content/browser/browser_plugin/browser_plugin_embedder.cc - Issue 11234032: Webview tag creation should be using storage partitions.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/browser/browser_plugin/browser_plugin_embedder.cc

Issue 11234032: Webview tag creation should be using storage partitions. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Disabling session storage test for isolated apps. Created 8 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: content/browser/browser_plugin/browser_plugin_embedder.cc

diff --git a/content/browser/browser_plugin/browser_plugin_embedder.cc b/content/browser/browser_plugin/browser_plugin_embedder.cc

index 1f4b64ba3657a4fd283fb7fd1e5c8f125e467336..b789f88a1bcd41b6172ff0bdebd60f3b660d717f 100644

--- a/content/browser/browser_plugin/browser_plugin_embedder.cc

+++ b/content/browser/browser_plugin/browser_plugin_embedder.cc

@@ -15,7 +15,10 @@

#include "content/public/browser/notification_service.h"

#include "content/public/browser/notification_source.h"

#include "content/public/browser/notification_types.h"

+#include "content/public/browser/user_metrics.h"

+#include "content/public/common/result_codes.h"

#include "content/public/common/url_constants.h"

+#include "net/base/escape.h"

#include "third_party/WebKit/Source/WebKit/chromium/public/WebInputEvent.h"

#include "ui/gfx/size.h"

@@ -80,11 +83,36 @@ void BrowserPluginEmbedder::CreateGuest(

BrowserPluginGuest* guest = GetGuestByInstanceID(instance_id);

CHECK(!guest);

+ // Validate that the partition id coming from the renderer is valid UTF-8,

+ // since we depend on this in other parts of the code, such as FilePath

+ // creation. If the validation fails, treat it as a bad message and kill the

+ // renderer process.

+ if (!IsStringUTF8(params.storage_partition_id)) {

+ content::RecordAction(UserMetricsAction("BadMessageTerminate_BPE"));

+ base::KillProcess(render_view_host->GetProcess()->GetHandle(),

+ content::RESULT_CODE_KILLED_BAD_MESSAGE, false);

+ return;

+ }

const std::string& host =

render_view_host->GetSiteInstance()->GetSiteURL().host();

+ std::string url_encoded_partition = net::EscapeQueryParamValue(

+ params.storage_partition_id, false);

+ // The SiteInstance of a given webview tag is based on the fact that it's a

+ // guest process in addition to which platform application the tag belongs to

+ // and what storage partition is in use, rather than the URL that the tag is

+ // being navigated to.

+ GURL guest_site(

+ base::StringPrintf("%s://%s/%s?%s", chrome::kGuestScheme,

+ host.c_str(), params.persist_storage ? "persist" : "",

+ url_encoded_partition.c_str()));

+ SiteInstance* guest_site_instance = SiteInstance::CreateForURL(

+ web_contents()->GetBrowserContext(), guest_site);

guest_web_contents = WebContentsImpl::CreateGuest(

web_contents()->GetBrowserContext(),

- host,

+ guest_site_instance,

instance_id,

params);

« no previous file with comments | « content/browser/browser_context.cc ('k') | content/browser/storage_partition_impl.h » ('j') | no next file with comments »