#include <dpl/string.h>
#include <dpl/log/log.h>
#include <dpl/wrt-dao-ro/global_dao_read_only.h>
-#include <dpl/utils/wrt_global_settings.h>
#include <ace_api_client.h>
-
-#include <widget_model.h>
-#include "roaming_agent.h"
+#include <dpl/utils/warp_iri.h>
+#include <widget_data_types.h>
namespace ViewModule {
namespace SecuritySupport {
} //TODO copied from view_logic.cpp
-bool checkWARP(const char *url, WidgetModel *widgetModel)
-{
- // ignore WARP in test mode
- if (GlobalSettings::TestModeEnabled()) {
- return true;
- }
-
- if (WarpIRI::isIRISchemaIgnored(url)) {
- // scheme is not supported by WARP
- return true;
- }
-
- return widgetModel->AccessList.Get().isRequiredIRI(
- DPL::FromUTF8String(std::string(url)));
-}
-
bool checkWhitelist(const char *url)
{
LogInfo("Check WhiteList");
return whiteURIList.isRequiredIRI(DPL::FromUTF8String(std::string(url)));
}
-bool checkUriRequiredNet(const std::string &uri)
-{
- if (strstr(uri.c_str(), SCHEME_TYPE_HTTP) == uri.c_str() ||
- strstr(uri.c_str(), SCHEME_TYPE_HTTPS) == uri.c_str())
- {
- return true;
- } else {
- return false;
- }
-}
-
-bool checkACE(const char* url, bool xhr, WidgetModel* model)
-{
- if (url) {
- for (size_t i = 0; ACE_IGNORED_SCHEMA[i]; ++i) {
- if (0 == strncmp(url,
- ACE_IGNORED_SCHEMA[i],
- strlen(ACE_IGNORED_SCHEMA[i])))
- {
- return true;
- }
- }
- }
-
- const char *devCapNamesMarkup = "externalNetworkAccess";
- const char *devCapNamesXHR = "XMLHttpRequest";
-
- ace_request_t aceRequest;
-
- aceRequest.widget_handle = model->Handle.Get();
-
- // TODO! We should get session id from somewhere (outside Widget Process)
- const std::string session = "";
- aceRequest.session_id = const_cast<ace_session_id_t>(session.c_str());
- aceRequest.feature_list.count = 0;
- aceRequest.dev_cap_list.count = 1;
- aceRequest.dev_cap_list.items = new ace_dev_cap_t[1];
-
- if (xhr) {
- aceRequest.dev_cap_list.items[0].name =
- const_cast<ace_string_t>(devCapNamesXHR);
- } else {
- aceRequest.dev_cap_list.items[0].name =
- const_cast<ace_string_t>(devCapNamesMarkup);
- }
-
- aceRequest.dev_cap_list.items[0].param_list.count = 1;
- aceRequest.dev_cap_list.items[0].param_list.items = new ace_param_t[1];
- aceRequest.dev_cap_list.items[0].param_list.items[0].name =
- const_cast<ace_string_t>(PARAM_URL);
- aceRequest.dev_cap_list.items[0].param_list.items[0].value =
- const_cast<ace_string_t>(url);
-
-
- ace_bool_t result = ACE_FALSE;
-
- LogDebug("Making ace check with new C-API");
-
- ace_return_t ret = ace_check_access(&aceRequest, &result);
-
- LogDebug("Result is: " << static_cast<int>(result));
-
- delete [] aceRequest.dev_cap_list.items[0].param_list.items;
- delete [] aceRequest.dev_cap_list.items;
-
- return ACE_OK == ret && ACE_TRUE == result;
-}
-
bool geolocationACECheck(WidgetHandle widgetHandle, bool highAccuracy) {
const char *paramName = NULL;
const char *paramValue = NULL;
paramValue);
}
-bool filterURIBySecurity(DPL::OptionalString &op_uri,
- bool is_xhr,
- WidgetModel *model)
-{
- if (!op_uri)
- {
- return true; //accept empty uri
- }
-
- auto uri = DPL::ToUTF8String(*op_uri);
- if (!checkWARP(uri.c_str(), model))
- {
- LogDebug("Request was blocked by WARP: " << uri);
- return false;
- }
-
- if (!checkACE(uri.c_str(), is_xhr, model))
- {
- LogDebug("Request was blocked by ACE: " << uri);
- return false;
- }
-
- return true;
-}
-
-bool filterURIByRoaming(DPL::OptionalString &opUri)
-{
- if (opUri.IsNull())
- {
- return true; //accept empty uri
- }
-
- std::string uri = DPL::ToUTF8String(*opUri);
- if (checkUriRequiredNet(uri))
- {
- if (!RoamingAgentSingleton::Instance().CheckAccess())
- {
- return false;
- }
- }
-
- return true;
-}
-
} // namespace SecuritySupport
} //namespace ViewModule
projects / platform / framework / web / wrt.git / blobdiff