheme == url::kFileScheme) { 21 return base::CommandLine::ForCurrentProcess()->HasSwitch( 22 switches::kEnableFileCookies); 23 } 24 25 // Otherwise, all "web safe" schemes are valid, except `chrome-extension://` 26 // and `chrome-devtools://`. 27 content::ChildProcessSecurityPolicy* policy = 28 content::ChildProcessSecurityPolicy::GetInstance(); 29 return (policy->IsWebSafeScheme(scheme) && 30 !BrowsingDataHelper::IsExtensionScheme(scheme) && 31 scheme != content::kChromeDevToolsScheme); 32} 33 34// Static 35bool BrowsingDataHelper::HasWebScheme(const GURL& origin) { 36 return BrowsingDataHelper::IsWebScheme(origin.scheme()); 37} 38 39// Static 40bool BrowsingDataHelper::IsExtensionScheme(const std::string& scheme) { 41 return scheme == extensions::kExtensionScheme; 42} 43 44// Static 45bool BrowsingDataHelper::HasExtensionScheme(const GURL& origin) { 46 return BrowsingDataHelper::IsExtensionScheme(origin.scheme()); 47} 48 49// Static 50bool BrowsingDataHelper::DoesOriginMatchMask( 51 const GURL& origin, 52 int origin_set_mask, 53 storage::SpecialStoragePolicy* policy) { 54 // Packaged apps and extensions match iff EXTENSION. 55 if (BrowsingDataHelper::HasExtensionScheme(origin.GetOrigin()) && 56 origin_set_mask & EXTENSION) 57 return true; 58 59 // If a websafe origin is unprotected, it matches iff UNPROTECTED_WEB. 60 if ((!policy || !policy->IsStorageProtected(origin.GetOrigin())) && 61 BrowsingDataHelper::HasWebScheme(origin.GetOrigin()) && 62 origin_set_mask & UNPROTECTED_WEB) 63 return true; 64 65 // Hosted applications (protected and websafe origins) iff PROTECTED_WEB. 66 if (policy && 67 policy->IsStorageProtected(origin.GetOrigin()) && 68 BrowsingDataHelper::HasWebScheme(origin.GetOrigin()) && 69 origin_set_mask & PROTECTED_WEB) 70 return true; 71 72 return false; 73} 74