diff options
| author | Steve Block <steveblock@google.com> | 2009-12-17 09:55:06 -0800 |
|---|---|---|
| committer | Android Git Automerger <android-git-automerger@android.com> | 2009-12-17 09:55:06 -0800 |
| commit | b880d713c04257ca40abfef97c300afdead423b8 (patch) | |
| tree | 6982576c228bcd1a7efe98afed544d840751094c /WebCore/page/SecurityOrigin.h | |
| parent | e2e7a5c57b53f01e63a0245b4420d54b454cb373 (diff) | |
| parent | 643ca7872b450ea4efacab6188849e5aac2ba161 (diff) | |
| download | external_webkit-b880d713c04257ca40abfef97c300afdead423b8.zip external_webkit-b880d713c04257ca40abfef97c300afdead423b8.tar.gz external_webkit-b880d713c04257ca40abfef97c300afdead423b8.tar.bz2 | |
am 643ca787: Merge webkit.org at r51976 : Initial merge by git.
Merge commit '643ca7872b450ea4efacab6188849e5aac2ba161' into eclair-mr2-plus-aosp
* commit '643ca7872b450ea4efacab6188849e5aac2ba161':
Merge webkit.org at r51976 : Initial merge by git.
Diffstat (limited to 'WebCore/page/SecurityOrigin.h')
| -rw-r--r-- | WebCore/page/SecurityOrigin.h | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/WebCore/page/SecurityOrigin.h b/WebCore/page/SecurityOrigin.h index 6d4ce1f..af83f02 100644 --- a/WebCore/page/SecurityOrigin.h +++ b/WebCore/page/SecurityOrigin.h @@ -34,6 +34,7 @@ #include <wtf/PassRefPtr.h> #include <wtf/Threading.h> +#include "FrameLoaderTypes.h" #include "PlatformString.h" #include "StringHash.h" @@ -110,6 +111,13 @@ namespace WebCore { // WARNING: This is an extremely powerful ability. Use with caution! void grantUniversalAccess(); + // Sandboxing status as determined by the frame. + void setSandboxFlags(SandboxFlags flags) { m_sandboxFlags = flags; } + bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; } + + bool canAccessDatabase() const { return !isSandboxed(SandboxOrigin); } + bool canAccessStorage() const { return !isSandboxed(SandboxOrigin); } + bool isSecureTransitionTo(const KURL&) const; // The local SecurityOrigin is the most privileged SecurityOrigin. @@ -123,8 +131,14 @@ namespace WebCore { // Convert this SecurityOrigin into a string. The string // representation of a SecurityOrigin is similar to a URL, except it // lacks a path component. The string representation does not encode - // the value of the SecurityOrigin's domain property. The empty - // SecurityOrigin is represented with the string "null". + // the value of the SecurityOrigin's domain property. + // + // When using the string value, it's important to remember that it + // might be "null". This happens when this SecurityOrigin has + // noAccess to other SecurityOrigins. For example, this SecurityOrigin + // might have come from a data URL, the SecurityOrigin might be empty, + // or we might have explicitly decided that we + // shouldTreatURLSchemeAsNoAccess. String toString() const; // Serialize the security origin to a string that could be used as part of @@ -165,8 +179,6 @@ namespace WebCore { static void whiteListAccessFromOrigin(const SecurityOrigin& sourceOrigin, const String& destinationProtocol, const String& destinationDomains, bool allowDestinationSubdomains); static void resetOriginAccessWhiteLists(); - static bool isDefaultPortForProtocol(unsigned short port, const String& protocol); - private: explicit SecurityOrigin(const KURL&); explicit SecurityOrigin(const SecurityOrigin*); @@ -175,6 +187,7 @@ namespace WebCore { String m_host; String m_domain; unsigned short m_port; + SandboxFlags m_sandboxFlags; bool m_noAccess; bool m_universalAccess; bool m_domainWasSetInDOM; |