diff --git a/include/capi/cef_scheme_capi.h b/include/capi/cef_scheme_capi.h index 69c884e76..5122f8ace 100644 --- a/include/capi/cef_scheme_capi.h +++ b/include/capi/cef_scheme_capi.h @@ -33,7 +33,7 @@ // by hand. See the translator.README.txt file in the tools directory for // more information. // -// $hash=ba3b03834e2db16056cd2be805ec9f116a92e14e$ +// $hash=1d4a363735a7274fb957905f47841c63301507f0$ // #ifndef CEF_INCLUDE_CAPI_CEF_SCHEME_CAPI_H_ @@ -66,59 +66,7 @@ typedef struct _cef_scheme_registrar_t { // Register a custom scheme. This function should not be called for the built- // in HTTP, HTTPS, FILE, FTP, ABOUT and DATA schemes. // - // If |is_standard| is true (1) the scheme will be treated as a standard - // scheme. Standard schemes are subject to URL canonicalization and parsing - // rules as defined in the Common Internet Scheme Syntax RFC 1738 Section 3.1 - // available at http://www.ietf.org/rfc/rfc1738.txt - // - // In particular, the syntax for standard scheme URLs must be of the form: - //
- // [scheme]://[username]:[password]@[host]:[port]/[url-path] - //Standard scheme URLs must have a host component that is a fully - // qualified domain name as defined in Section 3.5 of RFC 1034 [13] and - // Section 2.1 of RFC 1123. These URLs will be canonicalized to - // "scheme://host/path" in the simplest case and - // "scheme://username:password@host:port/path" in the most explicit case. For - // example, "scheme:host/path" and "scheme:///host/path" will both be - // canonicalized to "scheme://host/path". The origin of a standard scheme URL - // is the combination of scheme, host and port (i.e., "scheme://host:port" in - // the most explicit case). - // - // For non-standard scheme URLs only the "scheme:" component is parsed and - // canonicalized. The remainder of the URL will be passed to the handler as- - // is. For example, "scheme:///some%20text" will remain the same. Non-standard - // scheme URLs cannot be used as a target for form submission. - // - // If |is_local| is true (1) the scheme will be treated with the same security - // rules as those applied to "file" URLs. Normal pages cannot link to or - // access local URLs. Also, by default, local URLs can only perform - // XMLHttpRequest calls to the same URL (origin + path) that originated the - // request. To allow XMLHttpRequest calls from a local URL to other URLs with - // the same origin set the CefSettings.file_access_from_file_urls_allowed - // value to true (1). To allow XMLHttpRequest calls from a local URL to all - // origins set the CefSettings.universal_access_from_file_urls_allowed value - // to true (1). - // - // If |is_display_isolated| is true (1) the scheme can only be displayed from - // other content hosted with the same scheme. For example, pages in other - // origins cannot create iframes or hyperlinks to URLs with the scheme. For - // schemes that must be accessible from other schemes set this value to false - // (0), set |is_cors_enabled| to true (1), and use CORS "Access-Control-Allow- - // Origin" headers to further restrict access. - // - // If |is_secure| is true (1) the scheme will be treated with the same - // security rules as those applied to "https" URLs. For example, loading this - // scheme from other secure schemes will not trigger mixed content warnings. - // - // If |is_cors_enabled| is true (1) the scheme can be sent CORS requests. This - // value should be true (1) in most cases where |is_standard| is true (1). - // - // If |is_csp_bypassing| is true (1) the scheme can bypass Content-Security- - // Policy (CSP) checks. This value should be false (0) in most cases where - // |is_standard| is true (1). - // - // If |is_fetch_enabled| is true (1) the scheme can perform Fetch API - // requests. + // See cef_scheme_options_t for possible values for |options|. // // This function may be called on any thread. It should only be called once // per unique |scheme_name| value. If |scheme_name| is already registered or @@ -126,13 +74,7 @@ typedef struct _cef_scheme_registrar_t { /// int(CEF_CALLBACK* add_custom_scheme)(struct _cef_scheme_registrar_t* self, const cef_string_t* scheme_name, - int is_standard, - int is_local, - int is_display_isolated, - int is_secure, - int