OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "media/blink/buffered_data_source.h" | 5 #include "media/blink/buffered_data_source.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/callback_helpers.h" | 8 #include "base/callback_helpers.h" |
9 #include "base/location.h" | 9 #include "base/location.h" |
10 #include "base/single_thread_task_runner.h" | 10 #include "base/single_thread_task_runner.h" |
11 #include "media/base/media_log.h" | 11 #include "media/base/media_log.h" |
12 #include "net/base/net_errors.h" | 12 #include "net/base/net_errors.h" |
13 #include "third_party/WebKit/public/platform/WebSecurityOrigin.h" | |
14 #include "third_party/WebKit/public/web/WebFrame.h" | |
13 | 15 |
14 using blink::WebFrame; | 16 using blink::WebFrame; |
15 | 17 |
16 namespace { | 18 namespace { |
17 | 19 |
18 // BufferedDataSource has an intermediate buffer, this value governs the initial | 20 // BufferedDataSource has an intermediate buffer, this value governs the initial |
19 // size of that buffer. It is set to 32KB because this is a typical read size | 21 // size of that buffer. It is set to 32KB because this is a typical read size |
20 // of FFmpeg. | 22 // of FFmpeg. |
21 const int kInitialReadBufferSize = 32768; | 23 const int kInitialReadBufferSize = 32768; |
22 | 24 |
(...skipping 326 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
349 | 351 |
350 bool init_cb_is_null = false; | 352 bool init_cb_is_null = false; |
351 { | 353 { |
352 base::AutoLock auto_lock(lock_); | 354 base::AutoLock auto_lock(lock_); |
353 init_cb_is_null = init_cb_.is_null(); | 355 init_cb_is_null = init_cb_.is_null(); |
354 } | 356 } |
355 if (init_cb_is_null) { | 357 if (init_cb_is_null) { |
356 loader_->Stop(); | 358 loader_->Stop(); |
357 return; | 359 return; |
358 } | 360 } |
361 response_original_url_ = loader_->response_original_url(); | |
359 | 362 |
360 // All responses must be successful. Resources that are assumed to be fully | 363 // All responses must be successful. Resources that are assumed to be fully |
361 // buffered must have a known content length. | 364 // buffered must have a known content length. |
362 bool success = status == BufferedResourceLoader::kOk && | 365 bool success = status == BufferedResourceLoader::kOk && |
363 (!assume_fully_buffered() || | 366 (!assume_fully_buffered() || |
364 loader_->instance_size() != kPositionNotSpecified); | 367 loader_->instance_size() != kPositionNotSpecified); |
365 | 368 |
366 if (success) { | 369 if (success) { |
367 total_bytes_ = loader_->instance_size(); | 370 total_bytes_ = loader_->instance_size(); |
368 streaming_ = | 371 streaming_ = |
(...skipping 27 matching lines...) Expand all Loading... | |
396 loader_->range_supported()); | 399 loader_->range_supported()); |
397 } | 400 } |
398 | 401 |
399 base::ResetAndReturn(&init_cb_).Run(success); | 402 base::ResetAndReturn(&init_cb_).Run(success); |
400 } | 403 } |
401 | 404 |
402 void BufferedDataSource::PartialReadStartCallback( | 405 void BufferedDataSource::PartialReadStartCallback( |
403 BufferedResourceLoader::Status status) { | 406 BufferedResourceLoader::Status status) { |
404 DCHECK(render_task_runner_->BelongsToCurrentThread()); | 407 DCHECK(render_task_runner_->BelongsToCurrentThread()); |
405 DCHECK(loader_.get()); | 408 DCHECK(loader_.get()); |
406 | 409 if (status == BufferedResourceLoader::kOk && |
407 if (status == BufferedResourceLoader::kOk) { | 410 CheckPartialResponseURL(loader_->response_original_url())) { |
408 // Once the request has started successfully, we can proceed with | 411 // Once the request has started successfully, we can proceed with |
409 // reading from it. | 412 // reading from it. |
410 ReadInternal(); | 413 ReadInternal(); |
411 return; | 414 return; |
412 } | 415 } |
413 | 416 |
414 // Stop the resource loader since we have received an error. | 417 // Stop the resource loader since we have received an error. |
415 loader_->Stop(); | 418 loader_->Stop(); |
416 | 419 |
417 // TODO(scherkus): we shouldn't have to lock to signal host(), see | 420 // TODO(scherkus): we shouldn't have to lock to signal host(), see |
418 // http://crbug.com/113712 for details. | 421 // http://crbug.com/113712 for details. |
419 base::AutoLock auto_lock(lock_); | 422 base::AutoLock auto_lock(lock_); |
420 if (stop_signal_received_) | 423 if (stop_signal_received_) |
421 return; | 424 return; |
422 ReadOperation::Run(read_op_.Pass(), kReadError); | 425 ReadOperation::Run(read_op_.Pass(), kReadError); |
423 } | 426 } |
424 | 427 |
428 bool BufferedDataSource::CheckPartialResponseURL( | |
429 const GURL& partial_response_original_url) const { | |
430 // If the SecurityOrigin of the frame can read content of the new response, we | |
hubbe
2015/07/06 17:22:47
Why?
