-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsame-origin.ts
More file actions
30 lines (28 loc) · 1.09 KB
/
same-origin.ts
File metadata and controls
30 lines (28 loc) · 1.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
/**
* Returns whether two URLs share the same origin.
*
* @remarks
* The comparison matches scheme, host, and port for tuple origins and treats matching opaque origins (`origin === 'null'`) as same-origin.
* This helper is commonly used in redirect policy decisions to distinguish same-origin transitions from cross-origin transitions.
*
* @param sourceUrl - Source URL in the comparison.
* @param targetUrl - Target URL in the comparison.
* @returns `true` when both URLs resolve to the same origin; otherwise `false`.
*/
export function sameOrigin(sourceUrl: URL, targetUrl: URL) {
// 1. If sourceUrl and targetUrl are the same opaque origin, then return true.
if (sourceUrl.origin === targetUrl.origin && sourceUrl.origin === 'null') {
return true
}
// 2. If sourceUrl and targetUrl are both tuple origins and their schemes,
// hosts, and port are identical, then return true.
if (
sourceUrl.protocol === targetUrl.protocol &&
sourceUrl.hostname === targetUrl.hostname &&
sourceUrl.port === targetUrl.port
) {
return true
}
// 3. Return false.
return false
}