Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(7)

Side by Side Diff: content/browser/webui/url_data_manager_backend.cc

Issue 183803023: clean up partition check in url_data_manager_backend.cc (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: comments addressed Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/webui/url_data_manager_backend.h" 5 #include "content/browser/webui/url_data_manager_backend.h"
6 6
7 #include <set> 7 #include <set>
8 8
9 #include "base/basictypes.h" 9 #include "base/basictypes.h"
10 #include "base/bind.h" 10 #include "base/bind.h"
(...skipping 338 matching lines...) Expand 10 before | Expand all | Expand 10 after
349 349
350 void URLRequestChromeJob::CheckStoragePartitionMatches( 350 void URLRequestChromeJob::CheckStoragePartitionMatches(
351 int render_process_id, 351 int render_process_id,
352 const GURL& url, 352 const GURL& url,
353 const base::WeakPtr<URLRequestChromeJob>& job) { 353 const base::WeakPtr<URLRequestChromeJob>& job) {
354 // The embedder could put some webui pages in separate storage partition. 354 // The embedder could put some webui pages in separate storage partition.
355 // RenderProcessHostImpl::IsSuitableHost would guard against top level pages 355 // RenderProcessHostImpl::IsSuitableHost would guard against top level pages
356 // being in the same process. We do an extra check to guard against an 356 // being in the same process. We do an extra check to guard against an
357 // exploited renderer pretending to add them as a subframe. We skip this check 357 // exploited renderer pretending to add them as a subframe. We skip this check
358 // for resources. 358 // for resources.
359 // TODO(guohui): move URL constants for extension-icon, favicon, theme, thumb,
360 // thumb and thumbnails from chrome/common/url_constants.h to
361 // content/public/common/url_constants.h, so that they could be reused here.
362 bool allowed = false; 359 bool allowed = false;
360 std::vector<std::string> hosts;
361 GetContentClient()->
362 browser()->GetAdditionalWebUIHostsToIgnoreParititionCheck(&hosts);
363 if (url.SchemeIs(kChromeUIScheme) && 363 if (url.SchemeIs(kChromeUIScheme) &&
364 (url.host() == kChromeUIResourcesHost || 364 (url.SchemeIs(kChromeUIScheme) ||
Dan Beam 2016/05/17 03:43:48 it seems as if this host got dropped during this r
365 url.host() == "extension-icon" || 365 std::find(hosts.begin(), hosts.end(), url.host()) != hosts.end())) {
Dan Beam 2016/05/17 02:28:55 did this code ever work? it seems like any chrome
Charlie Reis 2016/05/17 21:08:24 Yeah, this doesn't match the change that jam@ requ
366 url.host() == "favicon" ||
367 url.host() == "theme" ||
368 url.host() == "thumb" ||
369 url.host() == "thumb2" ||
370 url.host() == "thumbnails")) {
371 allowed = true; 366 allowed = true;
372 } else { 367 } else {
373 RenderProcessHost* process = RenderProcessHost::FromID(render_process_id); 368 RenderProcessHost* process = RenderProcessHost::FromID(render_process_id);
374 if (process) { 369 if (process) {
375 StoragePartition* partition = BrowserContext::GetStoragePartitionForSite( 370 StoragePartition* partition = BrowserContext::GetStoragePartitionForSite(
376 process->GetBrowserContext(), url); 371 process->GetBrowserContext(), url);
377 allowed = partition == process->GetStoragePartition(); 372 allowed = partition == process->GetStoragePartition();
378 } 373 }
379 } 374 }
380 375
(...skipping 343 matching lines...) Expand 10 before | Expand all | Expand 10 after
724 719
725 } // namespace 720 } // namespace
726 721
727 net::URLRequestJobFactory::ProtocolHandler* 722 net::URLRequestJobFactory::ProtocolHandler*
728 CreateDevToolsProtocolHandler(content::ResourceContext* resource_context, 723 CreateDevToolsProtocolHandler(content::ResourceContext* resource_context,
729 bool is_incognito) { 724 bool is_incognito) {
730 return new DevToolsJobFactory(resource_context, is_incognito); 725 return new DevToolsJobFactory(resource_context, is_incognito);
731 } 726 }
732 727
733 } // namespace content 728 } // namespace content
OLDNEW
« no previous file with comments | « chrome/browser/chrome_content_browser_client.cc ('k') | content/public/browser/content_browser_client.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698