chrome/browser/resources/pdf/pdf.js - Issue 1311973002: Prevent leaking PDF data cross-origin

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/resources/pdf/pdf.js

Issue 1311973002: Prevent leaking PDF data cross-origin (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/browser/resources/pdf/pdf.js

diff --git a/chrome/browser/resources/pdf/pdf.js b/chrome/browser/resources/pdf/pdf.js

index 61dd1600f01b3e8c82e191763bc4fe2d7dc240d8..c4a282102e5e574a3bf4a4df3ff8e6a2dfbe8644 100644

--- a/chrome/browser/resources/pdf/pdf.js

+++ b/chrome/browser/resources/pdf/pdf.js

@@ -95,6 +95,7 @@ function PDFViewer(browserApi) {

this.browserApi_ = browserApi;

this.loadState_ = LoadState.LOADING;

this.parentWindow_ = null;

+ this.parentOrigin_ = null;

this.delayedScriptingMessages_ = [];

@@ -720,6 +721,7 @@ PDFViewer.prototype = {

handleScriptingMessage: function(message) {

if (this.parentWindow_ != message.source) {

this.parentWindow_ = message.source;

+ this.parentOrigin_ = message.origin;

// Ensure that we notify the embedder if the document is loaded.

if (this.loadState_ != LoadState.LOADING)

this.sendDocumentLoadedMessage_();

@@ -806,10 +808,25 @@ PDFViewer.prototype = {

* @param {Object} message the message to send.

sendScriptingMessage_: function(message) {

- if (this.parentWindow_)

- this.parentWindow_.postMessage(message, '*');

- },

+ if (this.parentWindow_ && this.parentOrigin_) {

+ var targetOrigin;

+ // Only send data back to the embedder if it is from the same origin,

+ // unless we're sending it to ourselves (which could happen in the case

+ // of tests). We also allow documentLoaded messages through as this won't

+ // leak important information.

+ if (this.parentOrigin_ == window.location.origin)

+ targetOrigin = this.parentOrigin_;

+ else if (message.type == 'documentLoaded')

+ targetOrigin = '*';

+ else

+ targetOrigin = this.browserApi_.getStreamInfo().originalUrl;

+ this.parentWindow_.postMessage(message, targetOrigin);

+ // Dispatch an event which can be hooked into for testing.

+ window.dispatchEvent(new CustomEvent('scripting-message-sent',

Sam McNally 2015/08/25 03:11:20 Could you add an extra listener on the plugin obje

raymes 2015/08/25 04:02:23 Done.

+ { 'detail': { 'target': this.parentWindow_, 'message': message } }));

+ }

+ },

/**

* @type {Viewport} the viewport of the PDF viewer.

« chrome/browser/pdf/pdf_extension_test.cc ('K') | « chrome/browser/pdf/pdf_extension_test.cc ('k') | pdf/out_of_process_instance.cc » ('j') | pdf/out_of_process_instance.cc » ('J')