Chromium Code Reviews Chromium Code Reviews
Issue 1530393003:
WIP: Move 'X-Frame-Options' checking to the browser. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/frame_host/navigation_handle_impl.h" | 5 #include "content/browser/frame_host/navigation_handle_impl.h" |
| 6 | 6 |
| 7 #include <utility> | 7 #include <utility> |
| 8 | 8 |
| 9 #include "content/browser/frame_host/frame_tree_node.h" | 9 #include "content/browser/frame_host/frame_tree_node.h" |
| 10 #include "content/browser/frame_host/navigator.h" | 10 #include "content/browser/frame_host/navigator.h" |
| 11 #include "content/browser/frame_host/navigator_delegate.h" | 11 #include "content/browser/frame_host/navigator_delegate.h" |
| 12 #include "content/browser/frame_host/xfo_throttle.h" | |
| 12 #include "content/browser/service_worker/service_worker_context_wrapper.h" | 13 #include "content/browser/service_worker/service_worker_context_wrapper.h" |
| 13 #include "content/browser/service_worker/service_worker_navigation_handle.h" | 14 #include "content/browser/service_worker/service_worker_navigation_handle.h" |
| 14 #include "content/public/browser/content_browser_client.h" | 15 #include "content/public/browser/content_browser_client.h" |
| 15 #include "content/public/common/browser_side_navigation_policy.h" | 16 #include "content/public/common/browser_side_navigation_policy.h" |
| 16 #include "content/public/common/content_client.h" | 17 #include "content/public/common/content_client.h" |
| 17 #include "net/url_request/redirect_info.h" | 18 #include "net/url_request/redirect_info.h" |
| 18 | 19 |
| 19 namespace content { | 20 namespace content { |
| 20 | 21 |
| 21 namespace { | 22 namespace { |
| (...skipping 202 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 224 // Update the navigation parameters. | 225 // Update the navigation parameters. |
| 225 is_post_ = is_post; | 226 is_post_ = is_post; |
| 226 sanitized_referrer_ = sanitized_referrer; | 227 sanitized_referrer_ = sanitized_referrer; |
| 227 has_user_gesture_ = has_user_gesture; | 228 has_user_gesture_ = has_user_gesture; |
| 228 transition_ = transition; | 229 transition_ = transition; |
| 229 is_external_protocol_ = is_external_protocol; | 230 is_external_protocol_ = is_external_protocol; |
| 230 | 231 |
| 231 state_ = WILL_SEND_REQUEST; | 232 state_ = WILL_SEND_REQUEST; |
| 232 complete_callback_ = callback; | 233 complete_callback_ = callback; |
| 233 | 234 |
| 234 // Register the navigation throttles. The ScopedVector returned by | 235 // Register the platform's navigation throttles. |
| 235 // GetNavigationThrottles is not assigned to throttles_ directly because it | 236 // |
| 236 // would overwrite any throttle previously added with | 237 // TODO(mkwst): Add support for CSP's 'frame-ancestors'. |
| 237 // RegisterThrottleForTesting. | 238 if (scoped_ptr<content::NavigationThrottle> xfo_throttle = |
| 239 XFOThrottle::MaybeCreateThrottleFor(this)) { | |
| 240 throttles_.push_back(std::move(xfo_throttle)); | |
| 241 } | |
| 242 | |
| 243 // Register the embedder's navigation throttles. | |
| 238 ScopedVector<NavigationThrottle> throttles_to_register = | 244 ScopedVector<NavigationThrottle> throttles_to_register = |
| 239 GetContentClient()->browser()->CreateThrottlesForNavigation(this); | 245 GetContentClient()->browser()->CreateThrottlesForNavigation(this); |
| 240 if (throttles_to_register.size() > 0) { | 246 if (throttles_to_register.size() > 0) { |
| 241 throttles_.insert(throttles_.end(), throttles_to_register.begin(), | 247 throttles_.insert(throttles_.end(), throttles_to_register.begin(), |
| 242 throttles_to_register.end()); | 248 throttles_to_register.end()); |
| 243 throttles_to_register.weak_clear(); | 249 throttles_to_register.weak_clear(); |
| 244 } | 250 } |
| 245 | 251 |
| 246 // Notify each throttle of the request. | 252 // Notify each throttle of the request. |
