Merge revision 1235 changes:

Support cross-origin XMLHttpRequest loads and redirects for custom standard schemes when enabled via the cross-origin whitelist (issue #950). - Call WebSecurityPolicy::registerURLSchemeAsCORSEnabled() for custom standard schemes. - Explicitly check the cross-origin whitelist in CefResourceDispatcherHostDelegate::OnRequestRedirected() and add the appropriate CORS headers. - Improve the CefAddCrossOriginWhitelistEntry() documentation to mention the top-level domain requirement for sub-domain matching. git-svn-id: https://chromiumembedded.googlecode.com/svn/branches/1453@1236 5089003a-bbd8-11dd-ad1f-f1f9622dbc98
2025-06-05 21:39:12 +02:00 · 2013-04-18 17:59:01 +00:00
parent d9858a1b11
commit 626cdb72b5
11 changed files with 726 additions and 66 deletions
--- a/cef3/libcef/browser/origin_whitelist_impl.cc
+++ b/cef3/libcef/browser/origin_whitelist_impl.cc
@@ -157,6 +157,33 @@ CefOriginWhitelistManager* CefOriginWhitelistManager::GetInstance() {
  return g_manager.Pointer();
 }

+bool IsMatch(const GURL& source_origin,
+             const GURL& target_origin,
+             const Cef_CrossOriginWhiteListEntry_Params& param) {
+  if (source_origin.GetOrigin() != GURL(param.source_origin)) {
+    // Source origin does not match.
+    return false;
+  }
+
+  if (target_origin.scheme() != param.target_protocol) {
+    // Target scheme does not match.
+    return false;
+  }
+
+  if (param.allow_target_subdomains) {
+    if (param.target_domain.empty()) {
+      // Any domain will match.
+      return true;
+    } else {
+      // Match sub-domains.
+      return target_origin.DomainIs(param.target_domain.c_str());
+    }
+  } else {
+    // Match full domain.
+    return (target_origin.host() == param.target_domain);
+  }
+}
+
 }  // namespace

 bool CefAddCrossOriginWhitelistEntry(const CefString& source_origin,
@@ -241,3 +268,21 @@ void GetCrossOriginWhitelistEntries(
  CefOriginWhitelistManager::GetInstance()->GetCrossOriginWhitelistEntries(
      entries);
 }
+
+bool HasCrossOriginWhitelistEntry(const GURL& source, const GURL& target) {
+  std::vector<Cef_CrossOriginWhiteListEntry_Params> params;
+  CefOriginWhitelistManager::GetInstance()->GetCrossOriginWhitelistEntries(
+      &params);
+
+  if (params.empty())
+    return false;
+
+  std::vector<Cef_CrossOriginWhiteListEntry_Params>::const_iterator it =
+      params.begin();
+  for (; it != params.end(); ++it) {
+    if (IsMatch(source, target, *it))
+      return true;
+  }
+
+  return false;
+}