Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(368)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/webui/url_data_manager_backend.cc

Issue 183803023: clean up partition check in url_data_manager_backend.cc (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chrome/browser/chrome_content_browser_client.cc ('K') | « chrome/browser/chrome_content_browser_client.cc ('k') | content/public/browser/content_browser_client.h » ('j') | content/public/browser/content_browser_client.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/webui/url_data_manager_backend.h" 5 #include "content/browser/webui/url_data_manager_backend.h"
6 6
7 #include <set> 7 #include <set>
8 8
9 #include "base/basictypes.h" 9 #include "base/basictypes.h"
10 #include "base/bind.h" 10 #include "base/bind.h"
(...skipping 338 matching lines...) Expand 10 before | Expand all | Expand 10 after
349 349
350 void URLRequestChromeJob::CheckStoragePartitionMatches( 350 void URLRequestChromeJob::CheckStoragePartitionMatches(
351 int render_process_id, 351 int render_process_id,
352 const GURL& url, 352 const GURL& url,
353 const base::WeakPtr<URLRequestChromeJob>& job) { 353 const base::WeakPtr<URLRequestChromeJob>& job) {
354 // The embedder could put some webui pages in separate storage partition. 354 // The embedder could put some webui pages in separate storage partition.
355 // RenderProcessHostImpl::IsSuitableHost would guard against top level pages 355 // RenderProcessHostImpl::IsSuitableHost would guard against top level pages
356 // being in the same process. We do an extra check to guard against an 356 // being in the same process. We do an extra check to guard against an
357 // exploited renderer pretending to add them as a subframe. We skip this check 357 // exploited renderer pretending to add them as a subframe. We skip this check
358 // for resources. 358 // for resources.
359 // TODO(guohui): move URL constants for favicon, theme, thumb, thumb and
360 // thumbnails from chrome/common/url_constants.h to
361 // content/public/common/url_constants.h, so that they could be reused here.
362 bool allowed = false; 359 bool allowed = false;
360 std::vector<std::string> hosts;
jam 2014/03/05 22:29:46 i.e. do hosts->push_back(kChromeUIResourcesHost) h
361 GetContentClient()->browser()->GetWebUIHostsToIgnoreParititionCheck(&hosts);
363 if (url.SchemeIs(kChromeUIScheme) && 362 if (url.SchemeIs(kChromeUIScheme) &&
364 (url.host() == kChromeUIResourcesHost || 363 (std::find(hosts.begin(), hosts.end(), url.host()) != hosts.end())) {
365 url.host() == "favicon" ||
366 url.host() == "theme" ||
367 url.host() == "thumb" ||
368 url.host() == "thumb2" ||
369 url.host() == "thumbnails")) {
370 allowed = true; 364 allowed = true;
371 } else { 365 } else {
372 RenderProcessHost* process = RenderProcessHost::FromID(render_process_id); 366 RenderProcessHost* process = RenderProcessHost::FromID(render_process_id);
373 if (process) { 367 if (process) {
374 StoragePartition* partition = BrowserContext::GetStoragePartitionForSite( 368 StoragePartition* partition = BrowserContext::GetStoragePartitionForSite(
375 process->GetBrowserContext(), url); 369 process->GetBrowserContext(), url);
376 allowed = partition == process->GetStoragePartition(); 370 allowed = partition == process->GetStoragePartition();
377 } 371 }
378 } 372 }
379 373
(...skipping 343 matching lines...) Expand 10 before | Expand all | Expand 10 after
723 717
724 } // namespace 718 } // namespace
725 719
726 net::URLRequestJobFactory::ProtocolHandler* 720 net::URLRequestJobFactory::ProtocolHandler*
727 CreateDevToolsProtocolHandler(content::ResourceContext* resource_context, 721 CreateDevToolsProtocolHandler(content::ResourceContext* resource_context,
728 bool is_incognito) { 722 bool is_incognito) {
729 return new DevToolsJobFactory(resource_context, is_incognito); 723 return new DevToolsJobFactory(resource_context, is_incognito);
730 } 724 }
731 725
732 } // namespace content 726 } // namespace content
OLDNEW
« chrome/browser/chrome_content_browser_client.cc ('K') | « chrome/browser/chrome_content_browser_client.cc ('k') | content/public/browser/content_browser_client.h » ('j') | content/public/browser/content_browser_client.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698