OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" | 5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "base/profiler/scoped_tracker.h" | 8 #include "base/profiler/scoped_tracker.h" |
9 #include "base/strings/utf_string_conversions.h" | 9 #include "base/strings/utf_string_conversions.h" |
10 #include "base/trace_event/trace_event.h" | 10 #include "base/trace_event/trace_event.h" |
11 #include "chrome/common/origin_util.h" | |
11 #include "content/browser/message_port_message_filter.h" | 12 #include "content/browser/message_port_message_filter.h" |
12 #include "content/browser/message_port_service.h" | 13 #include "content/browser/message_port_service.h" |
13 #include "content/browser/service_worker/embedded_worker_registry.h" | 14 #include "content/browser/service_worker/embedded_worker_registry.h" |
14 #include "content/browser/service_worker/service_worker_context_core.h" | 15 #include "content/browser/service_worker/service_worker_context_core.h" |
15 #include "content/browser/service_worker/service_worker_context_wrapper.h" | 16 #include "content/browser/service_worker/service_worker_context_wrapper.h" |
16 #include "content/browser/service_worker/service_worker_handle.h" | 17 #include "content/browser/service_worker/service_worker_handle.h" |
17 #include "content/browser/service_worker/service_worker_registration.h" | 18 #include "content/browser/service_worker/service_worker_registration.h" |
18 #include "content/browser/service_worker/service_worker_registration_handle.h" | 19 #include "content/browser/service_worker/service_worker_registration_handle.h" |
19 #include "content/browser/service_worker/service_worker_utils.h" | 20 #include "content/browser/service_worker/service_worker_utils.h" |
20 #include "content/common/service_worker/embedded_worker_messages.h" | 21 #include "content/common/service_worker/embedded_worker_messages.h" |
(...skipping 22 matching lines...) Expand all Loading... | |
43 const uint32 kFilteredMessageClasses[] = { | 44 const uint32 kFilteredMessageClasses[] = { |
44 ServiceWorkerMsgStart, | 45 ServiceWorkerMsgStart, |
45 EmbeddedWorkerMsgStart, | 46 EmbeddedWorkerMsgStart, |
46 }; | 47 }; |
47 | 48 |
48 bool AllOriginsMatch(const GURL& url_a, const GURL& url_b, const GURL& url_c) { | 49 bool AllOriginsMatch(const GURL& url_a, const GURL& url_b, const GURL& url_c) { |
49 return url_a.GetOrigin() == url_b.GetOrigin() && | 50 return url_a.GetOrigin() == url_b.GetOrigin() && |
50 url_a.GetOrigin() == url_c.GetOrigin(); | 51 url_a.GetOrigin() == url_c.GetOrigin(); |
51 } | 52 } |
52 | 53 |
53 // TODO(dominicc): When crbug.com/362214 is fixed use that to be | |
54 // consistent with Blink's | |
55 // SecurityOrigin::canAccessFeatureRequiringSecureOrigin. | |
56 bool OriginCanAccessServiceWorkers(const GURL& url) { | |
57 return url.SchemeIsHTTPOrHTTPS() && | |
58 (url.SchemeIsSecure() || net::IsLocalhost(url.host())); | |
59 } | |
60 | |
61 bool CanRegisterServiceWorker(const GURL& document_url, | 54 bool CanRegisterServiceWorker(const GURL& document_url, |
62 const GURL& pattern, | 55 const GURL& pattern, |
63 const GURL& script_url) { | 56 const GURL& script_url) { |
64 DCHECK(document_url.is_valid()); | 57 DCHECK(document_url.is_valid()); |
65 DCHECK(pattern.is_valid()); | 58 DCHECK(pattern.is_valid()); |
66 DCHECK(script_url.is_valid()); | 59 DCHECK(script_url.is_valid()); |
67 return AllOriginsMatch(document_url, pattern, script_url) && | 60 return AllOriginsMatch(document_url, pattern, script_url) && |
68 OriginCanAccessServiceWorkers(document_url) && | 61 IsOriginSecure(document_url) && IsOriginSecure(pattern) && |
69 OriginCanAccessServiceWorkers(pattern) && | 62 IsOriginSecure(script_url); |
nhiroki
2015/04/23 01:29:58
IsOriginSecure() is not sufficient here because Se
lgarron
2015/04/23 02:06:04
Drive-by comments are welcome!
You're right, that
| |
70 OriginCanAccessServiceWorkers(script_url); | |
71 } | 63 } |
72 | 64 |
73 bool CanUnregisterServiceWorker(const GURL& document_url, | 65 bool CanUnregisterServiceWorker(const GURL& document_url, |
74 const GURL& pattern) { | 66 const GURL& pattern) { |
75 DCHECK(document_url.is_valid()); | 67 DCHECK(document_url.is_valid()); |
76 DCHECK(pattern.is_valid()); | 68 DCHECK(pattern.is_valid()); |
77 return document_url.GetOrigin() == pattern.GetOrigin() && | 69 return document_url.GetOrigin() == pattern.GetOrigin() && |
78 OriginCanAccessServiceWorkers(document_url) && | 70 IsOriginSecure(document_url) && IsOriginSecure(pattern); |
79 OriginCanAccessServiceWorkers(pattern); | |
80 } | 71 } |
81 | 72 |
82 bool CanGetRegistration(const GURL& document_url, | 73 bool CanGetRegistration(const GURL& document_url, |
83 const GURL& given_document_url) { | 74 const GURL& given_document_url) { |
84 DCHECK(document_url.is_valid()); | 75 DCHECK(document_url.is_valid()); |
85 DCHECK(given_document_url.is_valid()); | 76 DCHECK(given_document_url.is_valid()); |
86 return document_url.GetOrigin() == given_document_url.GetOrigin() && | 77 return document_url.GetOrigin() == given_document_url.GetOrigin() && |
87 OriginCanAccessServiceWorkers(document_url) && | 78 IsOriginSecure(document_url) && IsOriginSecure(given_document_url); |
88 OriginCanAccessServiceWorkers(given_document_url); | |
89 } | 79 } |
90 | 80 |
91 } // namespace | 81 } // namespace |
92 | 82 |
93 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost( | 83 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost( |
94 int render_process_id, | 84 int render_process_id, |
95 MessagePortMessageFilter* message_port_message_filter, | 85 MessagePortMessageFilter* message_port_message_filter, |
96 ResourceContext* resource_context) | 86 ResourceContext* resource_context) |
97 : BrowserMessageFilter(kFilteredMessageClasses, | 87 : BrowserMessageFilter(kFilteredMessageClasses, |
98 arraysize(kFilteredMessageClasses)), | 88 arraysize(kFilteredMessageClasses)), |
(...skipping 936 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1035 ServiceWorkerHandle* handle = handles_.Lookup(handle_id); | 1025 ServiceWorkerHandle* handle = handles_.Lookup(handle_id); |
1036 if (!handle) { | 1026 if (!handle) { |
1037 BadMessageReceived(); | 1027 BadMessageReceived(); |
1038 return; | 1028 return; |
1039 } | 1029 } |
1040 handle->version()->StopWorker( | 1030 handle->version()->StopWorker( |
1041 base::Bind(&ServiceWorkerUtils::NoOpStatusCallback)); | 1031 base::Bind(&ServiceWorkerUtils::NoOpStatusCallback)); |
1042 } | 1032 } |
1043 | 1033 |
1044 } // namespace content | 1034 } // namespace content |
OLD | NEW |