mirror of
https://github.com/servo/servo.git
synced 2025-08-05 21:50:18 +01:00
Auto merge of #26111 - CYBAI:fix-origin-trustworthy, r=jdm
Update checking origin trustworthy align to spec While reading the [spec of ` Is origin potentially trustworthy? `](https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy), I found our second step is wrong; then, I found Josh said we didn't check it with `https` because we didn't support https in tests yet (https://github.com/servo/servo/pull/13574#discussion_r89346191). IIRC, we've supported https wpt tests now so it might be fine to change it to align with spec. --- - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [ ] There are tests for these changes OR - [ ] These changes do not require tests because ___ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
This commit is contained in:
commit
8cc619cfdb
4 changed files with 12 additions and 7 deletions
|
@ -74,14 +74,19 @@ impl UrlHelper {
|
|||
}
|
||||
// https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy
|
||||
pub fn is_origin_trustworthy(url: &ServoUrl) -> bool {
|
||||
// Step 1
|
||||
if !url.origin().is_tuple() {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Step 3
|
||||
if url.scheme() == "http" || url.scheme() == "wss" {
|
||||
if url.scheme() == "https" || url.scheme() == "wss" {
|
||||
true
|
||||
// Step 4
|
||||
} else if url.host().is_some() {
|
||||
let host = url.host_str().unwrap();
|
||||
host == "127.0.0.0/8" || host == "::1/128"
|
||||
// Step 5
|
||||
// Step 6
|
||||
} else {
|
||||
url.scheme() == "file"
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue