diff options
author | Peter Varga <pvarga@inf.u-szeged.hu> | 2018-10-31 10:19:32 +0100 |
---|---|---|
committer | Peter Varga <pvarga@inf.u-szeged.hu> | 2018-10-31 09:50:24 +0000 |
commit | 4eda1a0881dcff29f464c7069ef0f850e9c76f77 (patch) | |
tree | c62066f2ec9f1c7a0169762e4fe0fd0f1b8ab045 | |
parent | e6c8000fcfdd42d92aeae26df02d2ebbbd8e0f77 (diff) | |
download | qtwebengine-chromium-4eda1a0881dcff29f464c7069ef0f850e9c76f77.tar.gz |
FIXUP: Implement HTTPS state
Add missing https_state.cc and https_state.h.
This amends commit:
e6c8000fcf [Backport] Fix for security issue 880023 (2/2)
Change-Id: I810334ed6ec8e8ba2c43992f26a7c9de1c1706a1
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
-rw-r--r-- | chromium/third_party/blink/renderer/platform/loader/fetch/https_state.cc | 22 | ||||
-rw-r--r-- | chromium/third_party/blink/renderer/platform/loader/fetch/https_state.h | 35 |
2 files changed, 57 insertions, 0 deletions
diff --git a/chromium/third_party/blink/renderer/platform/loader/fetch/https_state.cc b/chromium/third_party/blink/renderer/platform/loader/fetch/https_state.cc new file mode 100644 index 00000000000..98b50a6d6cd --- /dev/null +++ b/chromium/third_party/blink/renderer/platform/loader/fetch/https_state.cc @@ -0,0 +1,22 @@ +// Copyright 2018 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "third_party/blink/renderer/platform/loader/fetch/https_state.h" + +#include "third_party/blink/renderer/platform/weborigin/security_origin.h" + +namespace blink { + +HttpsState CalculateHttpsState(const SecurityOrigin* security_origin, + base::Optional<HttpsState> parent_https_state) { + if (security_origin && security_origin->Protocol() == "https") + return HttpsState::kModern; + + if (parent_https_state && *parent_https_state != HttpsState::kNone) + return *parent_https_state; + + return HttpsState::kNone; +} + +} // namespace blink diff --git a/chromium/third_party/blink/renderer/platform/loader/fetch/https_state.h b/chromium/third_party/blink/renderer/platform/loader/fetch/https_state.h new file mode 100644 index 00000000000..77023b88d9e --- /dev/null +++ b/chromium/third_party/blink/renderer/platform/loader/fetch/https_state.h @@ -0,0 +1,35 @@ +// Copyright 2018 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef THIRD_PARTY_BLINK_RENDERER_PLATFORM_LOADER_FETCH_HTTPS_STATE_H_ +#define THIRD_PARTY_BLINK_RENDERER_PLATFORM_LOADER_FETCH_HTTPS_STATE_H_ + +#include "base/optional.h" +#include "third_party/blink/renderer/platform/platform_export.h" + +namespace blink { + +class SecurityOrigin; + +// https://fetch.spec.whatwg.org/#concept-https-state-value +enum class HttpsState { + kNone, + // kDeprecated is not used. + kModern +}; + +// According to the Fetch spec, HTTPS state is set during fetch, e.g. to +// modern for https: or to request's client's HTTPS state for data:. +// In the Blink implementation however, HTTPS state is calculated from +// response URL's SecurityOrigin and optional |parent_https_state| (that +// represents request's client's HTTPS state) to emulate this behavior. +// TODO(https://crbug.com/880986): Implement HTTPS state in more +// spec-conformant way. +PLATFORM_EXPORT HttpsState CalculateHttpsState( + const SecurityOrigin*, + base::Optional<HttpsState> parent_https_state = base::nullopt); + +} // namespace blink + +#endif // THIRD_PARTY_BLINK_RENDERER_PLATFORM_LOADER_FETCH_HTTPS_STATE_H_ |