2 files changed, 41 insertions, 20 deletions

diff --git a/components/script/dom/bindings/trace.rs b/components/script/dom/bindings/trace.rs
index 16138b33641..50c3fbf682f 100644
--- a/components/script/dom/bindings/trace.rs
+++ b/components/script/dom/bindings/trace.rs
@@ -89,6 +89,7 @@ use style::properties::PropertyDeclarationBlock;
 use style::restyle_hints::ElementSnapshot;
 use style::selector_impl::PseudoElement;
 use style::values::specified::Length;
+use url::Origin as UrlOrigin;
 use url::Url;
 use util::str::{DOMString, LengthOrPercentageOrAuto};
 use uuid::Uuid;
@@ -276,7 +277,7 @@ impl<A: JSTraceable, B: JSTraceable, C: JSTraceable> JSTraceable for (A, B, C) {
     }
 }
 
-no_jsmanaged_fields!(bool, f32, f64, String, Url, AtomicBool, AtomicUsize, Uuid);
+no_jsmanaged_fields!(bool, f32, f64, String, Url, AtomicBool, AtomicUsize, UrlOrigin, Uuid);
 no_jsmanaged_fields!(usize, u8, u16, u32, u64);
 no_jsmanaged_fields!(isize, i8, i16, i32, i64);
 no_jsmanaged_fields!(Sender<T>);
diff --git a/components/script/dom/document.rs b/components/script/dom/document.rs
index e38ab86bf29..723e461df30 100644
--- a/components/script/dom/document.rs
+++ b/components/script/dom/document.rs
@@ -94,6 +94,7 @@ use net_traits::CookieSource::NonHTTP;
 use net_traits::response::HttpsState;
 use net_traits::{AsyncResponseTarget, PendingAsyncLoad};
 use num::ToPrimitive;
+use origin::Origin;
 use script_runtime::ScriptChan;
 use script_thread::{MainThreadScriptChan, MainThreadScriptMsg, Runnable};
 use script_traits::UntrustedNodeAddress;
@@ -223,6 +224,8 @@ pub struct Document {
     /// https://html.spec.whatwg.org/multipage/#concept-document-https-state
     https_state: Cell<HttpsState>,
     touchpad_pressure_phase: Cell<TouchpadPressurePhase>,
+    /// The document's origin.
+    origin: Origin,
 }
 
 #[derive(JSTraceable, HeapSizeOf)]
@@ -1544,14 +1547,6 @@ impl Document {
 
     /// https://html.spec.whatwg.org/multipage/#cookie-averse-document-object
     fn is_cookie_averse(&self) -> bool {
-        /// https://url.spec.whatwg.org/#network-scheme
-        fn url_has_network_scheme(url: &Url) -> bool {
-            match &*url.scheme {
-                "ftp" | "http" | "https" => true,
-                _ => false,
-            }
-        }
-
         self.browsing_context.is_none() || !url_has_network_scheme(&self.url)
     }
 
@@ -1590,6 +1585,14 @@ impl LayoutDocumentHelpers for LayoutJS<Document> {
     }
 }
 
+/// https://url.spec.whatwg.org/#network-scheme
+fn url_has_network_scheme(url: &Url) -> bool {
+    match &*url.scheme {
+        "ftp" | "http" | "https" => true,
+        _ => false,
+    }
+}
+
 impl Document {
     pub fn new_inherited(window: &Window,
                          browsing_context: Option<&BrowsingContext>,
@@ -1608,6 +1611,15 @@ impl Document {
             (DocumentReadyState::Complete, true)
         };
 
+        // Incomplete implementation of Document origin specification at
+        // https://html.spec.whatwg.org/multipage/#origin:document
+        let origin = if url_has_network_scheme(&url) {
+            Origin::new(&url)
+        } else {
+            // Default to DOM standard behaviour
+            Origin::opaque_identifier()
+        };
+
         Document {
             node: Node::new_document_node(),
             window: JS::from_ref(window),
@@ -1673,6 +1685,7 @@ impl Document {
             css_errors_store: DOMRefCell::new(vec![]),
             https_state: Cell::new(HttpsState::None),
             touchpad_pressure_phase: Cell::new(TouchpadPressurePhase::BeforeClick),
+            origin: origin,
         }
     }
 
@@ -1868,9 +1881,18 @@ impl DocumentMethods for Document {
 
     // https://html.spec.whatwg.org/multipage/#relaxing-the-same-origin-restriction
     fn Domain(&self) -> DOMString {
-        // TODO: This should use the effective script origin when it exists
-        let origin = self.window.get_url();
-        DOMString::from(origin.serialize_host().unwrap_or_else(|| "".to_owned()))
+        // Step 1.
+        if self.browsing_context().is_none() {
+            return DOMString::new();
+        }
+
+        if let Some(host) = self.origin.host() {
+            // Step 4.
+            DOMString::from(host.serialize())
+        } else {
+            // Step 3.
+            DOMString::new()
+        }
     }
 
     // https://dom.spec.whatwg.org/#dom-document-documenturi
@@ -2497,10 +2519,11 @@ impl DocumentMethods for Document {
             return Ok(DOMString::new());
         }
 
-        let url = self.url();
-        if !is_scheme_host_port_tuple(&url) {
+        if !self.origin.is_scheme_host_port_tuple() {
             return Err(Error::Security);
         }
+
+        let url = self.url();
         let (tx, rx) = ipc::channel().unwrap();
         let _ = self.window.resource_thread().send(GetCookiesForUrl((*url).clone(), tx, NonHTTP));
         let cookies = rx.recv().unwrap();
@@ -2513,10 +2536,11 @@ impl DocumentMethods for Document {
             return Ok(());
         }
 
-        let url = self.url();
-        if !is_scheme_host_port_tuple(url) {
+        if !self.origin.is_scheme_host_port_tuple() {
             return Err(Error::Security);
         }
+
+        let url = self.url();
         let _ = self.window
                     .resource_thread()
                     .send(SetCookiesForUrl((*url).clone(), String::from(cookie), NonHTTP));
@@ -2720,10 +2744,6 @@ impl DocumentMethods for Document {
     }
 }
 
-fn is_scheme_host_port_tuple(url: &Url) -> bool {
-    url.host().is_some() && url.port_or_default().is_some()
-}
-
 fn update_with_current_time_ms(marker: &Cell<u64>) {
     if marker.get() == Default::default() {
         let time = time::get_time();