| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/frame_host/navigation_handle_impl.h" | 5 #include "content/browser/frame_host/navigation_handle_impl.h" |
| 6 | 6 |
| 7 #include <utility> | 7 #include <utility> |
| 8 | 8 |
| 9 #include "content/browser/frame_host/ancestor_throttle.h" | 9 #include "content/browser/frame_host/ancestor_throttle.h" |
| 10 #include "content/browser/frame_host/frame_tree_node.h" | 10 #include "content/browser/frame_host/frame_tree_node.h" |
| (...skipping 10 matching lines...) Expand all Loading... |
| 21 namespace content { | 21 namespace content { |
| 22 | 22 |
| 23 namespace { | 23 namespace { |
| 24 | 24 |
| 25 void UpdateThrottleCheckResult( | 25 void UpdateThrottleCheckResult( |
| 26 NavigationThrottle::ThrottleCheckResult* to_update, | 26 NavigationThrottle::ThrottleCheckResult* to_update, |
| 27 NavigationThrottle::ThrottleCheckResult result) { | 27 NavigationThrottle::ThrottleCheckResult result) { |
| 28 *to_update = result; | 28 *to_update = result; |
| 29 } | 29 } |
| 30 | 30 |
| 31 void ResetContentSecurityPolicyFromHttpHeaders( |
| 32 FrameTreeNode* frame_tree_node, |
| 33 const scoped_refptr<net::HttpResponseHeaders>& response_headers) { |
| 34 frame_tree_node->ResetContentSecurityPolicy(); |
| 35 |
| 36 ContentSecurityPolicyHeader header; |
| 37 header.source = blink::WebContentSecurityPolicySourceHTTP; |
| 38 if (response_headers->GetNormalizedHeader("Content-Security-Policy", |
| 39 &header.header_value)) { |
| 40 header.type = blink::WebContentSecurityPolicyTypeEnforce; |
| 41 frame_tree_node->AddContentSecurityPolicy(header); |
| 42 } |
| 43 if (response_headers->GetNormalizedHeader( |
| 44 "Content-Security-Policy-Report-Only", &header.header_value)) { |
| 45 header.type = blink::WebContentSecurityPolicyTypeReport; |
| 46 frame_tree_node->AddContentSecurityPolicy(header); |
| 47 } |
| 48 } |
| 49 |
| 31 } // namespace | 50 } // namespace |
| 32 | 51 |
| 33 // static | 52 // static |
| 34 std::unique_ptr<NavigationHandleImpl> NavigationHandleImpl::Create( | 53 std::unique_ptr<NavigationHandleImpl> NavigationHandleImpl::Create( |
| 35 const GURL& url, | 54 const GURL& url, |
| 36 FrameTreeNode* frame_tree_node, | 55 FrameTreeNode* frame_tree_node, |
| 37 bool is_synchronous, | 56 bool is_synchronous, |
| 38 bool is_srcdoc, | 57 bool is_srcdoc, |
| 39 const base::TimeTicks& navigation_start, | 58 const base::TimeTicks& navigation_start, |
| 40 int pending_nav_entry_id) { | 59 int pending_nav_entry_id) { |
| (...skipping 313 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 354 DCHECK(!render_frame_host_ || render_frame_host_ == render_frame_host); | 373 DCHECK(!render_frame_host_ || render_frame_host_ == render_frame_host); |
| 355 render_frame_host_ = render_frame_host; | 374 render_frame_host_ = render_frame_host; |
| 356 response_headers_ = response_headers; | 375 response_headers_ = response_headers; |
| 357 state_ = WILL_PROCESS_RESPONSE; | 376 state_ = WILL_PROCESS_RESPONSE; |
| 358 complete_callback_ = callback; | 377 complete_callback_ = callback; |
| 359 | 378 |
| 360 // Notify each throttle of the response. | 379 // Notify each throttle of the response. |
| 361 NavigationThrottle::ThrottleCheckResult result = CheckWillProcessResponse(); | 380 NavigationThrottle::ThrottleCheckResult result = CheckWillProcessResponse(); |
| 362 | 381 |
| 363 // If the navigation is about to proceed, then it's ready to commit. | 382 // If the navigation is about to proceed, then it's ready to commit. |
| 364 if (result == NavigationThrottle::PROCEED) | 383 if (result == NavigationThrottle::PROCEED) { |
| 365 ReadyToCommitNavigation(render_frame_host); | 384 ReadyToCommitNavigation(render_frame_host); |
| 385 ResetContentSecurityPolicyFromHttpHeaders( |
| 386 render_frame_host->frame_tree_node(), response_headers); |
| 387 } |
| 366 | 388 |
| 367 // If the navigation is not deferred, run the callback. | 389 // If the navigation is not deferred, run the callback. |
| 368 if (result != NavigationThrottle::DEFER) | 390 if (result != NavigationThrottle::DEFER) |
| 369 RunCompleteCallback(result); | 391 RunCompleteCallback(result); |
| 370 } | 392 } |
| 371 | 393 |
| 372 void NavigationHandleImpl::ReadyToCommitNavigation( | 394 void NavigationHandleImpl::ReadyToCommitNavigation( |
| 373 RenderFrameHostImpl* render_frame_host) { | 395 RenderFrameHostImpl* render_frame_host) { |
| 374 DCHECK(!render_frame_host_ || render_frame_host_ == render_frame_host); | 396 DCHECK(!render_frame_host_ || render_frame_host_ == render_frame_host); |
| 375 render_frame_host_ = render_frame_host; | 397 render_frame_host_ = render_frame_host; |
| (...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 502 complete_callback_.Reset(); | 524 complete_callback_.Reset(); |
| 503 | 525 |
| 504 if (!callback.is_null()) | 526 if (!callback.is_null()) |
| 505 callback.Run(result); | 527 callback.Run(result); |
| 506 | 528 |
| 507 // No code after running the callback, as it might have resulted in our | 529 // No code after running the callback, as it might have resulted in our |
| 508 // destruction. | 530 // destruction. |
| 509 } | 531 } |
| 510 | 532 |
| 511 } // namespace content | 533 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1957783002:
Replicate Content-Security-Policy into remote frame proxies. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master