Issue 1812723002: Add URL validation to navigations initiated via RenderFrameProxyHosts.

Issue 1812723002: Add URL validation to navigations initiated via RenderFrameProxyHosts. (Closed)

Created:
4 years, 9 months ago by alexmos

Modified:
4 years, 9 months ago

Reviewers:
Charlie Reis

CC:
chromium-reviews, darin-cc_chromium.org, nasko+codewatch_chromium.org, jam, creis+watch_chromium.org, site-isolation-reviews_chromium.org

Base URL:
https://chromium.googlesource.com/chromium/src.git@master

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Add URL validation to navigations initiated via RenderFrameProxyHosts. When we changed RenderFrameProxyHost::OnOpenURL to use the transfer logic in r377832, we lost FilterURL validation provided by RenderFrameHostImpl::OpenURL. This CL adds that validation to navigations initiated via proxies. BUG=595339 CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_site_isolation Committed: https://crrev.com/5b50b674d36956c84a499b4f93e65a874de28713 Cr-Commit-Position: refs/heads/master@{#381788}

Patch Set 1 #

Patch Set 2 : #

Total comments: 2

Patch Set 3 : Charlie's nit #

Created: 4 years, 9 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+41 lines, -1 line)			Patch
	M	content/browser/frame_host/render_frame_proxy_host.cc	View	2	2 chunks	+4 lines, -1 line	0 comments	Download
	M	content/browser/site_per_process_browsertest.cc	View		2 chunks	+37 lines, -0 lines	0 comments	Download

Messages

Total messages: 15 (7 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

alexmos

Charlie, can you please take a look? I took a look around RFPH, and this ...

4 years, 9 months ago (2016-03-17 00:21:12 UTC) #3

Charlie Reis

Yes, thanks for tracking that down! LGTM with nit. https://codereview.chromium.org/1812723002/diff/20001/content/browser/frame_host/render_frame_proxy_host.cc File content/browser/frame_host/render_frame_proxy_host.cc (right): https://codereview.chromium.org/1812723002/diff/20001/content/browser/frame_host/render_frame_proxy_host.cc#newcode262 content/browser/frame_host/render_frame_proxy_host.cc:262: ...

4 years, 9 months ago (2016-03-17 17:22:28 UTC) #4

alexmos

Thanks! https://codereview.chromium.org/1812723002/diff/20001/content/browser/frame_host/render_frame_proxy_host.cc File content/browser/frame_host/render_frame_proxy_host.cc (right): https://codereview.chromium.org/1812723002/diff/20001/content/browser/frame_host/render_frame_proxy_host.cc#newcode262 content/browser/frame_host/render_frame_proxy_host.cc:262: GetProcess()->FilterURL(false, &validated_url); On 2016/03/17 17:22:27, Charlie Reis wrote: ...

4 years, 9 months ago (2016-03-17 17:30:48 UTC) #5

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1812723002/40001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1812723002/40001

4 years, 9 months ago (2016-03-17 17:31:25 UTC) #8

commit-bot: I haz the power

Try jobs failed on following builders: win_chromium_rel_ng on tryserver.chromium.win (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.win/builders/win_chromium_rel_ng/builds/190534)

4 years, 9 months ago (2016-03-17 19:25:49 UTC) #10

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1812723002/40001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1812723002/40001

4 years, 9 months ago (2016-03-17 19:54:06 UTC) #12

commit-bot: I haz the power

4 years, 9 months ago (2016-03-17 20:39:39 UTC) #15

Message was sent while issue was closed.

Patchset 3 (id:??) landed as
https://crrev.com/5b50b674d36956c84a499b4f93e65a874de28713
Cr-Commit-Position: refs/heads/master@{#381788}

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages