Chromium Code Reviews Chromium Code Reviews
Issue 1903133004:
Report invalid URLs as ERR_INVALID_URL rather than ERR_ABORTED (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: content/browser/loader/resource_dispatcher_host_impl.cc |
| diff --git a/content/browser/loader/resource_dispatcher_host_impl.cc b/content/browser/loader/resource_dispatcher_host_impl.cc |
| index e594cb76d5aef0b6545234d41d7bfa1bb0eee8c1..decb15addf291f2cdfe70a0211c512c973564a62 100644 |
| --- a/content/browser/loader/resource_dispatcher_host_impl.cc |
| +++ b/content/browser/loader/resource_dispatcher_host_impl.cc |
| @@ -224,19 +224,20 @@ bool IsDetachableResourceType(ResourceType type) { |
| } |
| } |
| -// Aborts a request before an URLRequest has actually been created. |
| -void AbortRequestBeforeItStarts(ResourceMessageFilter* filter, |
| +// Fails a request before a URLRequest has actually been created. |
| +void FailRequestBeforeItStarts(ResourceMessageFilter* filter, |
| IPC::Message* sync_result, |
| - int request_id) { |
| + int request_id, |
| + net::Error error) { |
| if (sync_result) { |
| SyncLoadResult result; |
| - result.error_code = net::ERR_ABORTED; |
| + result.error_code = error; |
| ResourceHostMsg_SyncLoad::WriteReplyParams(sync_result, result); |
| filter->Send(sync_result); |
| } else { |
| // Tell the renderer that this request was disallowed. |
| ResourceMsg_RequestCompleteData request_complete_data; |
| - request_complete_data.error_code = net::ERR_ABORTED; |
| + request_complete_data.error_code = error; |
| request_complete_data.was_ignored_by_handler = false; |
| request_complete_data.exists_in_cache = false; |
| // No security info needed, connection not established. |
| @@ -289,15 +290,16 @@ void SetReferrerForRequest(net::URLRequest* request, const Referrer& referrer) { |
| } |
| // Consults the RendererSecurity policy to determine whether the |
|
nasko
2016/04/21 20:30:01
nit: RendererSecurity doesn't exist anywhere but t
|
| -// ResourceDispatcherHostImpl should service this request. A request might be |
| -// disallowed if the renderer is not authorized to retrieve the request URL or |
| -// if the renderer is attempting to upload an unauthorized file. |
| -bool ShouldServiceRequest(int process_type, |
| - int child_id, |
| - const ResourceHostMsg_Request& request_data, |
| - const net::HttpRequestHeaders& headers, |
| - ResourceMessageFilter* filter, |
| - ResourceContext* resource_context) { |
| +// ResourceDispatcherHostImpl should service this request. Returns net::OK if |
| +// allowed or a net error otherwise. A request might be disallowed if the |
| +// renderer is not authorized to retrieve the request URL or if the renderer is |
| +// attempting to upload an unauthorized file. |
| +net::Error ShouldServiceRequest(int process_type, |
| + int child_id, |
| + const ResourceHostMsg_Request& request_data, |
| + const net::HttpRequestHeaders& headers, |
| + ResourceMessageFilter* filter, |
| + ResourceContext* resource_context) { |
| ChildProcessSecurityPolicyImpl* policy = |
| ChildProcessSecurityPolicyImpl::GetInstance(); |
| @@ -305,7 +307,7 @@ bool ShouldServiceRequest(int process_type, |
| if (!policy->CanRequestURL(child_id, request_data.url)) { |
| VLOG(1) << "Denied unauthorized request for " |
| << request_data.url.possibly_invalid_spec(); |
| - return false; |
| + return net::ERR_INVALID_URL; |
| } |
| // Check if the renderer is using an illegal Origin header. If so, kill it. |
| @@ -319,7 +321,7 @@ bool ShouldServiceRequest(int process_type, |
| child_id, origin)) { |
| VLOG(1) << "Killed renderer for illegal origin: " << origin_string; |
| bad_message::ReceivedBadMessage(filter, bad_message::RDH_ILLEGAL_ORIGIN); |
| - return false; |
| + return net::ERR_INVALID_URL; |
| } |
| } |
| @@ -333,7 +335,7 @@ bool ShouldServiceRequest(int process_type, |
| !policy->CanReadFile(child_id, iter->path())) { |
| NOTREACHED() << "Denied unauthorized upload of " |
| << iter->path().value(); |
| - return false; |
| + return net::ERR_ACCESS_DENIED; |
| } |
| if (iter->type() == ResourceRequestBody::Element::TYPE_FILE_FILESYSTEM) { |
| storage::FileSystemURL url = |
| @@ -341,13 +343,13 @@ bool ShouldServiceRequest(int process_type, |
| if (!policy->CanReadFileSystemFile(child_id, url)) { |
| NOTREACHED() << "Denied unauthorized upload of " |
| << iter->filesystem_url().spec(); |
| - return false; |
| + return net::ERR_ACCESS_DENIED; |
| } |
| } |
| } |
| } |
| - return true; |
| + return net::OK; |
| } |
| void RemoveDownloadFileFromChildSecurityPolicy(int child_id, |
| @@ -1433,10 +1435,15 @@ void ResourceDispatcherHostImpl::BeginRequest( |
| net::HttpRequestHeaders headers; |
| headers.AddHeadersFromString(request_data.headers); |
| - if (is_shutdown_ || |
| - !ShouldServiceRequest(process_type, child_id, request_data, headers, |
| - filter_, resource_context)) { |
| - AbortRequestBeforeItStarts(filter_, sync_result, request_id); |
| + if (is_shutdown_) { |
| + FailRequestBeforeItStarts(filter_, sync_result, request_id, |
| + net::ERR_ABORTED); |
| + return; |
| + } |
| + net::Error error = ShouldServiceRequest(process_type, child_id, request_data, |
| + headers, filter_, resource_context); |
| + if (error != net::OK) { |
| + FailRequestBeforeItStarts(filter_, sync_result, request_id, error); |
| return; |
| } |
| @@ -1445,7 +1452,8 @@ void ResourceDispatcherHostImpl::BeginRequest( |
| request_data.url, |
| request_data.resource_type, |
| resource_context)) { |
| - AbortRequestBeforeItStarts(filter_, sync_result, request_id); |
| + FailRequestBeforeItStarts(filter_, sync_result, request_id, |
| + net::ERR_ABORTED); |
| return; |
| } |
