| // Copyright 2018 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| module network.mojom; |
| |
| // An enum to represent a mode if origin matching functions uses port. |
| enum CorsPortMatchMode { |
| kAllowAnyPort, |
| kAllowOnlySpecifiedPort, |
| }; |
| |
| // An enum to represent a mode if matching functions can accept a partial match |
| // for sub-domains, or for registrable domains. |
| enum CorsDomainMatchMode { |
| // 'www.example.com' matches an OriginAccessEntry for 'example.com' |
| kAllowSubdomains, |
| |
| // 'www.example.com' matches an OriginAccessEntry for 'not-www.example.com' |
| kAllowRegistrableDomains, |
| |
| // 'www.example.com' does not match an OriginAccessEntry for 'example.com' |
| kDisallowSubdomains, |
| }; |
| |
| // Determine which Cors exception takes precedence when multiple matches occur. |
| enum CorsOriginAccessMatchPriority { |
| kNoMatchingOrigin, |
| kDefaultPriority, |
| kLowPriority, |
| kMediumPriority, |
| kHighPriority, |
| kMaxPriority |
| }; |
| |
| // Parameters for representing a access origin allowlist or blocklist for CORS. |
| struct CorsOriginPattern { |
| // The protocol part of the destination URL. |
| string protocol; |
| |
| // The domain part of the destination URL. |
| string domain; |
| |
| // The port part of the destination URL. |
| uint16 port; |
| |
| // Specifies a mode for domain match. |
| CorsDomainMatchMode domain_match_mode; |
| |
| // Specifies a mode for port match. |
| CorsPortMatchMode port_match_mode; |
| |
| // Order of preference in which the pattern is applied. Higher priority |
| // patterns take precedence over lower ones. In the case were both a |
| // allow list and block list rule of the same priority match a request, |
| // the block list rule takes priority. |
| CorsOriginAccessMatchPriority priority; |
| }; |
| |
| // Parameters for representing pairs of source origin and allow/block-lists |
| // for CORS. |
| struct CorsOriginAccessPatterns { |
| string source_origin; |
| |
| array<CorsOriginPattern> allow_patterns; |
| array<CorsOriginPattern> block_patterns; |
| }; |