1// Copyright (c) 2010 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "base/strings/string_util.h" 6#include "net/http/http_auth_filter.h" 7#include "url/gurl.h" 8 9namespace net { 10 11// Using a std::set<> has the benefit of removing duplicates automatically. 12typedef std::set<base::string16> RegistryWhitelist; 13 14// TODO(ahendrickson) -- Determine if we want separate whitelists for HTTP and 15// HTTPS, one for both, or only an HTTP one. My understanding is that the HTTPS 16// entries in the registry mean that you are only allowed to connect to the site 17// via HTTPS and still be considered 'safe'. 18 19HttpAuthFilterWhitelist::HttpAuthFilterWhitelist( 20 const std::string& server_whitelist) { 21 SetWhitelist(server_whitelist); 22} 23 24HttpAuthFilterWhitelist::~HttpAuthFilterWhitelist() { 25} 26 27// Add a new domain |filter| to the whitelist, if it's not already there 28bool HttpAuthFilterWhitelist::AddFilter(const std::string& filter, 29 HttpAuth::Target target) { 30 if ((target != HttpAuth::AUTH_SERVER) && (target != HttpAuth::AUTH_PROXY)) 31 return false; 32 // All proxies pass 33 if (target == HttpAuth::AUTH_PROXY) 34 return true; 35 rules_.AddRuleFromString(filter); 36 return true; 37} 38 39void HttpAuthFilterWhitelist::AddRuleToBypassLocal() { 40 rules_.AddRuleToBypassLocal(); 41} 42 43bool HttpAuthFilterWhitelist::IsValid(const GURL& url, 44 HttpAuth::Target target) const { 45 if ((target != HttpAuth::AUTH_SERVER) && (target != HttpAuth::AUTH_PROXY)) 46 return false; 47 // All proxies pass 48 if (target == HttpAuth::AUTH_PROXY) 49 return true; 50 return rules_.Matches(url); 51} 52 53void HttpAuthFilterWhitelist::SetWhitelist( 54 const std::string& server_whitelist) { 55 rules_.ParseFromString(server_whitelist); 56} 57 58} // namespace net 59