Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1100)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/renderer_host/render_message_filter.cc

Issue 8496027: Enhance --enable-strict-site-isolation to prevent a site-isolated renderer (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« content/browser/child_process_security_policy.cc ('K') | « content/browser/child_process_security_policy.cc ('k') | content/browser/renderer_host/resource_dispatcher_host.cc » ('j') | content/browser/site_instance.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/renderer_host/render_message_filter.cc
===================================================================
--- content/browser/renderer_host/render_message_filter.cc (revision 110345)
+++ content/browser/renderer_host/render_message_filter.cc (working copy)
@@ -413,6 +413,11 @@
const GURL& url,
const GURL& first_party_for_cookies,
const std::string& cookie) {
+ ChildProcessSecurityPolicy* policy =
+ ChildProcessSecurityPolicy::GetInstance();
+ if (!policy->CanUseCookiesForOrigin(render_process_id_, url))
+ return;
+
net::CookieOptions options;
if (content::GetContentClient()->browser()->AllowSetCookie(
url, first_party_for_cookies, cookie,
@@ -428,6 +433,13 @@
void RenderMessageFilter::OnGetCookies(const GURL& url,
const GURL& first_party_for_cookies,
IPC::Message* reply_msg) {
+ ChildProcessSecurityPolicy* policy =
+ ChildProcessSecurityPolicy::GetInstance();
+ if (!policy->CanUseCookiesForOrigin(render_process_id_, url)) {
+ SendGetCookiesResponse(reply_msg, std::string());
+ return;
+ }
+
net::URLRequestContext* context = GetRequestContextForURL(url);
net::CookieMonster* cookie_monster =
context->cookie_store()->GetCookieMonster();
@@ -440,13 +452,16 @@
const GURL& url,
const GURL& first_party_for_cookies,
IPC::Message* reply_msg) {
+ ChildProcessSecurityPolicy* policy =
+ ChildProcessSecurityPolicy::GetInstance();
// Only return raw cookies to trusted renderers or if this request is
// not targeted to an an external host like ChromeFrame.
// TODO(ananta) We need to support retreiving raw cookies from external
// hosts.
- if (!ChildProcessSecurityPolicy::GetInstance()->CanReadRawCookies(
- render_process_id_)) {
+ if (!policy->CanReadRawCookies(render_process_id_) ||
+ !policy->CanUseCookiesForOrigin(render_process_id_, url)) {
SendGetRawCookiesResponse(reply_msg, net::CookieList());
+ return;
Charlie Reis 2011/11/22 19:06:59 Wow, lacking a return statement there was a real b
}
// We check policy here to avoid sending back cookies that would not normally
@@ -462,6 +477,11 @@
void RenderMessageFilter::OnDeleteCookie(const GURL& url,
const std::string& cookie_name) {
+ ChildProcessSecurityPolicy* policy =
+ ChildProcessSecurityPolicy::GetInstance();
+ if (!policy->CanUseCookiesForOrigin(render_process_id_, url))
+ return;
+
net::URLRequestContext* context = GetRequestContextForURL(url);
context->cookie_store()->DeleteCookieAsync(url, cookie_name, base::Closure());
}
« content/browser/child_process_security_policy.cc ('K') | « content/browser/child_process_security_policy.cc ('k') | content/browser/renderer_host/resource_dispatcher_host.cc » ('j') | content/browser/site_instance.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698