mojo/shell/application_manager.cc - Issue 1716793003: Enforce Capability Filter provided in manifest

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: mojo/shell/application_manager.cc

Issue 1716793003: Enforce Capability Filter provided in manifest (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@9deps

Patch Set: . Created 4 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: mojo/shell/application_manager.cc

diff --git a/mojo/shell/application_manager.cc b/mojo/shell/application_manager.cc

index 1a4cfa0a5913a0cff4c6f0c3cb1123c02b79f4c9..1ff590134629a06d24f39b77eebb377c7a10e412 100644

--- a/mojo/shell/application_manager.cc

+++ b/mojo/shell/application_manager.cc

@@ -301,7 +301,7 @@ void ApplicationManager::OnShellClientFactoryLost(const Identity& which) {

void ApplicationManager::OnGotResolvedURL(

scoped_ptr<ConnectParams> params,

const String& resolved_url,

- const String& qualifier,

+ const String& resolved_qualifier,

mojom::CapabilityFilterPtr base_filter,

const String& file_url) {

// It's possible that when this manifest request was issued, another one was

@@ -310,9 +310,15 @@ void ApplicationManager::OnGotResolvedURL(

if (ConnectToExistingInstance(&params))

return;

- Identity source = params->source(), target = params->target();

+ Identity source = params->source();

+ CapabilityFilter filter = params->target().filter();

+ // TODO(beng): this clobbers the filter passed via Connect().

+ if (!base_filter.is_null())

+ filter = base_filter->filter.To<CapabilityFilter>();

+ Identity target(params->target().url(), params->target().qualifier(), filter);

mojom::ShellClientRequest request;

- ApplicationInstance* instance = CreateInstance(params->target(), &request);

+ ApplicationInstance* instance = CreateInstance(target, &request);

instance->ConnectToClient(std::move(params));

if (LoadWithLoader(target, &request))

@@ -322,13 +328,11 @@ void ApplicationManager::OnGotResolvedURL(

GURL resolved_gurl = resolved_url.To<GURL>();

if (target.url().spec() != resolved_url) {

- // TODO(beng): this clobbers the CapabilityFilter passed via Connect().

- CapabilityFilter capability_filter = GetPermissiveCapabilityFilter();

- if (!base_filter.is_null())

- capability_filter = base_filter->filter.To<CapabilityFilter>();

+ // In cases where a package alias is resolved, we have to use the qualifier

+ // from the original request rather than for the package itself, which will

+ // always be the same.

CreateShellClient(source,

- Identity(resolved_gurl, qualifier, capability_filter),

+ Identity(resolved_gurl, target.qualifier(), filter),

target.url(), std::move(request));

} else {

bool start_sandboxed = false;

« no previous file with comments | « mojo/shell/application_manager.h ('k') | mojo/shell/tests/application_manager_apptest_driver_manifest.json » ('j') | no next file with comments »