OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/service_worker/service_worker_version.h" | 5 #include "content/browser/service_worker/service_worker_version.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <map> | 8 #include <map> |
9 #include <string> | 9 #include <string> |
10 | 10 |
(...skipping 1520 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1531 | 1531 |
1532 if (!url.is_valid()) { | 1532 if (!url.is_valid()) { |
1533 DVLOG(1) << "Received unexpected invalid URL from renderer process."; | 1533 DVLOG(1) << "Received unexpected invalid URL from renderer process."; |
1534 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE, | 1534 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE, |
1535 base::Bind(&KillEmbeddedWorkerProcess, | 1535 base::Bind(&KillEmbeddedWorkerProcess, |
1536 embedded_worker_->process_id(), | 1536 embedded_worker_->process_id(), |
1537 RESULT_CODE_KILLED_BAD_MESSAGE)); | 1537 RESULT_CODE_KILLED_BAD_MESSAGE)); |
1538 return; | 1538 return; |
1539 } | 1539 } |
1540 | 1540 |
1541 // The renderer treats all URLs in the about: scheme as being about:blank. | |
1542 // Canonicalize about: URLs to about:blank. | |
1543 if (url.SchemeIs(url::kAboutScheme)) | |
1544 url = GURL(url::kAboutBlankURL); | |
1545 | |
1546 // Reject requests for URLs that the process is not allowed to access. It's | |
1547 // possible to receive such requests since the renderer-side checks are | |
1548 // slightly different. For example, the view-source scheme will not be | |
1549 // filtered out by Blink. | |
1550 if (!ChildProcessSecurityPolicyImpl::GetInstance()->CanRequestURL( | |
1551 embedded_worker_->process_id(), url)) { | |
1552 embedded_worker_->SendMessage(ServiceWorkerMsg_OpenWindowError( | |
1553 request_id, url.spec() + " cannot be opened.")); | |
1554 return; | |
1555 } | |
nhiroki
2015/12/09 08:35:42
There would be a possibility that a compromised re
| |
1556 | |
1557 BrowserThread::PostTask( | 1541 BrowserThread::PostTask( |
1558 BrowserThread::UI, FROM_HERE, | 1542 BrowserThread::UI, FROM_HERE, |
1559 base::Bind(&OpenWindowOnUI, | 1543 base::Bind(&OpenWindowOnUI, |
1560 url, | 1544 url, |
1561 script_url_, | 1545 script_url_, |
1562 embedded_worker_->process_id(), | 1546 embedded_worker_->process_id(), |
1563 make_scoped_refptr(context_->wrapper()), | 1547 make_scoped_refptr(context_->wrapper()), |
1564 base::Bind(&ServiceWorkerVersion::DidOpenWindow, | 1548 base::Bind(&ServiceWorkerVersion::DidOpenWindow, |
1565 weak_factory_.GetWeakPtr(), | 1549 weak_factory_.GetWeakPtr(), |
1566 request_id))); | 1550 request_id))); |
(...skipping 165 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1732 | 1716 |
1733 if (!url.is_valid() || !base::IsValidGUID(client_uuid)) { | 1717 if (!url.is_valid() || !base::IsValidGUID(client_uuid)) { |
1734 DVLOG(1) << "Received unexpected invalid URL/UUID from renderer process."; | 1718 DVLOG(1) << "Received unexpected invalid URL/UUID from renderer process."; |
1735 BrowserThread::PostTask( | 1719 BrowserThread::PostTask( |
1736 BrowserThread::UI, FROM_HERE, | 1720 BrowserThread::UI, FROM_HERE, |
1737 base::Bind(&KillEmbeddedWorkerProcess, embedded_worker_->process_id(), | 1721 base::Bind(&KillEmbeddedWorkerProcess, embedded_worker_->process_id(), |
1738 RESULT_CODE_KILLED_BAD_MESSAGE)); | 1722 RESULT_CODE_KILLED_BAD_MESSAGE)); |
1739 return; | 1723 return; |
1740 } | 1724 } |
1741 | 1725 |
1742 // Reject requests for URLs that the process is not allowed to access. It's | |
1743 // possible to receive such requests since the renderer-side checks are | |
1744 // slightly different. For example, the view-source scheme will not be | |
1745 // filtered out by Blink. | |
1746 if (!ChildProcessSecurityPolicyImpl::GetInstance()->CanRequestURL( | |
1747 embedded_worker_->process_id(), url)) { | |
1748 embedded_worker_->SendMessage( | |
1749 ServiceWorkerMsg_NavigateClientError(request_id, url)); | |
1750 return; | |
1751 } | |
nhiroki
2015/12/09 08:35:42
ditto.
| |
1752 | |
1753 ServiceWorkerProviderHost* provider_host = | 1726 ServiceWorkerProviderHost* provider_host = |
1754 context_->GetProviderHostByClientID(client_uuid); | 1727 context_->GetProviderHostByClientID(client_uuid); |
1755 if (!provider_host || provider_host->active_version() != this) { | 1728 if (!provider_host || provider_host->active_version() != this) { |
1756 embedded_worker_->SendMessage( | 1729 embedded_worker_->SendMessage( |
1757 ServiceWorkerMsg_NavigateClientError(request_id, url)); | 1730 ServiceWorkerMsg_NavigateClientError(request_id, url)); |
1758 return; | 1731 return; |
1759 } | 1732 } |
1760 | 1733 |
1761 BrowserThread::PostTask( | 1734 BrowserThread::PostTask( |
1762 BrowserThread::UI, FROM_HERE, | 1735 BrowserThread::UI, FROM_HERE, |
(...skipping 660 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2423 void ServiceWorkerVersion::OnBeginEvent() { | 2396 void ServiceWorkerVersion::OnBeginEvent() { |
2424 if (should_exclude_from_uma_ || running_status() != RUNNING || | 2397 if (should_exclude_from_uma_ || running_status() != RUNNING || |
2425 idle_time_.is_null()) { | 2398 idle_time_.is_null()) { |
2426 return; | 2399 return; |
2427 } | 2400 } |
2428 ServiceWorkerMetrics::RecordTimeBetweenEvents(base::TimeTicks::Now() - | 2401 ServiceWorkerMetrics::RecordTimeBetweenEvents(base::TimeTicks::Now() - |
2429 idle_time_); | 2402 idle_time_); |
2430 } | 2403 } |
2431 | 2404 |
2432 } // namespace content | 2405 } // namespace content |
OLD | NEW |