is_cors_enabled, - int is_csp_bypassing, - int is_fetch_enabled); + int options); } cef_scheme_registrar_t; /// diff --git a/include/cef_scheme.h b/include/cef_scheme.h index da66f4297..17b62cbae 100644 --- a/include/cef_scheme.h +++ b/include/cef_scheme.h @@ -86,72 +86,14 @@ class CefSchemeRegistrar : public CefBaseScoped { // Register a custom scheme. This method should not be called for the built-in // HTTP, HTTPS, FILE, FTP, ABOUT and DATA schemes. // - // If |is_standard| is true the scheme will be treated as a standard scheme. - // Standard schemes are subject to URL canonicalization and parsing rules as - // defined in the Common Internet Scheme Syntax RFC 1738 Section 3.1 available - // at http://www.ietf.org/rfc/rfc1738.txt - // - // In particular, the syntax for standard scheme URLs must be of the form: - //
- // [scheme]://[username]:[password]@[host]:[port]/[url-path] - //- // Standard scheme URLs must have a host component that is a fully qualified - // domain name as defined in Section 3.5 of RFC 1034 [13] and Section 2.1 of - // RFC 1123. These URLs will be canonicalized to "scheme://host/path" in the - // simplest case and "scheme://username:password@host:port/path" in the most - // explicit case. For example, "scheme:host/path" and "scheme:///host/path" - // will both be canonicalized to "scheme://host/path". The origin of a - // standard scheme URL is the combination of scheme, host and port (i.e., - // "scheme://host:port" in the most explicit case). - // - // For non-standard scheme URLs only the "scheme:" component is parsed and - // canonicalized. The remainder of the URL will be passed to the handler - // as-is. For example, "scheme:///some%20text" will remain the same. - // Non-standard scheme URLs cannot be used as a target for form submission. - // - // If |is_local| is true the scheme will be treated with the same security - // rules as those applied to "file" URLs. Normal pages cannot link to or - // access local URLs. Also, by default, local URLs can only perform - // XMLHttpRequest calls to the same URL (origin + path) that originated the - // request. To allow XMLHttpRequest calls from a local URL to other URLs with - // the same origin set the CefSettings.file_access_from_file_urls_allowed - // value to true. To allow XMLHttpRequest calls from a local URL to all - // origins set the CefSettings.universal_access_from_file_urls_allowed value - // to true. - // - // If |is_display_isolated| is true the scheme can only be displayed from - // other content hosted with the same scheme. For example, pages in other - // origins cannot create iframes or hyperlinks to URLs with the scheme. For - // schemes that must be accessible from other schemes set this value to false, - // set |is_cors_enabled| to true, and use CORS "Access-Control-Allow-Origin" - // headers to further restrict access. - // - // If |is_secure| is true the scheme will be treated with the same security - // rules as those applied to "https" URLs. For example, loading this scheme - // from other secure schemes will not trigger mixed content warnings. - // - // If |is_cors_enabled| is true the scheme can be sent CORS requests. This - // value should be true in most cases where |is_standard| is true. - // - // If |is_csp_bypassing| is true the scheme can bypass Content-Security-Policy - // (CSP) checks. This value should be false in most cases where |is_standard| - // is true. - // - // If |is_fetch_enabled| is true the scheme can perform Fetch API requests. + // See cef_scheme_options_t for possible values for |options|. // // This function may be called on any thread. It should only be called once // per unique |scheme_name| value. If |scheme_name| is already registered or // if an error occurs this method will return false. /// /*--cef()--*/ - virtual bool AddCustomScheme(const CefString& scheme_name, - bool is_standard, - bool is_local, - bool is_display_isolated, - bool is_secure, - bool is_cors_enabled, - bool is_csp_bypassing, - bool is_fetch_enabled) = 0; + virtual bool AddCustomScheme(const CefString& scheme_name, int options) = 0; }; /// diff --git a/include/internal/cef_types.h b/include/internal/cef_types.h index f47e8608d..4aef4ed30 100644 --- a/include/internal/cef_types.h +++ b/include/internal/cef_types.h @@ -2745,6 +2745,90 @@ typedef enum { SSL_CONTENT_RAN_INSECURE_CONTENT = 1 << 1, } cef_ssl_content_status_t; +// +// Configuration options for registering a custom scheme. +// These values are used when calling AddCustomScheme. +// +typedef enum { + CEF_SCHEME_OPTION_NONE = 0, + + /// + // If CEF_SCHEME_OPTION_STANDARD is set the scheme will be treated as a + // standard scheme. Standard schemes are subject to URL canonicalization and + // parsing rules as defined in the Common Internet Scheme Syntax RFC 1738 + // Section 3.1 available at http://www.ietf.org/rfc/rfc1738.txt + // + // In particular, the syntax for standard scheme URLs must be of the form: + //
+ // [scheme]://[username]:[password]@[host]:[port]/[url-path] + //Standard scheme URLs must have a host component that is a fully + // qualified domain name as defined in Section 3.5 of RFC 1034 [13] and + // Section 2.1 of RFC 1123. These URLs will be canonicalized to + // "scheme://host/path" in the simplest case and + // "scheme://username:password@host:port/path" in the most explicit case. For + // example, "scheme:host/path" and "scheme:///host/path" will both be + // canonicalized to "scheme://host/path". The origin of a standard scheme URL + // is the combination of scheme, host and port (i.e., "scheme://host:port" in + // the most explicit case). + // + // For non-standard scheme URLs only the "scheme:" component is parsed and + // canonicalized. The remainder of the URL will be passed to the handler as- + // is. For example, "scheme:///some%20text" will remain the same. Non-standard + // scheme URLs cannot be used as a target for form submission. + /// + CEF_SCHEME_OPTION_STANDARD = 1 << 0, + + /// + // If CEF_SCHEME_OPTION_LOCAL is set the scheme will be treated with the same + // security rules as those applied to "file" URLs. Normal pages cannot link to + // or access local URLs. Also, by default, local URLs can only perform + // XMLHttpRequest calls to the same URL (origin + path) that originated the + // request. To allow XMLHttpRequest calls from a local URL to other URLs with + // the same origin set the CefSettings.file_access_from_file_urls_allowed + // value to true (1). To allow XMLHttpRequest calls from a local URL to all + // origins set the CefSettings.universal_access_from_file_urls_allowed value + // to true (1). + /// + CEF_SCHEME_OPTION_LOCAL = 1 << 1, + + /// + // If CEF_SCHEME_OPTION_DISPLAY_ISOLATED is set the scheme can only be + // displayed from other content hosted with the same scheme. For example, + // pages in other origins cannot create iframes or hyperlinks to URLs with the + // scheme. For schemes that must be accessible from other schemes don't set + // this, set CEF_SCHEME_OPTION_CORS_ENABLED, and use CORS + // "Access-Control-Allow-Origin" headers to further restrict access. + /// + CEF_SCHEME_OPTION_DISPLAY_ISOLATED = 1 << 2, + + /// + // If CEF_SCHEME_OPTION_SECURE is set the scheme will be treated with the same + // security rules as those applied to "https" URLs. For example, loading this + // scheme from other secure schemes will not trigger mixed content warnings. + /// + CEF_SCHEME_OPTION_SECURE = 1 << 3, + + /// + // If CEF_SCHEME_OPTION_CORS_ENABLED is set the scheme can be sent CORS + // requests. This value should be set in most cases where + // CEF_SCHEME_OPTION_STANDARD is set. + /// + CEF_SCHEME_OPTION_CORS_ENABLED = 1 << 4, + + /// + // If CEF_SCHEME_OPTION_CSP_BYPASSING is set the scheme can bypass Content- + // Security-Policy (CSP) checks. This value should not be set in most cases + // where CEF_SCHEME_OPTION_STANDARD is set. + /// + CEF_SCHEME_OPTION_CSP_BYPASSING = 1 << 5, + + /// + // If CEF_SCHEME_OPTION_FETCH_ENABLED is set the scheme can perform Fetch API + // requests. + /// + CEF_SCHEME_OPTION_FETCH_ENABLED = 1 << 6, +} cef_scheme_options_t; + /// // Error codes for CDM registration. See cef_web_plugin.h for details. /// diff --git a/libcef/common/scheme_registrar_impl.cc b/libcef/common/scheme_registrar_impl.cc index a6fda49b9..870d797a9 100644 --- a/libcef/common/scheme_registrar_impl.cc +++ b/libcef/common/scheme_registrar_impl.cc @@ -21,18 +21,12 @@ void AppendArray(const std::vector