[iOS][web] Use common IsURLTrustworthy implementation

This CL uses the common implementation in /service to know if a URL should be considered as secure or not, instead of having a custom implementation for iOS. It allows to manage the blob: scheme and reduces the code duplication. This is doing a forward call instead of changing the call sites to make sure that the test are passing. The call sites will be updated later. Previously trustworthy, now treated as not trustworthy: - data scheme URLs (explicitly rejected by IsOriginPotentiallyTrustworthy's opaqueness checks + explicitly rejected by IsUrlPotentiallyTrustworthy). Previously inner origin not extracted, now correct behavior: - blob: URLs (because network::IsUrlPotentiallyTrustworthy calls url::Origin::Create) Previously not trustworthy, now treated as trustworthy: - file scheme (explicitly covered by network::IsOriginPotentiallyTrustworthy, but not by the old SchemeRegistry::secure_schemes) No change in behavior: - about scheme (covered by old SchemeRegistry::secure_schemes and explicitly handled by new network::IsUrlPotentiallyTrustworthy) - https, wss scheme (covered both by old SchemeRegistry::secure_schemes and new GURL::SchemeIsCryptographic) - quic (covered by old SchemeRegistry::secure_schemes and new url::GetSecureSchemes check from IsOriginPotentiallyTrustworthy) - net::IsLocalhost called in the old and new code path Bug: 939077 Change-Id: Ic2f12f9c64e845f78c26bc764f900e0e1108953c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1982540Reviewed-by: Eugene But <eugenebut@chromium.org> Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org> Commit-Queue: Gauthier Ambard <gambard@chromium.org> Cr-Commit-Position: refs/heads/master@{#728160}

[iOS][web] Use common IsURLTrustworthy implementation
This CL uses the common implementation in /service to know if a URL should be considered as secure or not, instead of having a custom implementation for iOS. It allows to manage the blob: scheme and reduces the code duplication. This is doing a forward call instead of changing the call sites to make sure that the test are passing. The call sites will be updated later. Previously trustworthy, now treated as not trustworthy: - data scheme URLs (explicitly rejected by IsOriginPotentiallyTrustworthy's opaqueness checks + explicitly rejected by IsUrlPotentiallyTrustworthy). Previously inner origin not extracted, now correct behavior: - blob: URLs (because network::IsUrlPotentiallyTrustworthy calls url::Origin::Create) Previously not trustworthy, now treated as trustworthy: - file scheme (explicitly covered by network::IsOriginPotentiallyTrustworthy, but not by the old SchemeRegistry::secure_schemes) No change in behavior: - about scheme (covered by old SchemeRegistry::secure_schemes and explicitly handled by new network::IsUrlPotentiallyTrustworthy) - https, wss scheme (covered both by old SchemeRegistry::secure_schemes and new GURL::SchemeIsCryptographic) - quic (covered by old SchemeRegistry::secure_schemes and new url::GetSecureSchemes check from IsOriginPotentiallyTrustworthy) - net::IsLocalhost called in the old and new code path Bug: 939077 Change-Id: Ic2f12f9c64e845f78c26bc764f900e0e1108953c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1982540Reviewed-by: Eugene But <eugenebut@chromium.org> Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org> Commit-Queue: Gauthier Ambard <gambard@chromium.org> Cr-Commit-Position: refs/heads/master@{#728160}
fdad565f · Gauthier Ambard · Commit Bot · 43b6d3ec · fdad565f · fdad565f
Commit fdad565f authored Jan 03, 2020 by Gauthier Ambard Committed by Commit Bot Jan 03, 2020
Show whitespace changes
Inline Side-by-side

Showing with 3 additions and 19 deletions

ios/web/common/BUILD.gn ios/web/common/BUILD.gn +1 -0

ios/web/common/origin_util.mm ios/web/common/origin_util.mm +2 -19

No files found.
--- a/ios/web/common/BUILD.gn
+++ b/ios/web/common/BUILD.gn
@@ -23,6 +23,7 @@ source_set("common") {
    "//base",
    "//ios/web/public/navigation",
    "//net",
+    "//services/network/public/cpp",
    "//url",
  ]

--- a/ios/web/common/origin_util.mm
+++ b/ios/web/common/origin_util.mm
@@ -6,6 +6,7 @@
 #include "base/stl_util.h"
 #include "net/base/url_util.h"
+#include "services/network/public/cpp/is_potentially_trustworthy.h"
 #include "url/gurl.h"
 #include "url/url_util.h"
@@ -16,25 +17,7 @@
 namespace web {
 bool IsOriginSecure(const GURL& url) {
-  if (url.SchemeIsCryptographic() || url.SchemeIsFile())
+  return network::IsUrlPotentiallyTrustworthy(url);
-    return true;
-  // TODO(crbug.com/939077): Also consider inner origins of blob: URLs
-  // (ideally, by deleting this function altogether and instead reusing
-  // //services/network/public/cpp/is_potentially_trustworthy.h (possibly after
-  // moving it to a location that can be consumed by //ios).
-  if (url.SchemeIsFileSystem() && url.inner_url() &&
-      IsOriginSecure(*url.inner_url())) {
-    return true;
-  }
-  if (base::Contains(url::GetSecureSchemes(), url.scheme()))
-    return true;
-  if (net::IsLocalhost(url))
-    return true;
-  return false;
 }
 }  // namespace web