search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Load 57 into trunk.
[nativeclient.git] / npapi_plugin / origin.cc
blob3b9c2c466f00fd9d9eb6201e608289103fde798c
1 /*
2 * Copyright 2008, Google Inc.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are
7 * met:
8 *
9 * * Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * * Redistributions in binary form must reproduce the above
12 * copyright notice, this list of conditions and the following disclaimer
13 * in the documentation and/or other materials provided with the
14 * distribution.
15 * * Neither the name of Google Inc. nor the names of its
16 * contributors may be used to endorse or promote products derived from
17 * this software without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
23 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 */
31
32
33 #include <stdio.h>
34
35 #include <cctype>
36 #include <string>
37 #include <algorithm>
38
39 #include "native_client/include/base/basictypes.h"
40 #include "native_client/npapi_plugin/origin.h"
41
42 #ifdef ORIGIN_DEBUG
43 # define dprintf(alist) printf alist
44 #else
45 # define dprintf(alist)
46 #endif
47
48 namespace nacl {
49
50 std::string UrlToOrigin(std::string url) {
51 std::string::iterator it = find(url.begin(), url.end(), ':');
52 if (url.end() == it) {
53 dprintf(("no protospec separator found\n"));
54 return "";
55 }
56 for (int num_slashes = 0; num_slashes < 3; ++num_slashes) {
57 it = find(it + 1, url.end(), '/');
58 if (url.end() == it) {
59 dprintf(("no start of pathspec found\n"));
60 return "";
61 }
62 }
63
64 std::string origin(url.begin(), it);
65
66 //
67 // Domain names are in ascii and case insensitive, so we can
68 // canonicalize to all lower case. NB: Internationalizing Domain
69 // Names in Applications (IDNA) encodes unicode in this reduced
70 // alphabet.
71 //
72 for (it = origin.begin(); origin.end() != it; ++it) {
73 *it = tolower(*it);
74 }
75 //
76 // cannonicalize empty hostname as "localhost"
77 //
78 if ("file://" == origin) {
79 origin = "file://localhost";
80 }
81 return origin;
82 }
83
84 // For now we are just checking that NaCl modules are local, or on
85 // code.google.com. Beware NaCl modules in the browser cache!
86 //
87 // Eventually, after sufficient security testing, we will always
88 // return true.
89 bool OriginIsInWhitelist(std::string origin) {
90 static char const *allowed_origin[] = {
91 /*
92 * do *NOT* add in file://localhost as a way to get old tests to
93 * work. The file://localhost was only for early stage testing
94 * -- having it can be a security problem if an adversary can
95 * guess browser cache file names.
96 */
97 "http://localhost",
98 "http://localhost:80",
99 "http://localhost:5103",
100 #if 0
101 "http://code.google.com", // for demos hosted on project website
102 #endif
103 };
104 for (size_t i = 0; i < ARRAYSIZE(allowed_origin); ++i) {
105 if (origin == allowed_origin[i]) {
106 return true;
107 }
108 }
109 return false;
110 }
111
112 }
Branch of Google Native Client