chrome/browser/resources/pdf/pdf.js - Issue 1311973002: Prevent leaking PDF data cross-origin

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/resources/pdf/pdf.js

Issue 1311973002: Prevent leaking PDF data cross-origin (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/browser/resources/pdf/pdf.js

diff --git a/chrome/browser/resources/pdf/pdf.js b/chrome/browser/resources/pdf/pdf.js

index 61dd1600f01b3e8c82e191763bc4fe2d7dc240d8..c3171f0b23588d2be51725f4d4e0701a9e682bc3 100644

--- a/chrome/browser/resources/pdf/pdf.js

+++ b/chrome/browser/resources/pdf/pdf.js

@@ -95,6 +95,7 @@ function PDFViewer(browserApi) {

this.browserApi_ = browserApi;

this.loadState_ = LoadState.LOADING;

this.parentWindow_ = null;

+ this.parentOrigin_ = null;

this.delayedScriptingMessages_ = [];

@@ -720,6 +721,7 @@ PDFViewer.prototype = {

handleScriptingMessage: function(message) {

if (this.parentWindow_ != message.source) {

this.parentWindow_ = message.source;

+ this.parentOrigin_ = message.origin;

// Ensure that we notify the embedder if the document is loaded.

if (this.loadState_ != LoadState.LOADING)

this.sendDocumentLoadedMessage_();

@@ -806,11 +808,22 @@ PDFViewer.prototype = {

* @param {Object} message the message to send.

sendScriptingMessage_: function(message) {

- if (this.parentWindow_)

- this.parentWindow_.postMessage(message, '*');

+ if (this.parentWindow_ && this.parentOrigin_) {

+ var targetOrigin;

+ // Only send data back to the embedder if it is from the same origin,

+ // unless we're sending it to ourselves (which could happen in the case

+ // of tests). We also allow documentLoaded messages through as this won't

+ // leak important information.

+ if (this.parentOrigin_ == window.location.origin)

+ targetOrigin = this.parentOrigin_;

+ else if (message.type == 'documentLoaded')

+ targetOrigin = '*';

+ else

+ targetOrigin = this.browserApi_.getStreamInfo().originalUrl;

+ this.parentWindow_.postMessage(message, targetOrigin);

+ }

/**

* @type {Viewport} the viewport of the PDF viewer.

« no previous file with comments | « chrome/browser/pdf/pdf_extension_test.cc ('k') | pdf/out_of_process_instance.cc » ('j') | no next file with comments »