mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-09-30 08:41:15 +00:00
LibWeb: Implement 'Is origin potentially trustworthy?' AO
This commit is contained in:
parent
58ad6de954
commit
d56a6eb508
Notes:
sideshowbarker
2024-07-17 06:40:21 +09:00
Author: https://github.com/linusg Commit: https://github.com/SerenityOS/serenity/commit/d56a6eb508 Pull-request: https://github.com/SerenityOS/serenity/pull/15795 Reviewed-by: https://github.com/ADKaster Reviewed-by: https://github.com/awesomekling Reviewed-by: https://github.com/davidot ✅
|
@ -379,6 +379,7 @@ set(SOURCES
|
|||
Platform/TimerSerenity.cpp
|
||||
RequestIdleCallback/IdleDeadline.cpp
|
||||
ResizeObserver/ResizeObserver.cpp
|
||||
SecureContexts/AbstractOperations.cpp
|
||||
Streams/AbstractOperations.cpp
|
||||
Streams/ReadableStream.cpp
|
||||
SVG/AttributeNames.cpp
|
||||
|
|
|
@ -0,0 +1,60 @@
|
|||
/*
|
||||
* Copyright (c) 2022, Linus Groh <linusg@serenityos.org>
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-2-Clause
|
||||
*/
|
||||
|
||||
#include <AK/IPv4Address.h>
|
||||
#include <AK/IPv6Address.h>
|
||||
#include <LibWeb/HTML/Origin.h>
|
||||
#include <LibWeb/SecureContexts/AbstractOperations.h>
|
||||
#include <LibWeb/URL/URL.h>
|
||||
|
||||
namespace Web::SecureContexts {
|
||||
|
||||
// https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy
|
||||
Trustworthiness is_origin_potentially_trustworthy(HTML::Origin const& origin)
|
||||
{
|
||||
// 1. If origin is an opaque origin, return "Not Trustworthy".
|
||||
if (origin.is_opaque())
|
||||
return Trustworthiness::NotTrustworthy;
|
||||
|
||||
// 2. Assert: origin is a tuple origin.
|
||||
|
||||
// 3. If origin’s scheme is either "https" or "wss", return "Potentially Trustworthy".
|
||||
// Note: This is meant to be analog to the a priori authenticated URL concept in [MIX].
|
||||
if (origin.scheme().is_one_of("https"sv, "wss"sv))
|
||||
return Trustworthiness::PotentiallyTrustworthy;
|
||||
|
||||
// 4. If origin’s host matches one of the CIDR notations 127.0.0.0/8 or ::1/128 [RFC4632], return "Potentially Trustworthy".
|
||||
if (auto ipv4_address = IPv4Address::from_string(origin.host()); ipv4_address.has_value() && (ipv4_address->to_u32() & 0xff000000) != 0)
|
||||
return Trustworthiness::PotentiallyTrustworthy;
|
||||
if (auto ipv6_address = IPv6Address::from_string(origin.host()); ipv6_address.has_value() && ipv6_address->to_string() == "::1")
|
||||
return Trustworthiness::PotentiallyTrustworthy;
|
||||
|
||||
// 5. If the user agent conforms to the name resolution rules in [let-localhost-be-localhost] and one of the following is true:
|
||||
// - origin’s host is "localhost" or "localhost."
|
||||
// - origin’s host ends with ".localhost" or ".localhost."
|
||||
// then return "Potentially Trustworthy".
|
||||
// Note: See § 5.2 localhost for details on the requirements here.
|
||||
if (origin.host().is_one_of("localhost"sv, "localhost.")
|
||||
|| origin.host().ends_with(".localhost"sv)
|
||||
|| origin.host().ends_with(".localhost."sv)) {
|
||||
return Trustworthiness::PotentiallyTrustworthy;
|
||||
}
|
||||
|
||||
// 6. If origin’s scheme is "file", return "Potentially Trustworthy".
|
||||
if (origin.scheme() == "file"sv)
|
||||
return Trustworthiness::PotentiallyTrustworthy;
|
||||
|
||||
// 7. If origin’s scheme component is one which the user agent considers to be authenticated, return "Potentially Trustworthy".
|
||||
// Note: See § 7.1 Packaged Applications for detail here.
|
||||
|
||||
// 8. If origin has been configured as a trustworthy origin, return "Potentially Trustworthy".
|
||||
// Note: See § 7.2 Development Environments for detail here.
|
||||
|
||||
// 9. Return "Not Trustworthy".
|
||||
return Trustworthiness::NotTrustworthy;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,20 @@
|
|||
/*
|
||||
* Copyright (c) 2022, Linus Groh <linusg@serenityos.org>
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-2-Clause
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
|
||||
#include <LibWeb/Forward.h>
|
||||
|
||||
namespace Web::SecureContexts {
|
||||
|
||||
enum class Trustworthiness {
|
||||
PotentiallyTrustworthy,
|
||||
NotTrustworthy,
|
||||
};
|
||||
|
||||
[[nodiscard]] Trustworthiness is_origin_potentially_trustworthy(HTML::Origin const&);
|
||||
|
||||
}
|
Loading…
Reference in a new issue