| // Copyright 2018 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "device/fido/features.h" |
| |
| #include <vector> |
| |
| #include "base/feature_list.h" |
| #include "base/strings/string_split.h" |
| #include "build/build_config.h" |
| #include "url/origin.h" |
| |
| namespace device { |
| |
| #if defined(OS_WIN) |
| const base::Feature kWebAuthUseNativeWinApi{"WebAuthenticationUseNativeWinApi", |
| base::FEATURE_ENABLED_BY_DEFAULT}; |
| #endif // defined(OS_WIN) |
| |
| extern const base::Feature kWebAuthBiometricEnrollment{ |
| "WebAuthenticationBiometricEnrollment", base::FEATURE_ENABLED_BY_DEFAULT}; |
| |
| extern const base::Feature kWebAuthPhoneSupport{ |
| "WebAuthenticationPhoneSupport", base::FEATURE_DISABLED_BY_DEFAULT}; |
| |
| extern const base::Feature kWebAuthFeaturePolicy{ |
| "WebAuthenticationFeaturePolicy", base::FEATURE_DISABLED_BY_DEFAULT}; |
| |
| #if defined(OS_CHROMEOS) || defined(OS_LINUX) |
| const base::Feature kWebAuthCableLowLatency{"WebAuthenticationCableLowLatency", |
| base::FEATURE_ENABLED_BY_DEFAULT}; |
| #endif // defined(OS_CHROMEOS) || defined(OS_LINUX) |
| |
| #if defined(OS_CHROMEOS) |
| const base::Feature kWebAuthCrosPlatformAuthenticator{ |
| "WebAuthenticationCrosPlatformAuthenticator", |
| base::FEATURE_DISABLED_BY_DEFAULT}; |
| #endif // defined(OS_CHROMEOS) |
| |
| extern const base::Feature kWebAuthAttestationBlockList{ |
| "WebAuthentiationAttestationBlockList", base::FEATURE_DISABLED_BY_DEFAULT}; |
| |
| extern const base::FeatureParam<std::string> kWebAuthAttestationBlockedDomains{ |
| &kWebAuthAttestationBlockList, |
| "domains", |
| "", |
| }; |
| |
| bool DoesMatchWebAuthAttestationBlockedDomains(const url::Origin& origin) { |
| const std::string& blocked_domains = kWebAuthAttestationBlockedDomains.Get(); |
| if (blocked_domains.empty()) { |
| return false; |
| } |
| |
| const std::vector<std::string> domains = base::SplitString( |
| blocked_domains, ",", base::TRIM_WHITESPACE, base::SPLIT_WANT_NONEMPTY); |
| for (const std::string& domain : domains) { |
| static constexpr char kWildcardPrefix[] = "(*.)"; |
| if (!domain.empty() && domain[0] == '(' && |
| domain.find(kWildcardPrefix) == 0) { |
| base::StringPiece domain_part(domain); |
| domain_part.remove_prefix(sizeof(kWildcardPrefix) - 1); |
| if (origin.DomainIs(domain_part)) { |
| return true; |
| } |
| } else if (!origin.opaque() && origin.host() == domain) { |
| return true; |
| } |
| } |
| |
| return false; |
| } |
| |
| } // namespace device |