OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/frame_host/navigation_request.h" | 5 #include "content/browser/frame_host/navigation_request.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/memory/ptr_util.h" | 9 #include "base/memory/ptr_util.h" |
10 #include "content/browser/appcache/appcache_navigation_handle.h" | 10 #include "content/browser/appcache/appcache_navigation_handle.h" |
(...skipping 17 matching lines...) Expand all Loading... |
28 #include "content/public/browser/browser_context.h" | 28 #include "content/public/browser/browser_context.h" |
29 #include "content/public/browser/content_browser_client.h" | 29 #include "content/public/browser/content_browser_client.h" |
30 #include "content/public/browser/global_request_id.h" | 30 #include "content/public/browser/global_request_id.h" |
31 #include "content/public/browser/navigation_controller.h" | 31 #include "content/public/browser/navigation_controller.h" |
32 #include "content/public/browser/navigation_data.h" | 32 #include "content/public/browser/navigation_data.h" |
33 #include "content/public/browser/navigation_ui_data.h" | 33 #include "content/public/browser/navigation_ui_data.h" |
34 #include "content/public/browser/storage_partition.h" | 34 #include "content/public/browser/storage_partition.h" |
35 #include "content/public/browser/stream_handle.h" | 35 #include "content/public/browser/stream_handle.h" |
36 #include "content/public/common/appcache_info.h" | 36 #include "content/public/common/appcache_info.h" |
37 #include "content/public/common/content_client.h" | 37 #include "content/public/common/content_client.h" |
| 38 #include "content/public/common/origin_util.h" |
38 #include "content/public/common/request_context_type.h" | 39 #include "content/public/common/request_context_type.h" |
39 #include "content/public/common/resource_response.h" | 40 #include "content/public/common/resource_response.h" |
40 #include "content/public/common/url_constants.h" | 41 #include "content/public/common/url_constants.h" |
41 #include "net/base/load_flags.h" | 42 #include "net/base/load_flags.h" |
42 #include "net/base/net_errors.h" | 43 #include "net/base/net_errors.h" |
43 #include "net/base/url_util.h" | 44 #include "net/base/url_util.h" |
44 #include "net/http/http_request_headers.h" | 45 #include "net/http/http_request_headers.h" |
45 #include "net/url_request/redirect_info.h" | 46 #include "net/url_request/redirect_info.h" |
46 #include "third_party/WebKit/public/platform/WebMixedContentContextType.h" | 47 #include "third_party/WebKit/public/platform/WebMixedContentContextType.h" |
47 #include "third_party/WebKit/public/web/WebSandboxFlags.h" | 48 #include "third_party/WebKit/public/web/WebSandboxFlags.h" |
(...skipping 27 matching lines...) Expand all Loading... |
75 case FrameMsg_Navigate_Type::SAME_DOCUMENT: | 76 case FrameMsg_Navigate_Type::SAME_DOCUMENT: |
76 case FrameMsg_Navigate_Type::DIFFERENT_DOCUMENT: | 77 case FrameMsg_Navigate_Type::DIFFERENT_DOCUMENT: |
77 case FrameMsg_Navigate_Type::HISTORY_SAME_DOCUMENT: | 78 case FrameMsg_Navigate_Type::HISTORY_SAME_DOCUMENT: |
78 case FrameMsg_Navigate_Type::HISTORY_DIFFERENT_DOCUMENT: | 79 case FrameMsg_Navigate_Type::HISTORY_DIFFERENT_DOCUMENT: |
79 if (is_post) | 80 if (is_post) |
80 *load_flags |= net::LOAD_VALIDATE_CACHE; | 81 *load_flags |= net::LOAD_VALIDATE_CACHE; |
81 break; | 82 break; |
82 } | 83 } |
83 } | 84 } |
84 | 85 |
85 // This is based on SecurityOrigin::isPotentiallyTrustworthy. | |
86 // TODO(clamy): This should be function in url::Origin. | |
87 bool IsPotentiallyTrustworthyOrigin(const url::Origin& origin) { | |
88 if (origin.unique()) | |
89 return false; | |
90 | |
91 if (origin.scheme() == url::kHttpsScheme || | |
92 origin.scheme() == url::kAboutScheme || | |
93 origin.scheme() == url::kDataScheme || | |
94 origin.scheme() == url::kWssScheme || | |
95 origin.scheme() == url::kFileScheme) { | |
96 return true; | |
97 } | |
98 | |
99 if (net::IsLocalhost(origin.host())) | |
100 return true; | |
101 | |
102 // TODO(clamy): Check for whitelisted origins. | |
103 return false; | |
104 } | |
105 | |
106 // TODO(clamy): This should be function in FrameTreeNode. | 86 // TODO(clamy): This should be function in FrameTreeNode. |
107 bool IsSecureFrame(FrameTreeNode* frame) { | 87 bool IsSecureFrame(FrameTreeNode* frame) { |
108 while (frame) { | 88 while (frame) { |
109 if (!IsPotentiallyTrustworthyOrigin(frame->current_origin())) | 89 if (!IsPotentiallyTrustworthyOrigin(frame->current_origin())) |
110 return false; | 90 return false; |
111 frame = frame->parent(); | 91 frame = frame->parent(); |
112 } | 92 } |
113 return true; | 93 return true; |
114 } | 94 } |
115 | 95 |
(...skipping 631 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
747 DCHECK_EQ(request_params_.has_user_gesture, begin_params_.has_user_gesture); | 727 DCHECK_EQ(request_params_.has_user_gesture, begin_params_.has_user_gesture); |
748 | 728 |
749 render_frame_host->CommitNavigation(response_.get(), std::move(body_), | 729 render_frame_host->CommitNavigation(response_.get(), std::move(body_), |
750 common_params_, request_params_, | 730 common_params_, request_params_, |
751 is_view_source_); | 731 is_view_source_); |
752 | 732 |
753 frame_tree_node_->ResetNavigationRequest(true); | 733 frame_tree_node_->ResetNavigationRequest(true); |
754 } | 734 } |
755 | 735 |
756 } // namespace content | 736 } // namespace content |
OLD | NEW |