diff options
| author | Alexandrov Sergey <splavgm@gmail.com> | 2020-05-17 13:50:11 +0300 |
|---|---|---|
| committer | Alexandrov Sergey <splavgm@gmail.com> | 2020-05-19 20:06:59 +0300 |
| commit | 357b48645599574d6b6d9a3f94e3c6bd9a9cf66e (patch) | |
| tree | 040b555ab226a249fce4f194ba9ae4f66bdfbfd4 /components/url | |
| parent | a7c5c976161320dc5d3983cbd8d70229c633afd5 (diff) | |
| download | servo-357b48645599574d6b6d9a3f94e3c6bd9a9cf66e.tar.gz servo-357b48645599574d6b6d9a3f94e3c6bd9a9cf66e.zip | |
make is_origin_trustworthy a method of ServoUrl + fix localhost handling
Diffstat (limited to 'components/url')
| -rw-r--r-- | components/url/lib.rs | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/components/url/lib.rs b/components/url/lib.rs index 411d3e94683..8a05837a461 100644 --- a/components/url/lib.rs +++ b/components/url/lib.rs @@ -169,6 +169,32 @@ impl ServoUrl { pub fn from_file_path<P: AsRef<Path>>(path: P) -> Result<Self, ()> { Ok(Self::from_url(Url::from_file_path(path)?)) } + + // https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy + pub fn is_origin_trustworthy(&self) -> bool { + // Step 1 + if !self.origin().is_tuple() { + return false; + } + + // Step 3 + if self.scheme() == "https" || self.scheme() == "wss" { + true + // Steps 4-5 + } else if self.host().is_some() { + let host = self.host_str().unwrap(); + // Step 4 + if let Ok(ip_addr) = host.parse::<IpAddr>() { + ip_addr.is_loopback() + // Step 5 + } else { + host == "localhost" || host.ends_with(".localhost") + } + // Step 6 + } else { + self.scheme() == "file" + } + } } impl fmt::Display for ServoUrl { |