content/browser/service_worker/service_worker_version.cc - Issue 1505023004: ServiceWorker: Early reject error if url is something wrong.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/browser/service_worker/service_worker_version.cc

Issue 1505023004: ServiceWorker: Early reject error if url is something wrong. Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: content/browser/service_worker/service_worker_version.cc

diff --git a/content/browser/service_worker/service_worker_version.cc b/content/browser/service_worker/service_worker_version.cc

index 6c0d21a886b4b35d86b925802d25b95741652773..b50e00f0fd31dd2cba227a6647e7ed8414986e95 100644

--- a/content/browser/service_worker/service_worker_version.cc

+++ b/content/browser/service_worker/service_worker_version.cc

@@ -1538,22 +1538,6 @@ void ServiceWorkerVersion::OnOpenWindow(int request_id, GURL url) {

return;

}

- // The renderer treats all URLs in the about: scheme as being about:blank.

- // Canonicalize about: URLs to about:blank.

- if (url.SchemeIs(url::kAboutScheme))

- url = GURL(url::kAboutBlankURL);

- // Reject requests for URLs that the process is not allowed to access. It's

- // possible to receive such requests since the renderer-side checks are

- // slightly different. For example, the view-source scheme will not be

- // filtered out by Blink.

- if (!ChildProcessSecurityPolicyImpl::GetInstance()->CanRequestURL(

- embedded_worker_->process_id(), url)) {

- embedded_worker_->SendMessage(ServiceWorkerMsg_OpenWindowError(

- request_id, url.spec() + " cannot be opened."));

- return;

- }

nhiroki 2015/12/09 08:35:42 There would be a possibility that a compromised re

BrowserThread::PostTask(

BrowserThread::UI, FROM_HERE,

base::Bind(&OpenWindowOnUI,

@@ -1739,17 +1723,6 @@ void ServiceWorkerVersion::OnNavigateClient(int request_id,

return;

}

- // Reject requests for URLs that the process is not allowed to access. It's

- // possible to receive such requests since the renderer-side checks are

- // slightly different. For example, the view-source scheme will not be

- // filtered out by Blink.

- if (!ChildProcessSecurityPolicyImpl::GetInstance()->CanRequestURL(

- embedded_worker_->process_id(), url)) {

- embedded_worker_->SendMessage(

- ServiceWorkerMsg_NavigateClientError(request_id, url));

- return;

- }

nhiroki 2015/12/09 08:35:42 ditto.

ServiceWorkerProviderHost* provider_host =

context_->GetProviderHostByClientID(client_uuid);

if (!provider_host || provider_host->active_version() != this) {

« no previous file with comments | « no previous file | third_party/WebKit/LayoutTests/http/tests/serviceworker/chromium/clients-openwindow.html » ('j') | no next file with comments »