Implement SecurityOrigin::IsPotentiallyTrustworthy with network::IsOriginPotentiallyTrustworthy

After previous refactoring, the body of SecurityOrigin::IsPotentiallyTrustworthy is essentially equivalent to network::IsOriginPotentiallyTrustworthy, except that it first DCHECKs the protocol is not "data" and handles opaque origins specially. This CL relies on network's method to implement SecurityOrigin's one in order to reduce code duplication. There should be no visible behavior change. Bug: 1153336 Change-Id: Ib88bd716174d4ac68c50bcc99a82fd2e51303b93 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2615260Reviewed-by: Mike West <mkwst@chromium.org> Commit-Queue: Frédéric Wang <fwang@igalia.com> Cr-Commit-Position: refs/heads/master@{#844028}

Implement SecurityOrigin::IsPotentiallyTrustworthy with network::IsOriginPotentiallyTrustworthy
After previous refactoring, the body of SecurityOrigin::IsPotentiallyTrustworthy is essentially equivalent to network::IsOriginPotentiallyTrustworthy, except that it first DCHECKs the protocol is not "data" and handles opaque origins specially. This CL relies on network's method to implement SecurityOrigin's one in order to reduce code duplication. There should be no visible behavior change. Bug: 1153336 Change-Id: Ib88bd716174d4ac68c50bcc99a82fd2e51303b93 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2615260Reviewed-by: Mike West <mkwst@chromium.org> Commit-Queue: Frédéric Wang <fwang@igalia.com> Cr-Commit-Position: refs/heads/master@{#844028}
836394d8 · Frédéric Wang · Chromium LUCI CQ · 9603052b · 836394d8
Commit 836394d8 authored Jan 15, 2021 by Frédéric Wang Committed by Chromium LUCI CQ Jan 15, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 40 deletions

third_party/blink/renderer/platform/weborigin/security_origin.cc ...arty/blink/renderer/platform/weborigin/security_origin.cc +1 -40

No files found.
--- a/third_party/blink/renderer/platform/weborigin/security_origin.cc
+++ b/third_party/blink/renderer/platform/weborigin/security_origin.cc
@@ -438,48 +438,9 @@ bool SecurityOrigin::IsPotentiallyTrustworthy() const {
  // //services/network/public/cpp/is_potentially_trustworthy.h).
  DCHECK_NE(protocol_, "data");
-  // The code below is based on the specification at
-  // https://w3c.github.io/webappsec-secure-contexts/#potentially-trustworthy-origin
-  // 1. If origin is an opaque origin, return "Not Trustworthy".
  if (IsOpaque())
    return is_opaque_origin_potentially_trustworthy_;
+  return network::IsOriginPotentiallyTrustworthy(ToUrlOrigin());
-  // 2. Assert: origin is a tuple origin.
-  DCHECK(!IsOpaque());
-  // 3. If origin’s scheme is either "https" or "wss", return "Potentially
-  //    Trustworthy".
-  // This is handled by the url::GetSecureSchemes() call below.
-  // 4. If origin’s host component matches one of the CIDR notations 127.0.0.0/8
-  //    or ::1/128 [RFC4632], return "Potentially Trustworthy".
-  // 5. If origin’s host component is "localhost" or falls within ".localhost",
-  //    and the user agent conforms to the name resolution rules in
-  //    [let-localhost-be-localhost], return "Potentially Trustworthy".
-  if (IsLocalhost())
-    return true;
-  // 6. If origin’s scheme component is file, return "Potentially Trustworthy".
-  // This is handled by the IsLocal() call below.
-  // 7. If origin’s scheme component is one which the user agent considers to be
-  //    authenticated, return "Potentially Trustworthy".
-  //    Note: See §7.1 Packaged Applications for detail here.
-  //
-  if (base::Contains(url::GetSecureSchemes(), protocol_.Ascii()) || IsLocal())
-    return true;
-  // 8. If origin has been configured as a trustworthy origin, return
-  //    "Potentially Trustworthy".
-  //    Note: See §7.2 Development Environments for detail here.
-  if (network::SecureOriginAllowlist::GetInstance().IsOriginAllowlisted(
-          ToUrlOrigin()))
-    return true;
-  // 9. Return "Not Trustworthy".
-  return false;
 }
 // static