content/browser/child_process_security_policy_impl.cc - Issue 1144253003: Remove --enable-strict-site-isolation

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/browser/child_process_security_policy_impl.cc

Issue 1144253003: Remove --enable-strict-site-isolation (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Charlie's fixes Created 5 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « content/browser/child_process_security_policy_impl.h ('k') | content/browser/loader/resource_dispatcher_host_impl.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: content/browser/child_process_security_policy_impl.cc

diff --git a/content/browser/child_process_security_policy_impl.cc b/content/browser/child_process_security_policy_impl.cc

index 34caa5a492393df47481c4b757c22da70acaadd3..5b03dfc713c8f31721c93b59f786a95a11848feb 100644

--- a/content/browser/child_process_security_policy_impl.cc

+++ b/content/browser/child_process_security_policy_impl.cc

@@ -235,26 +235,6 @@ class ChildProcessSecurityPolicyImpl::SecurityState {

return origin_lock_ == site_gurl;

}

- bool CanSendCookiesForOrigin(const GURL& gurl) {

- // We only block cross-site cookies on network requests if the

- // --enable-strict-site-isolation flag is passed. This is expected to break

- // compatibility with many sites. The similar --site-per-process flag only

- // blocks JavaScript access to cross-site cookies (in

- // CanAccessCookiesForOrigin).

- const base::CommandLine& command_line =

- *base::CommandLine::ForCurrentProcess();

- if (!command_line.HasSwitch(switches::kEnableStrictSiteIsolation))

- return true;

- if (origin_lock_.is_empty())

- return true;

- // TODO(creis): We must pass the valid browser_context to convert hosted

- // apps URLs. Currently, hosted apps cannot set cookies in this mode.

- // See http://crbug.com/160576.

- GURL site_gurl = SiteInstanceImpl::GetSiteForURL(NULL, gurl);

- return origin_lock_ == site_gurl;

- }

void LockToOrigin(const GURL& gurl) {

origin_lock_ = gurl;

}

@@ -822,26 +802,6 @@ bool ChildProcessSecurityPolicyImpl::CanAccessCookiesForOrigin(

return state->second->CanAccessCookiesForOrigin(gurl);

}

-bool ChildProcessSecurityPolicyImpl::CanSendCookiesForOrigin(int child_id,

- const GURL& gurl) {

- for (PluginProcessHostIterator iter; !iter.Done(); ++iter) {

- if (iter.GetData().id == child_id) {

- if (iter.GetData().process_type == PROCESS_TYPE_PLUGIN) {

- // NPAPI plugin processes are unsandboxed and so are trusted. Plugins

- // can make request to any origin.

- return true;

- }

- break;

- }

- base::AutoLock lock(lock_);

- SecurityStateMap::iterator state = security_state_.find(child_id);

- if (state == security_state_.end())

- return false;

- return state->second->CanSendCookiesForOrigin(gurl);

void ChildProcessSecurityPolicyImpl::LockToOrigin(int child_id,

const GURL& gurl) {

// "gurl" can be currently empty in some cases, such as file://blah.

« no previous file with comments | « content/browser/child_process_security_policy_impl.h ('k') | content/browser/loader/resource_dispatcher_host_impl.cc » ('j') | no next file with comments »