OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/service_worker/link_header_support.h" | 5 #include "content/browser/service_worker/link_header_support.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/strings/string_split.h" | 8 #include "base/strings/string_split.h" |
9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
10 #include "components/link_header_util/link_header_util.h" | 10 #include "components/link_header_util/link_header_util.h" |
11 #include "content/browser/loader/resource_message_filter.h" | 11 #include "content/browser/loader/resource_message_filter.h" |
12 #include "content/browser/loader/resource_request_info_impl.h" | 12 #include "content/browser/loader/resource_request_info_impl.h" |
13 #include "content/browser/service_worker/service_worker_context_wrapper.h" | 13 #include "content/browser/service_worker/service_worker_context_wrapper.h" |
| 14 #include "content/browser/service_worker/service_worker_request_handler.h" |
14 #include "content/common/service_worker/service_worker_utils.h" | 15 #include "content/common/service_worker/service_worker_utils.h" |
15 #include "content/public/browser/browser_thread.h" | 16 #include "content/public/browser/browser_thread.h" |
16 #include "content/public/browser/content_browser_client.h" | 17 #include "content/public/browser/content_browser_client.h" |
17 #include "content/public/common/content_client.h" | 18 #include "content/public/common/content_client.h" |
18 #include "content/public/common/content_switches.h" | 19 #include "content/public/common/content_switches.h" |
19 #include "content/public/common/origin_util.h" | 20 #include "content/public/common/origin_util.h" |
20 #include "net/http/http_util.h" | 21 #include "net/http/http_util.h" |
21 #include "net/url_request/url_request.h" | 22 #include "net/url_request/url_request.h" |
22 | 23 |
23 namespace content { | 24 namespace content { |
(...skipping 24 matching lines...) Expand all Loading... |
48 | 49 |
49 const ResourceRequestInfoImpl* request_info = | 50 const ResourceRequestInfoImpl* request_info = |
50 ResourceRequestInfoImpl::ForRequest(request); | 51 ResourceRequestInfoImpl::ForRequest(request); |
51 ResourceMessageFilter* filter = request_info->filter(); | 52 ResourceMessageFilter* filter = request_info->filter(); |
52 ServiceWorkerContext* service_worker_context = | 53 ServiceWorkerContext* service_worker_context = |
53 filter ? filter->service_worker_context() | 54 filter ? filter->service_worker_context() |
54 : service_worker_context_for_testing; | 55 : service_worker_context_for_testing; |
55 if (!service_worker_context) | 56 if (!service_worker_context) |
56 return; | 57 return; |
57 | 58 |
58 // TODO(mek): serviceworker links should only be supported on requests from | 59 if (ServiceWorkerUtils::IsMainResourceType(request_info->GetResourceType())) { |
59 // secure contexts. For now just check the initiator origin, even though that | 60 // In case of navigations, make sure the navigation will actually result in |
60 // is not correct: 1) the initiator isn't the origin that matters in case of | 61 // a secure context. |
61 // navigations, and 2) more than just a secure origin this needs to be a | 62 ServiceWorkerProviderHost* provider_host = |
62 // secure context. | 63 ServiceWorkerRequestHandler::GetProviderHost(request); |
63 if (!request->initiator().unique() && | 64 if (!provider_host || !provider_host->IsContextSecureForServiceWorker()) |
64 !IsOriginSecure(GURL(request->initiator().Serialize()))) | 65 return; |
65 return; | 66 } else { |
| 67 // If this is not a navigation, make sure the request was initiated from a |
| 68 // secure context. |
| 69 if (!request_info->initiated_in_secure_context()) |
| 70 return; |
| 71 } |
66 | 72 |
67 // TODO(mek): support for a serviceworker link on a request that wouldn't ever | 73 // TODO(mek): support for a serviceworker link on a request that wouldn't ever |
68 // be able to be intercepted by a serviceworker isn't very useful, so this | 74 // be able to be intercepted by a serviceworker isn't very useful, so this |
69 // should share logic with ServiceWorkerRequestHandler and | 75 // should share logic with ServiceWorkerRequestHandler and |
70 // ForeignFetchRequestHandler to limit the requests for which serviceworker | 76 // ForeignFetchRequestHandler to limit the requests for which serviceworker |
71 // links are processed. | 77 // links are processed. |
72 | 78 |
73 GURL context_url = request->url(); | 79 GURL context_url = request->url(); |
74 GURL script_url = context_url.Resolve(url); | 80 GURL script_url = context_url.Resolve(url); |
75 auto scope_param = params.find("scope"); | 81 auto scope_param = params.find("scope"); |
(...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
147 const net::URLRequest* request, | 153 const net::URLRequest* request, |
148 const std::string& link_header, | 154 const std::string& link_header, |
149 ServiceWorkerContextWrapper* service_worker_context_for_testing) { | 155 ServiceWorkerContextWrapper* service_worker_context_for_testing) { |
150 for (const auto& value : link_header_util::SplitLinkHeader(link_header)) { | 156 for (const auto& value : link_header_util::SplitLinkHeader(link_header)) { |
151 ProcessLinkHeaderValueForRequest(request, value.first, value.second, | 157 ProcessLinkHeaderValueForRequest(request, value.first, value.second, |
152 service_worker_context_for_testing); | 158 service_worker_context_for_testing); |
153 } | 159 } |
154 } | 160 } |
155 | 161 |
156 } // namespace content | 162 } // namespace content |
OLD | NEW |