Limit requests for which link headers can install service workers to secure contexts.

content/browser/service_worker/link_header_support.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/service_worker/link_header_support.h"
 
 #include "base/command_line.h"
 #include "base/strings/string_split.h"
 #include "base/strings/string_util.h"
 #include "components/link_header_util/link_header_util.h"
 #include "content/browser/loader/resource_message_filter.h"
 #include "content/browser/loader/resource_request_info_impl.h"
 #include "content/browser/service_worker/service_worker_context_wrapper.h"
+#include "content/browser/service_worker/service_worker_request_handler.h"
 #include "content/common/service_worker/service_worker_utils.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/content_browser_client.h"
 #include "content/public/common/content_client.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/origin_util.h"
 #include "net/http/http_util.h"
 #include "net/url_request/url_request.h"
 
 namespace content {
@@ skipping 24 matching lines @@
 
   const ResourceRequestInfoImpl* request_info =
       ResourceRequestInfoImpl::ForRequest(request);
   ResourceMessageFilter* filter = request_info->filter();
   ServiceWorkerContext* service_worker_context =
       filter ? filter->service_worker_context()
              : service_worker_context_for_testing;
   if (!service_worker_context)
     return;
 
-  // TODO(mek): serviceworker links should only be supported on requests from
-  // secure contexts. For now just check the initiator origin, even though that
-  // is not correct: 1) the initiator isn't the origin that matters in case of
-  // navigations, and 2) more than just a secure origin this needs to be a
-  // secure context.
-  if (!request->initiator().unique() &&
-      !IsOriginSecure(GURL(request->initiator().Serialize())))
-    return;
+  if (ServiceWorkerUtils::IsMainResourceType(request_info->GetResourceType())) {
+    // In case of navigations, make sure the navigation will actually result in
+    // a secure context.
+    ServiceWorkerProviderHost* provider_host =
+        ServiceWorkerRequestHandler::GetProviderHost(request);
+    if (!provider_host || !provider_host->IsContextSecureForServiceWorker())
+      return;
+  } else {
+    // If this is not a navigation, make sure the request was initiated from a
+    // secure context.
+    if (!request_info->initiated_in_secure_context())
+      return;
+  }
 
   // TODO(mek): support for a serviceworker link on a request that wouldn't ever
   // be able to be intercepted by a serviceworker isn't very useful, so this
   // should share logic with ServiceWorkerRequestHandler and
   // ForeignFetchRequestHandler to limit the requests for which serviceworker
   // links are processed.
 
   GURL context_url = request->url();
   GURL script_url = context_url.Resolve(url);
   auto scope_param = params.find("scope");
@@ skipping 71 matching lines @@
     const net::URLRequest* request,
     const std::string& link_header,
     ServiceWorkerContextWrapper* service_worker_context_for_testing) {
   for (const auto& value : link_header_util::SplitLinkHeader(link_header)) {
     ProcessLinkHeaderValueForRequest(request, value.first, value.second,
                                      service_worker_context_for_testing);
   }
 }
 
 }  // namespace content