| 247 NavigationThrottle::ThrottleCheckResult result = CheckWillStartRequest(); | 253 NavigationThrottle::ThrottleCheckResult result = CheckWillStartRequest(); |
| (...skipping 27 matching lines...) Expand all Loading... | |
| 275 // If the navigation is not deferred, run the callback. | 281 // If the navigation is not deferred, run the callback. |
| 276 if (result != NavigationThrottle::DEFER) | 282 if (result != NavigationThrottle::DEFER) |
| 277 RunCompleteCallback(result); | 283 RunCompleteCallback(result); |
| 278 } | 284 } |
| 279 | 285 |
| 280 void NavigationHandleImpl::DidRedirectNavigation(const GURL& new_url) { | 286 void NavigationHandleImpl::DidRedirectNavigation(const GURL& new_url) { |
| 281 url_ = new_url; | 287 url_ = new_url; |
| 282 GetDelegate()->DidRedirectNavigation(this); | 288 GetDelegate()->DidRedirectNavigation(this); |
| 283 } | 289 } |
| 284 | 290 |
| 291 void NavigationHandleImpl::WillProcessResponse( | |
|
clamy
2016/01/18 17:45:32
You also need to call this method in the PlzNaviga
| |
| 292 RenderFrameHostImpl* render_frame_host, | |
| 293 scoped_refptr<net::HttpResponseHeaders> response_headers, | |
| 294 const ThrottleChecksFinishedCallback& callback) { | |
| 295 DCHECK(!render_frame_host_ || render_frame_host_ == render_frame_host); | |
| 296 render_frame_host_ = render_frame_host; | |
| 297 response_headers_ = response_headers; | |
| 298 state_ = READY_TO_COMMIT; | |
| 299 complete_callback_ = callback; | |
| 300 | |
| 301 NavigationThrottle::ThrottleCheckResult result = CheckWillProcessResponse(); | |
| 302 DCHECK(result != NavigationThrottle::DEFER); | |
| 303 if (result == NavigationThrottle::PROCEED) | |
| 304 ReadyToCommitNavigation(render_frame_host, response_headers); | |
| 305 | |
| 306 RunCompleteCallback(result); | |
| 307 } | |
| 308 | |
| 285 void NavigationHandleImpl::ReadyToCommitNavigation( | 309 void NavigationHandleImpl::ReadyToCommitNavigation( |
| 286 RenderFrameHostImpl* render_frame_host, | 310 RenderFrameHostImpl* render_frame_host, |
| 287 scoped_refptr<net::HttpResponseHeaders> response_headers) { | 311 scoped_refptr<net::HttpResponseHeaders> response_headers) { |
| 288 DCHECK(!render_frame_host_ || render_frame_host_ == render_frame_host); | 312 DCHECK(!render_frame_host_ || render_frame_host_ == render_frame_host); |
| 289 render_frame_host_ = render_frame_host; | 313 render_frame_host_ = render_frame_host; |
| 290 response_headers_ = response_headers; | 314 response_headers_ = response_headers; |
| 291 state_ = READY_TO_COMMIT; | 315 state_ = READY_TO_COMMIT; |
| 292 | 316 |
| 293 // Only notify the WebContentsObservers when PlzNavigate is enabled, as | 317 // Only notify the WebContentsObservers when PlzNavigate is enabled, as |
| 294 // |render_frame_host_| may be wrong in the case of transfer navigations. | 318 // |render_frame_host_| may be wrong in the case of transfer navigations. |
| (...skipping 15 matching lines...) Expand all Loading... | |
| 310 DCHECK(state_ == WILL_SEND_REQUEST || state_ == DEFERRING_START); | 334 DCHECK(state_ == WILL_SEND_REQUEST || state_ == DEFERRING_START); |
| 311 DCHECK(state_ != WILL_SEND_REQUEST || next_index_ == 0); | 335 DCHECK(state_ != WILL_SEND_REQUEST || next_index_ == 0); |
| 312 DCHECK(state_ != DEFERRING_START || next_index_ != 0); | 336 DCHECK(state_ != DEFERRING_START || next_index_ != 0); |
| 313 for (size_t i = next_index_; i < throttles_.size(); ++i) { | 337 for (size_t i = next_index_; i < throttles_.size(); ++i) { |
| 314 NavigationThrottle::ThrottleCheckResult result = | 338 NavigationThrottle::ThrottleCheckResult result = |
| 315 throttles_[i]->WillStartRequest(); | 339 throttles_[i]->WillStartRequest(); |
| 316 switch (result) { | 340 switch (result) { |
| 317 case NavigationThrottle::PROCEED: | 341 case NavigationThrottle::PROCEED: |
| 318 continue; | 342 continue; |
| 319 | 343 |
| 344 case NavigationThrottle::BLOCK: | |
| 320 case NavigationThrottle::CANCEL: | 345 case NavigationThrottle::CANCEL: |
