Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(694)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/modules/cachestorage/CacheStorage.cpp

Issue 1177983007: Cache Storage: restrict access to secure origins (Blink-side) (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « LayoutTests/http/tests/security/powerfulFeatureRestrictions/cachestorage-on-insecure-origin.html ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "config.h" 5 #include "config.h"
6 #include "modules/cachestorage/CacheStorage.h" 6 #include "modules/cachestorage/CacheStorage.h"
7 7
8 #include "bindings/core/v8/ScriptPromiseResolver.h" 8 #include "bindings/core/v8/ScriptPromiseResolver.h"
9 #include "bindings/core/v8/ScriptState.h" 9 #include "bindings/core/v8/ScriptState.h"
10 #include "core/dom/DOMException.h" 10 #include "core/dom/DOMException.h"
(...skipping 175 matching lines...) Expand 10 before | Expand all | Expand 10 after
186 CacheStorage* CacheStorage::create(WeakPtr<GlobalFetch::ScopedFetcher> fetcher, WebServiceWorkerCacheStorage* webCacheStorage) 186 CacheStorage* CacheStorage::create(WeakPtr<GlobalFetch::ScopedFetcher> fetcher, WebServiceWorkerCacheStorage* webCacheStorage)
187 { 187 {
188 return new CacheStorage(fetcher, adoptPtr(webCacheStorage)); 188 return new CacheStorage(fetcher, adoptPtr(webCacheStorage));
189 } 189 }
190 190
191 ScriptPromise CacheStorage::open(ScriptState* scriptState, const String& cacheNa me) 191 ScriptPromise CacheStorage::open(ScriptState* scriptState, const String& cacheNa me)
192 { 192 {
193 RefPtrWillBeRawPtr<ScriptPromiseResolver> resolver = ScriptPromiseResolver:: create(scriptState); 193 RefPtrWillBeRawPtr<ScriptPromiseResolver> resolver = ScriptPromiseResolver:: create(scriptState);
194 const ScriptPromise promise = resolver->promise(); 194 const ScriptPromise promise = resolver->promise();
195 195
196 ExecutionContext* executionContext = scriptState->executionContext();
197 // FIXME: May be null due to worker termination: http://crbug.com/413518.
198 if (!executionContext)
199 return ScriptPromise();
200
201 RefPtr<SecurityOrigin> documentOrigin = executionContext->securityOrigin();
202 String errorMessage;
203 if (!executionContext->isPrivilegedContext(errorMessage)) {
204 resolver->reject(DOMException::create(SecurityError, errorMessage));
205 return promise;
206 }
207
196 if (m_nameToCacheMap.contains(cacheName)) { 208 if (m_nameToCacheMap.contains(cacheName)) {
197 Cache* cache = m_nameToCacheMap.find(cacheName)->value; 209 Cache* cache = m_nameToCacheMap.find(cacheName)->value;
198 resolver->resolve(cache); 210 resolver->resolve(cache);
199 return promise; 211 return promise;
200 } 212 }
201 213
202 if (m_webCacheStorage) 214 if (m_webCacheStorage)
203 m_webCacheStorage->dispatchOpen(new WithCacheCallbacks(cacheName, this, resolver), cacheName); 215 m_webCacheStorage->dispatchOpen(new WithCacheCallbacks(cacheName, this, resolver), cacheName);
204 else 216 else
205 resolver->reject(createNoImplementationException()); 217 resolver->reject(createNoImplementationException());
206 218
207 return promise; 219 return promise;
208 } 220 }
209 221
210 ScriptPromise CacheStorage::has(ScriptState* scriptState, const String& cacheNam e) 222 ScriptPromise CacheStorage::has(ScriptState* scriptState, const String& cacheNam e)
211 { 223 {
212 RefPtrWillBeRawPtr<ScriptPromiseResolver> resolver = ScriptPromiseResolver:: create(scriptState); 224 RefPtrWillBeRawPtr<ScriptPromiseResolver> resolver = ScriptPromiseResolver:: create(scriptState);
213 const ScriptPromise promise = resolver->promise(); 225 const ScriptPromise promise = resolver->promise();
214 226
227 ExecutionContext* executionContext = scriptState->executionContext();
228 // FIXME: May be null due to worker termination: http://crbug.com/413518.
229 if (!executionContext)
230 return ScriptPromise();
231
232 RefPtr<SecurityOrigin> documentOrigin = executionContext->securityOrigin();
233 String errorMessage;
234 if (!executionContext->isPrivilegedContext(errorMessage)) {
235 resolver->reject(DOMException::create(SecurityError, errorMessage));
236 return promise;
237 }
238
215 if (m_nameToCacheMap.contains(cacheName)) { 239 if (m_nameToCacheMap.contains(cacheName)) {
216 resolver->resolve(true); 240 resolver->resolve(true);
217 return promise; 241 return promise;
218 } 242 }
219 243
220 if (m_webCacheStorage) 244 if (m_webCacheStorage)
221 m_webCacheStorage->dispatchHas(new Callbacks(resolver), cacheName); 245 m_webCacheStorage->dispatchHas(new Callbacks(resolver), cacheName);
222 else 246 else
223 resolver->reject(createNoImplementationException()); 247 resolver->reject(createNoImplementationException());
224 248
225 return promise; 249 return promise;
226 } 250 }
227 251
228 ScriptPromise CacheStorage::deleteFunction(ScriptState* scriptState, const Strin g& cacheName) 252 ScriptPromise CacheStorage::deleteFunction(ScriptState* scriptState, const Strin g& cacheName)
229 { 253 {
230 RefPtrWillBeRawPtr<ScriptPromiseResolver> resolver = ScriptPromiseResolver:: create(scriptState); 254 RefPtrWillBeRawPtr<ScriptPromiseResolver> resolver = ScriptPromiseResolver:: create(scriptState);
231 const ScriptPromise promise = resolver->promise(); 255 const ScriptPromise promise = resolver->promise();
232 256
257 ExecutionContext* executionContext = scriptState->executionContext();
258 // FIXME: May be null due to worker termination: http://crbug.com/413518.
