third_party/WebKit/Source/platform/network/ResourceRequest.cpp - Issue 1775933002: CORS-RFC1918: Pipe creator address space through SharedWorker creation.

Unified Diff: third_party/WebKit/Source/platform/network/ResourceRequest.cpp

Issue 1775933002: CORS-RFC1918: Pipe creator address space through SharedWorker creation. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: typo Created 4 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « third_party/WebKit/Source/platform/network/ResourceRequest.h ('k') | third_party/WebKit/Source/web/SharedWorkerRepositoryClientImpl.cpp » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/Source/platform/network/ResourceRequest.cpp

diff --git a/third_party/WebKit/Source/platform/network/ResourceRequest.cpp b/third_party/WebKit/Source/platform/network/ResourceRequest.cpp

index 23a3ba072ff37d6b99b7a5a44f871cef7eef87ae..f96b02f4fb105a6341e937696bda3c3a29f8d8f6 100644

--- a/third_party/WebKit/Source/platform/network/ResourceRequest.cpp

+++ b/third_party/WebKit/Source/platform/network/ResourceRequest.cpp

@@ -30,6 +30,7 @@

#include "platform/RuntimeEnabledFeatures.h"

#include "platform/weborigin/SecurityOrigin.h"

#include "public/platform/Platform.h"

+#include "public/platform/WebAddressSpace.h"

#include "public/platform/WebURLRequest.h"

namespace blink {

@@ -373,11 +374,11 @@ bool ResourceRequest::compare(const ResourceRequest& a, const ResourceRequest& b

return true;

}

-void ResourceRequest::setExternalRequestStateFromRequestorAddressSpace(WebURLRequest::AddressSpace requestorSpace)

+void ResourceRequest::setExternalRequestStateFromRequestorAddressSpace(WebAddressSpace requestorSpace)

{

- static_assert(WebURLRequest::AddressSpaceLocal < WebURLRequest::AddressSpacePrivate, "Local is inside Private");

- static_assert(WebURLRequest::AddressSpaceLocal < WebURLRequest::AddressSpacePublic, "Local is inside Public");

- static_assert(WebURLRequest::AddressSpacePrivate < WebURLRequest::AddressSpacePublic, "Private is inside Public");

+ static_assert(WebAddressSpaceLocal < WebAddressSpacePrivate, "Local is inside Private");

+ static_assert(WebAddressSpaceLocal < WebAddressSpacePublic, "Local is inside Public");

+ static_assert(WebAddressSpacePrivate < WebAddressSpacePublic, "Private is inside Public");

// TODO(mkwst): This only checks explicit IP addresses. We'll have to move all this up to //net and //content in

// order to have any real impact on gateway attacks. That turns out to be a TON of work. https://crbug.com/378566

@@ -386,11 +387,11 @@ void ResourceRequest::setExternalRequestStateFromRequestorAddressSpace(WebURLReq

return;

}

- WebURLRequest::AddressSpace targetSpace = WebURLRequest::AddressSpacePublic;

+ WebAddressSpace targetSpace = WebAddressSpacePublic;

if (Platform::current()->isReservedIPAddress(m_url.host()))

- targetSpace = WebURLRequest::AddressSpacePrivate;

+ targetSpace = WebAddressSpacePrivate;

if (SecurityOrigin::create(m_url)->isLocalhost())

- targetSpace = WebURLRequest::AddressSpaceLocal;

+ targetSpace = WebAddressSpaceLocal;

m_isExternalRequest = requestorSpace > targetSpace;

}