| 321 case NavigationThrottle::CANCEL_AND_IGNORE: | 346 case NavigationThrottle::CANCEL_AND_IGNORE: |
| 322 state_ = CANCELING; | 347 state_ = CANCELING; |
| 323 return result; | 348 return result; |
| 324 | 349 |
| 325 case NavigationThrottle::DEFER: | 350 case NavigationThrottle::DEFER: |
| 326 state_ = DEFERRING_START; | 351 state_ = DEFERRING_START; |
| 327 next_index_ = i + 1; | 352 next_index_ = i + 1; |
| 328 return result; | 353 return result; |
| 329 | 354 |
| (...skipping 11 matching lines...) Expand all Loading... | |
| 341 DCHECK(state_ == WILL_REDIRECT_REQUEST || state_ == DEFERRING_REDIRECT); | 366 DCHECK(state_ == WILL_REDIRECT_REQUEST || state_ == DEFERRING_REDIRECT); |
| 342 DCHECK(state_ != WILL_REDIRECT_REQUEST || next_index_ == 0); | 367 DCHECK(state_ != WILL_REDIRECT_REQUEST || next_index_ == 0); |
| 343 DCHECK(state_ != DEFERRING_REDIRECT || next_index_ != 0); | 368 DCHECK(state_ != DEFERRING_REDIRECT || next_index_ != 0); |
| 344 for (size_t i = next_index_; i < throttles_.size(); ++i) { | 369 for (size_t i = next_index_; i < throttles_.size(); ++i) { |
| 345 NavigationThrottle::ThrottleCheckResult result = | 370 NavigationThrottle::ThrottleCheckResult result = |
| 346 throttles_[i]->WillRedirectRequest(); | 371 throttles_[i]->WillRedirectRequest(); |
| 347 switch (result) { | 372 switch (result) { |
| 348 case NavigationThrottle::PROCEED: | 373 case NavigationThrottle::PROCEED: |
| 349 continue; | 374 continue; |
| 350 | 375 |
| 376 case NavigationThrottle::BLOCK: | |
| 351 case NavigationThrottle::CANCEL: | 377 case NavigationThrottle::CANCEL: |
| 352 case NavigationThrottle::CANCEL_AND_IGNORE: | 378 case NavigationThrottle::CANCEL_AND_IGNORE: |
| 353 state_ = CANCELING; | 379 state_ = CANCELING; |
| 354 return result; | 380 return result; |
| 355 | 381 |
| 356 case NavigationThrottle::DEFER: | 382 case NavigationThrottle::DEFER: |
| 357 state_ = DEFERRING_REDIRECT; | 383 state_ = DEFERRING_REDIRECT; |
| 358 next_index_ = i + 1; | 384 next_index_ = i + 1; |
| 359 return result; | 385 return result; |
| 360 | 386 |
| 361 default: | 387 default: |
| 362 NOTREACHED(); | 388 NOTREACHED(); |
| 363 } | 389 } |
| 364 } | 390 } |
| 365 next_index_ = 0; | 391 next_index_ = 0; |
| 366 state_ = WILL_REDIRECT_REQUEST; | 392 state_ = WILL_REDIRECT_REQUEST; |
| 367 return NavigationThrottle::PROCEED; | 393 return NavigationThrottle::PROCEED; |
| 368 } | 394 } |
| 369 | 395 |
| 396 NavigationThrottle::ThrottleCheckResult | |
| 397 NavigationHandleImpl::CheckWillProcessResponse() { | |
| 398 DCHECK(state_ == READY_TO_COMMIT); | |
| 399 for (size_t i = next_index_; i < throttles_.size(); ++i) { | |
| 400 NavigationThrottle::ThrottleCheckResult result = | |
| 401 throttles_[i]->WillProcessResponse(); | |
| 402 switch (result) { | |
| 403 case NavigationThrottle::PROCEED: | |
| 404 continue; | |
| 405 | |
| 406 case NavigationThrottle::BLOCK: | |
| 407 case NavigationThrottle::CANCEL: | |
| 408 case NavigationThrottle::CANCEL_AND_IGNORE: | |
| 409 state_ = CANCELING; | |
| 410 return result; | |
| 411 | |
| 412 case NavigationThrottle::DEFER: | |
| 413 default: | |
| 414 NOTREACHED(); | |
| 415 } | |
| 416 } | |
| 417 next_index_ = 0; | |
| 418 state_ = READY_TO_COMMIT; | |
| 419 return NavigationThrottle::PROCEED; | |
| 420 } | |
| 421 | |
| 370 void NavigationHandleImpl::RunCompleteCallback( | 422 void NavigationHandleImpl::RunCompleteCallback( |
| 371 NavigationThrottle::ThrottleCheckResult result) { | 423 NavigationThrottle::ThrottleCheckResult result) { |
| 372 DCHECK(result != NavigationThrottle::DEFER); | 424 DCHECK(result != NavigationThrottle::DEFER); |
| 373 if (!complete_callback_.is_null()) | 425 if (!complete_callback_.is_null()) |
| 374 complete_callback_.Run(result); | 426 complete_callback_.Run(result); |
| 375 | 427 |
| 376 complete_callback_.Reset(); | 428 complete_callback_.Reset(); |
| 377 } | 429 } |
| 378 | 430 |
| 379 } // namespace content | 431 } // namespace content |
| OLD | NEW |