259 if (!executionContext)
260 return ScriptPromise();
261
262 RefPtr<SecurityOrigin> documentOrigin = executionContext->securityOrigin();
263 String errorMessage;
264 if (!executionContext->isPrivilegedContext(errorMessage)) {
265 resolver->reject(DOMException::create(SecurityError, errorMessage));
266 return promise;
267 }
268
233 if (m_webCacheStorage) 269 if (m_webCacheStorage)
234 m_webCacheStorage->dispatchDelete(new DeleteCallbacks(cacheName, this, r esolver), cacheName); 270 m_webCacheStorage->dispatchDelete(new DeleteCallbacks(cacheName, this, r esolver), cacheName);
235 else 271 else
236 resolver->reject(createNoImplementationException()); 272 resolver->reject(createNoImplementationException());
237 273
238 return promise; 274 return promise;
239 } 275 }
240 276
241 ScriptPromise CacheStorage::keys(ScriptState* scriptState) 277 ScriptPromise CacheStorage::keys(ScriptState* scriptState)
242 { 278 {
243 RefPtrWillBeRawPtr<ScriptPromiseResolver> resolver = ScriptPromiseResolver:: create(scriptState); 279 RefPtrWillBeRawPtr<ScriptPromiseResolver> resolver = ScriptPromiseResolver:: create(scriptState);
244 const ScriptPromise promise = resolver->promise(); 280 const ScriptPromise promise = resolver->promise();
245 281
282 ExecutionContext* executionContext = scriptState->executionContext();
283 // FIXME: May be null due to worker termination: http://crbug.com/413518.
284 if (!executionContext)
285 return ScriptPromise();
286
287 RefPtr<SecurityOrigin> documentOrigin = executionContext->securityOrigin();
288 String errorMessage;
289 if (!executionContext->isPrivilegedContext(errorMessage)) {
290 resolver->reject(DOMException::create(SecurityError, errorMessage));
291 return promise;
292 }
Mike West 2015/06/18 19:54:57 Nit: It might be reasonable to extract this repeat
293
246 if (m_webCacheStorage) 294 if (m_webCacheStorage)
247 m_webCacheStorage->dispatchKeys(new KeysCallbacks(resolver)); 295 m_webCacheStorage->dispatchKeys(new KeysCallbacks(resolver));
248 else 296 else
249 resolver->reject(createNoImplementationException()); 297 resolver->reject(createNoImplementationException());
250 298
251 return promise; 299 return promise;
252 } 300 }
253 301
254 ScriptPromise CacheStorage::match(ScriptState* scriptState, const RequestInfo& r equest, const CacheQueryOptions& options, ExceptionState& exceptionState) 302 ScriptPromise CacheStorage::match(ScriptState* scriptState, const RequestInfo& r equest, const CacheQueryOptions& options, ExceptionState& exceptionState)
255 { 303 {
256 ASSERT(!request.isNull()); 304 ASSERT(!request.isNull());
257 305
306 ExecutionContext* executionContext = scriptState->executionContext();
307 // FIXME: May be null due to worker termination: http://crbug.com/413518.
308 if (!executionContext)
309 return ScriptPromise();
310
311 RefPtr<SecurityOrigin> documentOrigin = executionContext->securityOrigin();
312 String errorMessage;
313 if (!executionContext->isPrivilegedContext(errorMessage)) {
314 exceptionState.throwSecurityError(errorMessage);
315 return ScriptPromise();
316 }
317
258 if (request.isRequest()) 318 if (request.isRequest())
259 return matchImpl(scriptState, request.getAsRequest(), options); 319 return matchImpl(scriptState, request.getAsRequest(), options);
260 Request* newRequest = Request::create(scriptState, request.getAsUSVString(), exceptionState); 320 Request* newRequest = Request::create(scriptState, request.getAsUSVString(), exceptionState);
261 if (exceptionState.hadException()) 321 if (exceptionState.hadException())
262 return ScriptPromise(); 322 return ScriptPromise();
263 return matchImpl(scriptState, newRequest, options); 323 return matchImpl(scriptState, newRequest, options);
264 } 324 }
265 325
266 ScriptPromise CacheStorage::matchImpl(ScriptState* scriptState, const Request* r equest, const CacheQueryOptions& options) 326 ScriptPromise CacheStorage::matchImpl(ScriptState* scriptState, const Request* r equest, const CacheQueryOptions& options)
267 { 327 {
(...skipping 25 matching lines...) Expand all
293 { 353 {
294 m_webCacheStorage.clear(); 354 m_webCacheStorage.clear();
295 } 355 }
296 356
297 DEFINE_TRACE(CacheStorage) 357 DEFINE_TRACE(CacheStorage)
298 { 358 {
299 visitor->trace(m_nameToCacheMap); 359 visitor->trace(m_nameToCacheMap);
300 } 360 }
301 361
302 } // namespace blink 362 } // namespace blink
OLDNEW
« no previous file with comments | « LayoutTests/http/tests/security/powerfulFeatureRestrictions/cachestorage-on-insecure-origin.html ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698