third_party/WebKit/Source/modules/credentialmanager/CredentialsContainer.cpp - Issue 1861663002: CREDENTIAL: Block API access from non-top-level Documents.

Unified Diff: third_party/WebKit/Source/modules/credentialmanager/CredentialsContainer.cpp

Issue 1861663002: CREDENTIAL: Block API access from non-top-level Documents. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: security_check Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/iframed-credentialscontainer.html ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/Source/modules/credentialmanager/CredentialsContainer.cpp

diff --git a/third_party/WebKit/Source/modules/credentialmanager/CredentialsContainer.cpp b/third_party/WebKit/Source/modules/credentialmanager/CredentialsContainer.cpp

index 4980c2c2c89618fc7263146b82a456b809305c64..ea400dc345369c2d74ff9b77f7c4cb8d83da3703 100644

--- a/third_party/WebKit/Source/modules/credentialmanager/CredentialsContainer.cpp

+++ b/third_party/WebKit/Source/modules/credentialmanager/CredentialsContainer.cpp

@@ -8,9 +8,12 @@

#include "bindings/core/v8/ScriptPromise.h"

#include "bindings/core/v8/ScriptPromiseResolver.h"

#include "core/dom/DOMException.h"

+#include "core/dom/Document.h"

#include "core/dom/ExceptionCode.h"

#include "core/dom/ExecutionContext.h"

+#include "core/frame/Frame.h"

#include "core/frame/UseCounter.h"

+#include "core/page/FrameTree.h"

#include "modules/credentialmanager/Credential.h"

#include "modules/credentialmanager/CredentialManagerClient.h"

#include "modules/credentialmanager/CredentialRequestOptions.h"

@@ -51,6 +54,9 @@ public:

void onSuccess() override

{

+ Frame* frame = toDocument(m_resolver->getScriptState()->getExecutionContext())->frame();

+ SECURITY_CHECK(frame == frame->tree().top());

m_resolver->resolve();

}

@@ -71,6 +77,9 @@ public:

void onSuccess(WebPassOwnPtr<WebCredential> webCredential) override

{

+ Frame* frame = toDocument(m_resolver->getScriptState()->getExecutionContext())->frame();

+ SECURITY_CHECK(frame == frame->tree().top());

OwnPtr<WebCredential> credential = webCredential.release();

if (!credential) {

m_resolver->resolve();

@@ -105,9 +114,9 @@ CredentialsContainer::CredentialsContainer()

static bool checkBoilerplate(ScriptPromiseResolver* resolver)

{

- CredentialManagerClient* client = CredentialManagerClient::from(resolver->getScriptState()->getExecutionContext());

- if (!client) {

- resolver->reject(DOMException::create(InvalidStateError, "Could not establish connection to the credential manager."));

+ Frame* frame = toDocument(resolver->getScriptState()->getExecutionContext())->frame();

+ if (!frame || frame != frame->tree().top()) {

+ resolver->reject(DOMException::create(SecurityError, "CredentialContainer methods may only be executed in a top-level document."));

return false;

}

@@ -117,6 +126,12 @@ static bool checkBoilerplate(ScriptPromiseResolver* resolver)

return false;

}

+ CredentialManagerClient* client = CredentialManagerClient::from(resolver->getScriptState()->getExecutionContext());

+ if (!client) {

+ resolver->reject(DOMException::create(InvalidStateError, "Could not establish connection to the credential manager."));

+ return false;

+ }

return true;

}

« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/iframed-credentialscontainer.html ('k') | no next file » | no next file with comments »