content/browser/loader/resource_dispatcher_host_impl.h - Issue 1608573002: RDH: Block a compromised renderer from reusing request ids

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/browser/loader/resource_dispatcher_host_impl.h

Issue 1608573002: RDH: Block a compromised renderer from reusing request ids (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Fix resource_loader_unittest.cc Created 4 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « content/browser/bad_message.h ('k') | content/browser/loader/resource_dispatcher_host_impl.cc » ('j') | content/browser/loader/resource_dispatcher_host_impl.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: content/browser/loader/resource_dispatcher_host_impl.h

diff --git a/content/browser/loader/resource_dispatcher_host_impl.h b/content/browser/loader/resource_dispatcher_host_impl.h

index 74922647f29781d54a54a05d462560956ebf029f..10f5baab50163e807ff7b904b4a58618b628d169 100644

--- a/content/browser/loader/resource_dispatcher_host_impl.h

+++ b/content/browser/loader/resource_dispatcher_host_impl.h

@@ -330,6 +330,7 @@ class CONTENT_EXPORT ResourceDispatcherHostImpl

void DidReceiveRedirect(ResourceLoader* loader, const GURL& new_url) override;

void DidReceiveResponse(ResourceLoader* loader) override;

void DidFinishLoading(ResourceLoader* loader) override;

+ void LoaderDestroyed(ResourceLoader* loader) override;

// An init helper that runs on the IO thread.

void OnInit();

@@ -523,6 +524,10 @@ class CONTENT_EXPORT ResourceDispatcherHostImpl

LoaderMap pending_loaders_;

+ // Keep a set of request ids currently in use. This is used to validate

+ // incoming request ids from renderers and disallow duplicates.

+ std::set<GlobalRequestID> request_ids_in_use_;

// Collection of temp files downloaded for child processes via

// the download_to_file mechanism. We avoid deleting them until

// the client no longer needs them.