Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-08-06 06:00:15 +01:00
Code Issues Projects Releases Packages Wiki Activity

make is_origin_trustworthy a method of ServoUrl + fix localhost handling

Browse source
This commit is contained in:
Alexandrov Sergey 2020-05-17 13:50:11 +03:00
parent a7c5c97616
commit 357b486455
4 changed files with 30 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

28
components/net/http_loader.rs
View file

@ -171,7 +171,7 @@ fn no_referrer_when_downgrade_header(
url: ServoUrl,
https_state: HttpsState,
) -> Option<ServoUrl> {
if https_state == HttpsState::Modern && !is_origin_trustworthy(url) {
if https_state == HttpsState::Modern && !url.is_origin_trustworthy() {
return None;
}
return strip_url(referrer_url, false);
@ -183,7 +183,7 @@ fn strict_origin(
url: ServoUrl,
https_state: HttpsState,
) -> Option<ServoUrl> {
if https_state == HttpsState::Modern && !is_origin_trustworthy(url) {
if https_state == HttpsState::Modern && !url.is_origin_trustworthy() {
return None;
}
strip_url(referrer_url, true)
@ -199,34 +199,12 @@ fn strict_origin_when_cross_origin(
if same_origin {
return strip_url(referrer_url, false);
}
if https_state == HttpsState::Modern && !is_origin_trustworthy(url) {
if https_state == HttpsState::Modern && !url.is_origin_trustworthy() {
return None;
}
strip_url(referrer_url, true)
}
/// <https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy>
fn is_origin_trustworthy(url: ServoUrl) -> bool {
match url.origin() {
// Step 1
ImmutableOrigin::Opaque(_) => false,
ImmutableOrigin::Tuple(_, _, _) => {
// Step 3
if url.scheme() == "https" || url.scheme() == "wss" {
return true;
}
// Step 4-5 TODO
// Step 6
if url.scheme() == "file" {
return true;
}
// Step 7-8 TODO
// Step 9
false
},
}
}
/// https://html.spec.whatwg.org/multipage/#schemelessly-same-site
fn is_schemelessy_same_site(site_a: &ImmutableOrigin, site_b: &ImmutableOrigin) -> bool {
// Step 1