Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(37)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/common/frame_replication_state.h

Issue 1098763003: Send origin updates to frame proxies when a frame navigates to new origin. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Address Charlie's nits Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/common/frame_messages.h ('k') | content/renderer/render_frame_proxy.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/common/frame_replication_state.h
diff --git a/content/common/frame_replication_state.h b/content/common/frame_replication_state.h
index f6cfa9407d67fd5ac00486d0e8cdc4cc60c51288..ff31872cbb5107e75aa10cfc0220cd495a2543f7 100644
--- a/content/common/frame_replication_state.h
+++ b/content/common/frame_replication_state.h
@@ -43,6 +43,32 @@ inline SandboxFlags operator~(SandboxFlags flags) {
// This structure holds information that needs to be replicated between a
// RenderFrame and any of its associated RenderFrameProxies.
+//
+// |origin| is updated whenever a frame navigation commits. |name| is
Charlie Reis 2015/04/22 23:41:25 These look great, but maybe it would help to put t
alexmos 2015/04/23 00:07:44 Done.
+// set when a new child frame is created, using the value of the <iframe>
+// element's "name" attribute (see RenderFrameHostImpl::OnCreateChildFrame),
+// and it is updated dynamically whenever a frame sets its window.name.
+// |sandbox_flags| are initialized for new child frames using the value of the
+// <iframe>'s "sandbox" attribute. They are updated dynamically whenever a
+// parent frame updates an <iframe>'s sandbox attribute via JavaScript.
+//
+// When |name| is updated dynamically, updates are immediately sent to all
+// frame proxies (when in --site-per-process mode). This is needed since other
+// frames may attempt to lookup or navigate a frame using its updated name
+// (e.g., using window.open(url, frame_name)).
+//
+// Updates to |sandbox_flags| are sent to proxies only after a subsequent
+// navigation of the (sandboxed) frame, since the flags only take effect on
+// navigation. The proxies need updated flags so that they can be inherited
+// properly if a proxy ever becomes a parent of a local frame.
+//
+// TODO(alexmos): For now, |origin| updates are also immediately sent to all
+// proxies with --site-per-process. This isn't ideal, since Blink typically
+// needs a proxy's origin only when performing security checks on the ancestors
+// of a local frame. So, as a future improvement, we could delay sending
+// origin updates to proxies until they have a local descendant (if ever).
+// This would reduce leaking a user's browsing history into a compromized
+// renderer.
struct CONTENT_EXPORT FrameReplicationState {
FrameReplicationState();
FrameReplicationState(const std::string& name);
« no previous file with comments | « content/common/frame_messages.h ('k') | content/renderer/render_frame_proxy.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698