Chromium Code Reviews Chromium Code Reviews
Issue 11416121:
Prevent cross-site pages when --site-per-process is passed (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc e-loading | 5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc e-loading |
| 6 | 6 |
| 7 #include "content/browser/renderer_host/resource_dispatcher_host_impl.h" | 7 #include "content/browser/renderer_host/resource_dispatcher_host_impl.h" |
| 8 | 8 |
| 9 #include <set> | 9 #include <set> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 155 bool ShouldServiceRequest(ProcessType process_type, | 155 bool ShouldServiceRequest(ProcessType process_type, |
| 156 int child_id, | 156 int child_id, |
| 157 const ResourceHostMsg_Request& request_data) { | 157 const ResourceHostMsg_Request& request_data) { |
| 158 if (process_type == PROCESS_TYPE_PLUGIN) | 158 if (process_type == PROCESS_TYPE_PLUGIN) |
| 159 return true; | 159 return true; |
| 160 | 160 |
| 161 ChildProcessSecurityPolicyImpl* policy = | 161 ChildProcessSecurityPolicyImpl* policy = |
| 162 ChildProcessSecurityPolicyImpl::GetInstance(); | 162 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 163 | 163 |
| 164 // Check if the renderer is permitted to request the requested URL. | 164 // Check if the renderer is permitted to request the requested URL. |
| 165 if (!policy->CanRequestURL(child_id, request_data.url)) { | 165 if (!policy->CanRequestURL(child_id, request_data.url, |
| 166 request_data.resource_type)) { | |
| 166 VLOG(1) << "Denied unauthorized request for " | 167 VLOG(1) << "Denied unauthorized request for " |
| 167 << request_data.url.possibly_invalid_spec(); | 168 << request_data.url.possibly_invalid_spec(); |
| 168 return false; | 169 return false; |
| 169 } | 170 } |
| 170 | 171 |
| 171 // Check if the renderer is permitted to upload the requested files. | 172 // Check if the renderer is permitted to upload the requested files. |
| 172 if (request_data.request_body) { | 173 if (request_data.request_body) { |
| 173 const std::vector<ResourceRequestBody::Element>* uploads = | 174 const std::vector<ResourceRequestBody::Element>* uploads = |
| 174 request_data.request_body->elements(); | 175 request_data.request_body->elements(); |
| 175 std::vector<ResourceRequestBody::Element>::const_iterator iter; | 176 std::vector<ResourceRequestBody::Element>::const_iterator iter; |
| (...skipping 343 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 519 // validating the entry if present. | 520 // validating the entry if present. |
| 520 if (request->get_upload() != NULL) | 521 if (request->get_upload() != NULL) |
| 521 extra_load_flags |= net::LOAD_ONLY_FROM_CACHE; | 522 extra_load_flags |= net::LOAD_ONLY_FROM_CACHE; |
| 522 else | 523 else |
| 523 extra_load_flags |= net::LOAD_PREFERRING_CACHE; | 524 extra_load_flags |= net::LOAD_PREFERRING_CACHE; |
| 524 } else { | 525 } else { |
| 525 extra_load_flags |= net::LOAD_DISABLE_CACHE; | 526 extra_load_flags |= net::LOAD_DISABLE_CACHE; |
| 526 } | 527 } |
| 527 request->set_load_flags(request->load_flags() | extra_load_flags); | 528 request->set_load_flags(request->load_flags() | extra_load_flags); |
| 528 // Check if the renderer is permitted to request the requested URL. | 529 // Check if the renderer is permitted to request the requested URL. |
| 530 // TODO: ResourceType::LAST_TYPE is the place holder, I think it is the | |
| 531 // best type to pass. | |
| 529 if (!ChildProcessSecurityPolicyImpl::GetInstance()-> | 532 if (!ChildProcessSecurityPolicyImpl::GetInstance()-> |
| 530 CanRequestURL(child_id, url)) { | 533 CanRequestURL(child_id, url, ResourceType::LAST_TYPE)) { |
|
Charlie Reis
2012/11/28 18:58:26
This is also making me second guess my suggestion
| |
| 531 VLOG(1) << "Denied unauthorized download request for " | 534 VLOG(1) << "Denied unauthorized download request for " |
| 532 << url.possibly_invalid_spec(); | 535 << url.possibly_invalid_spec(); |
| 533 return CallbackAndReturn(started_callback, net::ERR_ACCESS_DENIED); | 536 return CallbackAndReturn(started_callback, net::ERR_ACCESS_DENIED); |
| 534 } | 537 } |
| 535 | 538 |
| 536 request_id_--; | 539 request_id_--; |
| 537 | 540 |
| 538 const net::URLRequestContext* request_context = context->GetRequestContext(); | 541 const net::URLRequestContext* request_context = context->GetRequestContext(); |
| 539 if (!request_context->job_factory()->IsHandledURL(url)) { | 542 if (!request_context->job_factory()->IsHandledURL(url)) { |
| 540 VLOG(1) << "Download request for unsupported protocol: " | 543 VLOG(1) << "Download request for unsupported protocol: " |
| (...skipping 1179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1720 | 1723 |
| 1721 return i->second.get(); | 1724 return i->second.get(); |
| 1722 } | 1725 } |
| 1723 | 1726 |
| 1724 ResourceLoader* ResourceDispatcherHostImpl::GetLoader(int child_id, | 1727 ResourceLoader* ResourceDispatcherHostImpl::GetLoader(int child_id, |
| 1725 int request_id) const { | 1728 int request_id) const { |
| 1726 return GetLoader(GlobalRequestID(child_id, request_id)); | 1729 return GetLoader(GlobalRequestID(child_id, request_id)); |
| 1727 } | 1730 } |
| 1728 | 1731 |
| 1729 } // namespace content | 1732 } // namespace content |
| OLD | NEW |
