Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(327)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1530393003: WIP: Move 'X-Frame-Options' checking to the browser. (Closed)

Created:
5 years ago by Mike West
Modified:
4 years, 11 months ago
CC:
chromium-reviews, creis+watch_chromium.org, Charlie Reis, darin-cc_chromium.org, estark, jam, jochen (gone - plz use gerrit), loading-reviews_chromium.org, nasko
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

WIP: Move 'X-Frame-Options' checking to the browser. First pass at a structure that folks can help me evaluate. BUG=555418

Patch Set 1 #

Total comments: 5

Patch Set 2 : Rebase. #

Total comments: 4

Patch Set 3 : Feedback. #

Patch Set 4 : Better. #

Total comments: 7

Patch Set 5 : Moar. #

Total comments: 1

Patch Set 6 : Ugh. #

Total comments: 14
Unified diffs Side-by-side diffs Delta from patch set Stats (+469 lines, -37 lines) Patch
M content/browser/frame_host/navigation_handle_impl.h View 1 2 3 4 5 2 chunks +10 lines, -0 lines 0 comments Download
M content/browser/frame_host/navigation_handle_impl.cc View 1 2 3 4 5 6 chunks +62 lines, -7 lines 1 comment Download
M content/browser/frame_host/navigation_request.h View 1 2 3 4 5 2 chunks +6 lines, -0 lines 0 comments Download
M content/browser/frame_host/navigation_request.cc View 1 2 3 4 5 5 chunks +28 lines, -5 lines 1 comment Download
M content/browser/frame_host/navigator_impl.cc View 1 2 3 4 5 1 chunk +0 lines, -1 line 0 comments Download
A content/browser/frame_host/xfo_throttle.h View 1 2 1 chunk +54 lines, -0 lines 8 comments Download
A content/browser/frame_host/xfo_throttle.cc View 1 2 3 4 1 chunk +157 lines, -0 lines 2 comments Download
A content/browser/frame_host/xfo_throttle_unittest.cc View 1 2 3 4 5 1 chunk +115 lines, -0 lines 0 comments Download
M content/browser/loader/navigation_resource_throttle.cc View 1 2 3 4 chunks +14 lines, -4 lines 0 comments Download
M content/content_browser.gypi View 1 2 3 4 5 1 chunk +2 lines, -0 lines 0 comments Download
M content/content_tests.gypi View 1 2 3 4 5 1 chunk +1 line, -0 lines 0 comments Download
M content/public/browser/navigation_throttle.h View 1 2 3 2 chunks +13 lines, -0 lines 2 comments Download
M content/public/browser/navigation_throttle.cc View 1 chunk +5 lines, -0 lines 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-deny.html View 1 2 3 4 1 chunk +1 line, -1 line 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-multiple-headers-conflict-expected.txt View 1 2 3 4 1 chunk +1 line, -2 lines 0 comments Download
M third_party/WebKit/Source/core/loader/DocumentLoader.cpp View 1 2 3 4 5 1 chunk +0 lines, -17 lines 0 comments Download

