1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
content / public / browser / shared_worker_instance.h [blame]
// Copyright 2014 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CONTENT_PUBLIC_BROWSER_SHARED_WORKER_INSTANCE_H_
#define CONTENT_PUBLIC_BROWSER_SHARED_WORKER_INSTANCE_H_
#include <string>
#include "content/common/content_export.h"
#include "services/network/public/mojom/content_security_policy.mojom.h"
#include "services/network/public/mojom/fetch_api.mojom.h"
#include "third_party/blink/public/common/storage_key/storage_key.h"
#include "third_party/blink/public/mojom/script/script_type.mojom.h"
#include "third_party/blink/public/mojom/worker/shared_worker_creation_context_type.mojom.h"
#include "third_party/blink/public/mojom/worker/shared_worker_info.mojom.h"
#include "url/gurl.h"
#include "url/origin.h"
namespace content {
// This class hold the necessary information to decide if a shared worker
// connection request (SharedWorkerConnector::Connect()) matches an existing
// shared worker.
//
// Note: There exist one SharedWorkerInstance per SharedWorkerHost but it's
// possible to have 2 distinct SharedWorkerHost that have an identical
// SharedWorkerInstance. An example is if |url_| or |constructor_origin| has a
// "file:" scheme, which is treated as opaque.
class CONTENT_EXPORT SharedWorkerInstance {
public:
SharedWorkerInstance(
const GURL& url,
blink::mojom::ScriptType script_type,
network::mojom::CredentialsMode credentials_mode,
const std::string& name,
const blink::StorageKey& storage_key,
blink::mojom::SharedWorkerCreationContextType creation_context_type,
blink::mojom::SharedWorkerSameSiteCookies same_site_cookies);
SharedWorkerInstance(const SharedWorkerInstance& other);
SharedWorkerInstance(SharedWorkerInstance&& other);
SharedWorkerInstance& operator=(const SharedWorkerInstance& other) = delete;
SharedWorkerInstance& operator=(SharedWorkerInstance&& other) = delete;
~SharedWorkerInstance();
// Checks if this SharedWorkerInstance matches the passed url, name, and
// constructor origin params according to the SharedWorker constructor steps
// in the HTML spec:
// https://html.spec.whatwg.org/multipage/workers.html#shared-workers-and-the-sharedworker-interface
// Note that we are using StorageKey to represent the constructor origin.
// A match for the same_site_cookies setting is also performed per:
// https://privacycg.github.io/saa-non-cookie-storage/shared-workers.html
bool Matches(
const GURL& url,
const std::string& name,
const blink::StorageKey& storage_key,
const blink::mojom::SharedWorkerSameSiteCookies same_site_cookies) const;
// Accessors.
const GURL& url() const { return url_; }
const std::string& name() const { return name_; }
blink::mojom::ScriptType script_type() const { return script_type_; }
network::mojom::CredentialsMode credentials_mode() const {
return credentials_mode_;
}
const blink::StorageKey& storage_key() const { return storage_key_; }
const url::Origin& renderer_origin() const { return renderer_origin_; }
blink::mojom::SharedWorkerCreationContextType creation_context_type() const {
return creation_context_type_;
}
blink::mojom::SharedWorkerSameSiteCookies same_site_cookies() const {
return same_site_cookies_;
}
bool DoesRequireCrossSiteRequestForCookies() const {
return storage_key_.IsThirdPartyContext() ||
same_site_cookies_ ==
blink::mojom::SharedWorkerSameSiteCookies::kNone;
}
private:
const GURL url_;
const blink::mojom::ScriptType script_type_;
// Used for fetching the top-level worker script.
const network::mojom::CredentialsMode credentials_mode_;
const std::string name_;
// The storage key. The key contains the origin of the document that created
// this shared worker instance. Used for security checks. See Matches() for
// details.
// https://html.spec.whatwg.org/multipage/workers.html#concept-sharedworkerglobalscope-constructor-origin
const blink::StorageKey storage_key_;
// The origin used by this shared worker on the renderer side. This will
// be the same as the storage key's origin, except in the case of data: URL
// workers, as described in the linked bug.
// TODO(crbug.com/40051700): Make the storage key's origin always match this.
const url::Origin renderer_origin_;
const blink::mojom::SharedWorkerCreationContextType creation_context_type_;
const blink::mojom::SharedWorkerSameSiteCookies same_site_cookies_;
};
} // namespace content
#endif // CONTENT_PUBLIC_BROWSER_SHARED_WORKER_INSTANCE_H_