Why would we ever support redirects pointing
horo
2015/07/07 01:06:46
In current implementation, redirects pointing to a
falken
2015/07/07 02:32:49
To clarify: YouTube and Vimeo use redirects for th
hubbe
2015/07/08 18:13:23
That's what I thought too. Which I think means tha
horo
2015/07/09 00:14:27
I don't know the real world usage of the media ele
| |
431 // accept. | |
432 if (frame_->securityOrigin().canRequest(partial_response_original_url)) | |
433 return true; | |
434 | |
435 // If the response is generated in a Service Worker we accept. | |
falken
2015/07/07 02:32:49
Please mention here something about why, i.e., the
horo
2015/07/07 03:48:36
yes.
added comments.
| |
436 if (!partial_response_original_url.is_valid()) | |
falken
2015/07/07 02:32:49
is_empty() instead of is_valid
Sidenote: It's a b
horo
2015/07/07 03:48:36
Done.
| |
437 return true; | |
438 | |
439 // Otherwise we don't support mixing different origin responses. If we support | |
440 // this, malicious attackers can scan the bytes of other origin resources by | |
441 // mixing their generated bytes and the target response. See | |
442 // http://crbug.com/489060#c32 for details. | |
443 return response_original_url_.GetOrigin() == | |
444 partial_response_original_url.GetOrigin(); | |
445 } | |
446 | |
425 void BufferedDataSource::ReadCallback( | 447 void BufferedDataSource::ReadCallback( |
426 BufferedResourceLoader::Status status, | 448 BufferedResourceLoader::Status status, |
427 int bytes_read) { | 449 int bytes_read) { |
428 DCHECK(render_task_runner_->BelongsToCurrentThread()); | 450 DCHECK(render_task_runner_->BelongsToCurrentThread()); |
429 | 451 |
430 // TODO(scherkus): we shouldn't have to lock to signal host(), see | 452 // TODO(scherkus): we shouldn't have to lock to signal host(), see |
431 // http://crbug.com/113712 for details. | 453 // http://crbug.com/113712 for details. |
432 base::AutoLock auto_lock(lock_); | 454 base::AutoLock auto_lock(lock_); |
433 if (stop_signal_received_) | 455 if (stop_signal_received_) |
434 return; | 456 return; |
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
551 } | 573 } |
552 | 574 |
553 // If media is currently playing or the page indicated preload=auto or the | 575 // If media is currently playing or the page indicated preload=auto or the |
554 // the server does not support the byte range request or we do not want to go | 576 // the server does not support the byte range request or we do not want to go |
555 // too far ahead of the read head, use threshold strategy to enable/disable | 577 // too far ahead of the read head, use threshold strategy to enable/disable |
556 // deferring when the buffer is full/depleted. | 578 // deferring when the buffer is full/depleted. |
557 loader_->UpdateDeferStrategy(BufferedResourceLoader::kCapacityDefer); | 579 loader_->UpdateDeferStrategy(BufferedResourceLoader::kCapacityDefer); |
558 } | 580 } |
559 | 581 |
560 } // namespace media | 582 } // namespace media |
OLD | NEW |