Messages

Total messages: 22 (7 generated)
Mike West
clamy@: Would you mind taking a look at this from a structural perspective? If you're ...
5 years ago (2015-12-17 13:09:15 UTC) #2
Mike West
https://codereview.chromium.org/1530393003/diff/1/chrome/browser/security/xfo_throttle.h File chrome/browser/security/xfo_throttle.h (right): https://codereview.chromium.org/1530393003/diff/1/chrome/browser/security/xfo_throttle.h#newcode22 chrome/browser/security/xfo_throttle.h:22: class XFOThrottle : public NavigationThrottle { On 2015/12/17 at ...
5 years ago (2015-12-17 13:31:29 UTC) #3
Mike West
https://codereview.chromium.org/1530393003/diff/20001/chrome/browser/security/xfo_throttle.cc File chrome/browser/security/xfo_throttle.cc (right): https://codereview.chromium.org/1530393003/diff/20001/chrome/browser/security/xfo_throttle.cc#newcode39 chrome/browser/security/xfo_throttle.cc:39: Here, I need to grab the frame tree in ...
5 years ago (2015-12-17 13:37:55 UTC) #4
Mike West
Emily, Jochen, and Charlie, FYI.
5 years ago (2015-12-17 13:39:49 UTC) #5
nasko
Haven't looked at the code, just the files, but have a fundamental question - why ...
5 years ago (2015-12-17 15:02:04 UTC) #7
Mike West
On 2015/12/17 at 15:02:04, nasko wrote: > Haven't looked at the code, just the files, ...
5 years ago (2015-12-17 16:51:06 UTC) #8
kinuko
Driving-by, just noticed this, interesting! Haven't really looked into the code either but +1 having ...
5 years ago (2015-12-18 04:25:52 UTC) #9
clamy
Thanks! The general direction seems right, with the caveat that the xfo checks should really ...
5 years ago (2015-12-21 10:13:29 UTC) #10
Mike West
Here's another pass that I think is closer to what might actually work. Would y'all ...
4 years, 11 months ago (2016-01-15 15:37:10 UTC) #12
Mike West
Jochen, you had an idea about who I should be talking to regarding the error ...
4 years, 11 months ago (2016-01-18 13:26:01 UTC) #14
Mike West
+ellyjones@: Hello! I am reliably informed that you can help me figure out a sane ...
4 years, 11 months ago (2016-01-18 14:52:41 UTC) #16
clamy
Thanks! I think it's looking better, and have a few comments below. https://codereview.chromium.org/1530393003/diff/80001/content/browser/frame_host/navigation_handle_impl.cc File content/browser/frame_host/navigation_handle_impl.cc ...
4 years, 11 months ago (2016-01-18 17:45:32 UTC) #17
Mike West
clamy@: Thanks! I've started poking at the PlzNavigate bits, but it's turning out to be ...
4 years, 11 months ago (2016-01-20 18:45:39 UTC) #19
nasko
Some drive-by comments. https://codereview.chromium.org/1530393003/diff/120001/content/browser/frame_host/navigation_handle_impl.cc File content/browser/frame_host/navigation_handle_impl.cc (right): https://codereview.chromium.org/1530393003/diff/120001/content/browser/frame_host/navigation_handle_impl.cc#newcode238 content/browser/frame_host/navigation_handle_impl.cc:238: if (scoped_ptr<content::NavigationThrottle> xfo_throttle = nit: scoped_ptr ...
4 years, 11 months ago (2016-01-20 23:15:07 UTC) #21
Mike West
4 years, 11 months ago (2016-01-21 14:51:24 UTC) #22 
Thanks Nasko. I'm closing out this CL, splitting it into
https://codereview.chromium.org/1616943003 which introduces some infrastructure,
and https://codereview.chromium.org/1617043002 for the throttles. Please feel
encouraged to take a look at those CLs. :)

https://codereview.chromium.org/1530393003/diff/120001/content/browser/frame_...
File content/browser/frame_host/xfo_throttle.cc (right):

https://codereview.chromium.org/1530393003/diff/120001/content/browser/frame_...
content/browser/frame_host/xfo_throttle.cc:61: url::Origin
current_origin(navigation_handle()->GetURL());
On 2016/01/20 at 23:15:07, nasko wrote:
> Shouldn't we be using the GetOrigin() from the current RenderFrameHost for the
FrameTreeNode?

XFO looks at the origin of the URL, not the origin of the document. That is,
`example.com` -> `example.com` -> `example.com` matches "sameorigin" even if the
middle frame is sandboxed. I guess we could consider changing that behavior?
Probably wouldn't impact many pages, but it would be a behavioral change.

https://codereview.chromium.org/1530393003/diff/120001/content/browser/frame_...
File content/browser/frame_host/xfo_throttle.h (right):

https://codereview.chromium.org/1530393003/diff/120001/content/browser/frame_...
content/browser/frame_host/xfo_throttle.h:1: // Copyright 2015 The Chromium
Authors. All rights reserved.
On 2016/01/20 at 23:15:07, nasko wrote:
> 2016 :)

It was 2015 when I started. :)

https://codereview.chromium.org/1530393003/diff/120001/content/browser/frame_...
content/browser/frame_host/xfo_throttle.h:21: class CONTENT_EXPORT XFOThrottle :
public NavigationThrottle {
On 2016/01/20 at 23:15:07, nasko wrote:
> XfoThrottle, as per semi-recent chromium-dev@ discussions on capitalization.

...

Style rules never get better, do they? They just trend slowly and inexorably
towards terribleness. :(

https://codereview.chromium.org/1530393003/diff/120001/content/browser/frame_...
content/browser/frame_host/xfo_throttle.h:26: SAMEORIGIN,
On 2016/01/20 at 23:15:07, nasko wrote:
> Why use _ in NOT_PRESENT, but not in SAME_ORITIN and ALLOW_ALL?

Changed to `NONE` to avoid the question.

https://codereview.chromium.org/1530393003/diff/120001/content/browser/frame_...
content/browser/frame_host/xfo_throttle.h:36: static
scoped_ptr<NavigationThrottle> MaybeCreateThrottleFor(
On 2016/01/20 at 23:15:07, nasko wrote:
> Static methods go first in the class, especially creation related ones.

Done.

https://codereview.chromium.org/1530393003/diff/120001/content/public/browser...
File content/public/browser/navigation_throttle.h (right):

https://codereview.chromium.org/1530393003/diff/120001/content/public/browser...
content/public/browser/navigation_throttle.h:68: // must not return DEFER, as it
is the last step before committing.
On 2016/01/20 at 23:15:07, nasko wrote:
> Should we be adding BLOCK to the lists of possible results in these comments?

We should, and have. Thanks!

Powered by Google App Engine
This is Rietveld 408576698