LibURL: Use a nonce to distinguish opaque origins

Opaque origins are meant to be unique in terms of equality from one another. Since this uniqueness needs to be across processes, use a nonce to implement the uniqueness check.
Author: https://github.com/shannonbooth Commit: 38765fd617 Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/5193 Reviewed-by: https://github.com/tcl3 ✅
2025-08-10 10:09:14 +00:00 · 2025-06-17 14:49:37 +12:00 · 2025-06-17 14:49:37 +12:00 · 38765fd617 · 2025-06-25 15:48:27 +00:00
commit 38765fd617
parent ee8e4d1eec
7 changed files with 77 additions and 24 deletions
--- a/Libraries/LibURL/Origin.cpp
+++ b/Libraries/LibURL/Origin.cpp
@ -1,19 +1,19 @@
 /*
- * Copyright (c) 2024, Shannon Booth <shannon@serenityos.org>
+ * Copyright (c) 2024-2025, Shannon Booth <shannon@serenityos.org>
 *
 * SPDX-License-Identifier: BSD-2-Clause
 */

+#include <LibCrypto/SecureRandom.h>
 #include <LibURL/Origin.h>
 #include <LibURL/Parser.h>
 #include <LibURL/Site.h>

 namespace URL {

-// FIXME: This should be generating a unique origin identifer that can be used for equality checks.
 Origin Origin::create_opaque()
 {
-    return Origin {};
+    return Origin { Crypto::get_secure_random<Nonce>() };
 }

 // https://html.spec.whatwg.org/multipage/browsers.html#same-site
@ -66,8 +66,14 @@ namespace AK {

 unsigned Traits<URL::Origin>::hash(URL::Origin const& origin)
 {
-    if (origin.is_opaque())
-        return 0;
+    if (origin.is_opaque()) {
+        auto const& nonce = origin.nonce();
+        // Random data, so the first u32 is as good as hashing the entire thing.
+        return (static_cast<u32>(nonce[0]) << 24)
+            | (static_cast<u32>(nonce[1]) << 16)
+            | (static_cast<u32>(nonce[2]) << 8)
+            | (static_cast<u32>(nonce[3]));
+    }

    unsigned hash = origin.scheme().value_or(String {}).hash();