OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/webui/url_data_manager_backend.h" | 5 #include "content/browser/webui/url_data_manager_backend.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 | 8 |
9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 338 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
349 | 349 |
350 void URLRequestChromeJob::CheckStoragePartitionMatches( | 350 void URLRequestChromeJob::CheckStoragePartitionMatches( |
351 int render_process_id, | 351 int render_process_id, |
352 const GURL& url, | 352 const GURL& url, |
353 const base::WeakPtr<URLRequestChromeJob>& job) { | 353 const base::WeakPtr<URLRequestChromeJob>& job) { |
354 // The embedder could put some webui pages in separate storage partition. | 354 // The embedder could put some webui pages in separate storage partition. |
355 // RenderProcessHostImpl::IsSuitableHost would guard against top level pages | 355 // RenderProcessHostImpl::IsSuitableHost would guard against top level pages |
356 // being in the same process. We do an extra check to guard against an | 356 // being in the same process. We do an extra check to guard against an |
357 // exploited renderer pretending to add them as a subframe. We skip this check | 357 // exploited renderer pretending to add them as a subframe. We skip this check |
358 // for resources. | 358 // for resources. |
359 // TODO(guohui): move URL constants for extension-icon, favicon, theme, thumb, | |
360 // thumb and thumbnails from chrome/common/url_constants.h to | |
361 // content/public/common/url_constants.h, so that they could be reused here. | |
362 bool allowed = false; | 359 bool allowed = false; |
360 std::vector<std::string> hosts; | |
361 GetContentClient()-> | |
362 browser()->GetAdditionalWebUIHostsToIgnoreParititionCheck(&hosts); | |
363 if (url.SchemeIs(kChromeUIScheme) && | 363 if (url.SchemeIs(kChromeUIScheme) && |
364 (url.host() == kChromeUIResourcesHost || | 364 (url.SchemeIs(kChromeUIScheme) || |
Dan Beam
2016/05/17 03:43:48
it seems as if this host got dropped during this r
| |
365 url.host() == "extension-icon" || | 365 std::find(hosts.begin(), hosts.end(), url.host()) != hosts.end())) { |
Dan Beam
2016/05/17 02:28:55
did this code ever work? it seems like any chrome
Charlie Reis
2016/05/17 21:08:24
Yeah, this doesn't match the change that jam@ requ
| |
366 url.host() == "favicon" || | |
367 url.host() == "theme" || | |
368 url.host() == "thumb" || | |
369 url.host() == "thumb2" || | |
370 url.host() == "thumbnails")) { | |
371 allowed = true; | 366 allowed = true; |
372 } else { | 367 } else { |
373 RenderProcessHost* process = RenderProcessHost::FromID(render_process_id); | 368 RenderProcessHost* process = RenderProcessHost::FromID(render_process_id); |
374 if (process) { | 369 if (process) { |
375 StoragePartition* partition = BrowserContext::GetStoragePartitionForSite( | 370 StoragePartition* partition = BrowserContext::GetStoragePartitionForSite( |
376 process->GetBrowserContext(), url); | 371 process->GetBrowserContext(), url); |
377 allowed = partition == process->GetStoragePartition(); | 372 allowed = partition == process->GetStoragePartition(); |
378 } | 373 } |
379 } | 374 } |
380 | 375 |
(...skipping 343 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
724 | 719 |
725 } // namespace | 720 } // namespace |
726 | 721 |
727 net::URLRequestJobFactory::ProtocolHandler* | 722 net::URLRequestJobFactory::ProtocolHandler* |
728 CreateDevToolsProtocolHandler(content::ResourceContext* resource_context, | 723 CreateDevToolsProtocolHandler(content::ResourceContext* resource_context, |
729 bool is_incognito) { | 724 bool is_incognito) { |
730 return new DevToolsJobFactory(resource_context, is_incognito); | 725 return new DevToolsJobFactory(resource_context, is_incognito); |
731 } | 726 } |
732 | 727 |
733 } // namespace content | 728 } // namespace content |
OLD | NEW |