| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" | 5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/profiler/scoped_tracker.h" | 8 #include "base/profiler/scoped_tracker.h" |
| 9 #include "base/strings/utf_string_conversions.h" | 9 #include "base/strings/utf_string_conversions.h" |
| 10 #include "base/trace_event/trace_event.h" | 10 #include "base/trace_event/trace_event.h" |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 43 const uint32 kFilteredMessageClasses[] = { | 43 const uint32 kFilteredMessageClasses[] = { |
| 44 ServiceWorkerMsgStart, | 44 ServiceWorkerMsgStart, |
| 45 EmbeddedWorkerMsgStart, | 45 EmbeddedWorkerMsgStart, |
| 46 }; | 46 }; |
| 47 | 47 |
| 48 bool AllOriginsMatch(const GURL& url_a, const GURL& url_b, const GURL& url_c) { | 48 bool AllOriginsMatch(const GURL& url_a, const GURL& url_b, const GURL& url_c) { |
| 49 return url_a.GetOrigin() == url_b.GetOrigin() && | 49 return url_a.GetOrigin() == url_b.GetOrigin() && |
| 50 url_a.GetOrigin() == url_c.GetOrigin(); | 50 url_a.GetOrigin() == url_c.GetOrigin(); |
| 51 } | 51 } |
| 52 | 52 |
| 53 // TODO(dominicc): When crbug.com/362214 is fixed use that to be | |
| 54 // consistent with Blink's | |
| 55 // SecurityOrigin::canAccessFeatureRequiringSecureOrigin. | |
| 56 bool OriginCanAccessServiceWorkers(const GURL& url) { | 53 bool OriginCanAccessServiceWorkers(const GURL& url) { |
| 57 return url.SchemeIsHTTPOrHTTPS() && | 54 return GetContentClient()->IsOriginTrustWorthy(url); |
| 58 (url.SchemeIsSecure() || net::IsLocalhost(url.host())); | |
| 59 } | 55 } |
| 60 | 56 |
| 61 bool CanRegisterServiceWorker(const GURL& document_url, | 57 bool CanRegisterServiceWorker(const GURL& document_url, |
| 62 const GURL& pattern, | 58 const GURL& pattern, |
| 63 const GURL& script_url) { | 59 const GURL& script_url) { |
| 64 DCHECK(document_url.is_valid()); | 60 DCHECK(document_url.is_valid()); |
| 65 DCHECK(pattern.is_valid()); | 61 DCHECK(pattern.is_valid()); |
| 66 DCHECK(script_url.is_valid()); | 62 DCHECK(script_url.is_valid()); |
| 67 return AllOriginsMatch(document_url, pattern, script_url) && | 63 return AllOriginsMatch(document_url, pattern, script_url) && |
| 68 OriginCanAccessServiceWorkers(document_url) && | 64 OriginCanAccessServiceWorkers(document_url) && |
| (...skipping 966 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1035 ServiceWorkerHandle* handle = handles_.Lookup(handle_id); | 1031 ServiceWorkerHandle* handle = handles_.Lookup(handle_id); |
| 1036 if (!handle) { | 1032 if (!handle) { |
| 1037 BadMessageReceived(); | 1033 BadMessageReceived(); |
| 1038 return; | 1034 return; |
| 1039 } | 1035 } |
| 1040 handle->version()->StopWorker( | 1036 handle->version()->StopWorker( |
| 1041 base::Bind(&ServiceWorkerUtils::NoOpStatusCallback)); | 1037 base::Bind(&ServiceWorkerUtils::NoOpStatusCallback)); |
| 1042 } | 1038 } |
| 1043 | 1039 |
| 1044 } // namespace content | 1040 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1072933006:
Support whitelisting to handle insecure origins as trustworthy origins (chromium) (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master