content/browser/renderer_host/resource_loader.cc - Issue 11416121: Prevent cross-site pages when --site-per-process is passed

Side by Side Diff: content/browser/renderer_host/resource_loader.cc

Issue 11416121: Prevent cross-site pages when --site-per-process is passed (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Fix Redirect Bug and Tests Created 8 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« content/browser/child_process_security_policy_impl.h ('K') | « content/browser/child_process_security_policy_impl.cc ('k') | content/browser/site_per_process_test.cc » ('j') | content/browser/site_per_process_test.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/browser/renderer_host/resource_loader.h"	5 #include "content/browser/renderer_host/resource_loader.h"

6	6

7 #include "base/message_loop.h"	7 #include "base/message_loop.h"

8 #include "base/time.h"	8 #include "base/time.h"

9 #include "content/browser/child_process_security_policy_impl.h"	9 #include "content/browser/child_process_security_policy_impl.h"

10 #include "content/browser/renderer_host/doomed_resource_handler.h"	10 #include "content/browser/renderer_host/doomed_resource_handler.h"

(...skipping 285 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
296 render_view_id,	296 render_view_id,

297 ssl_info,	297 ssl_info,

298 fatal);	298 fatal);

299 }	299 }

300	300

301 void ResourceLoader::OnResponseStarted(net::URLRequest* unused) {	301 void ResourceLoader::OnResponseStarted(net::URLRequest* unused) {

302 DCHECK_EQ(request_.get(), unused);	302 DCHECK_EQ(request_.get(), unused);

303	303

304 VLOG(1) << "OnResponseStarted: " << request_->url().spec();	304 VLOG(1) << "OnResponseStarted: " << request_->url().spec();

305	305

	306 // We should allow the following case:

	307 // Iframe page (a.com/svrRedirect.php) in page (a.com/index.html)

	308 // do the server-side redirect to page (b.com/svrRedirect.php) which

	309 // eventually redirect the iframe back to page (a.com/static.html).

	310 // Since server-side redirect does not load the page into the render

	311 // process, we are safe in this situation and should allow it.

	312 //

	313 // But we need to block the following case:

	314 // Iframe page (a.com/svrRedirect.php) in page (a.com/index.html)

	315 // do the server-side redirect to page (b.com/clientRedirect.php) which

	316 // eventually redirect the iframe back to page (a.com/static.html).

	317 // Since client-side redirect DOES load the page into the render

	318 // process, we should block it.
	Charlie Reis 2012/12/05 02:02:58 This is a nice comment but it's kind of out of pla This is a nice comment but it's kind of out of place here, since there's nothing specific to the site-per-process policy here. Let's simplify it to: "The CanLoadPage check should take place after any server redirects have finished, at the point in time that we know a page will commit in the renderer process." irobert 2012/12/05 19:00:03 Done. Show quoted text On 2012/12/05 02:02:58, creis wrote: > This is a nice comment but it's kind of out of place here, since there's nothing > specific to the site-per-process policy here. Let's simplify it to: > > "The CanLoadPage check should take place after any server redirects have > finished, at the point in time that we know a page will commit in the renderer > process." Done.
	319 ResourceRequestInfoImpl* info = GetRequestInfo();

	320 ChildProcessSecurityPolicyImpl* policy =

	321 ChildProcessSecurityPolicyImpl::GetInstance();

	322 if (!policy->CanLoadPage(info->GetChildID(),

	323 request_->url(),

	324 info->GetResourceType())) {

	325 Cancel();

	326 return;

	327 }

	328

306 if (!request_->status().is_success()) {	329 if (!request_->status().is_success()) {

307 ResponseCompleted();	330 ResponseCompleted();

308 return;	331 return;

309 }	332 }

310	333

311 // We want to send a final upload progress message prior to sending the	334 // We want to send a final upload progress message prior to sending the

312 // response complete message even if we're waiting for an ack to to a	335 // response complete message even if we're waiting for an ack to to a

313 // previous upload progress message.	336 // previous upload progress message.

314 waiting_for_upload_progress_ack_ = false;	337 waiting_for_upload_progress_ack_ = false;

315 ReportUploadProgress();	338 ReportUploadProgress();

(...skipping 257 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
573 // we resume.	596 // we resume.

574 deferred_stage_ = DEFERRED_FINISH;	597 deferred_stage_ = DEFERRED_FINISH;

575 }	598 }

576 }	599 }

577	600

578 void ResourceLoader::CallDidFinishLoading() {	601 void ResourceLoader::CallDidFinishLoading() {

579 delegate_->DidFinishLoading(this);	602 delegate_->DidFinishLoading(this);

580 }	603 }

581	604

582 } // namespace content	605 } // namespace content

OLD	NEW