Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(92)

Side by Side Diff: content/renderer/render_frame_proxy.cc

Issue 1957783002: Replicate Content-Security-Policy into remote frame proxies. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: s/title.html/title1.html/ Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/renderer/render_frame_proxy.h" 5 #include "content/renderer/render_frame_proxy.h"
6 6
7 #include <stdint.h> 7 #include <stdint.h>
8 #include <map> 8 #include <map>
9 #include <utility> 9 #include <utility>
10 10
11 #include "base/command_line.h" 11 #include "base/command_line.h"
12 #include "base/lazy_instance.h" 12 #include "base/lazy_instance.h"
13 #include "content/child/webmessageportchannel_impl.h" 13 #include "content/child/webmessageportchannel_impl.h"
14 #include "content/common/content_security_policy_header.h"
14 #include "content/common/frame_messages.h" 15 #include "content/common/frame_messages.h"
15 #include "content/common/frame_replication_state.h" 16 #include "content/common/frame_replication_state.h"
16 #include "content/common/input_messages.h" 17 #include "content/common/input_messages.h"
17 #include "content/common/page_messages.h" 18 #include "content/common/page_messages.h"
18 #include "content/common/site_isolation_policy.h" 19 #include "content/common/site_isolation_policy.h"
19 #include "content/common/swapped_out_messages.h" 20 #include "content/common/swapped_out_messages.h"
20 #include "content/common/view_messages.h" 21 #include "content/common/view_messages.h"
21 #include "content/renderer/child_frame_compositing_helper.h" 22 #include "content/renderer/child_frame_compositing_helper.h"
22 #include "content/renderer/render_frame_impl.h" 23 #include "content/renderer/render_frame_impl.h"
23 #include "content/renderer/render_thread_impl.h" 24 #include "content/renderer/render_thread_impl.h"
(...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after
217 void RenderFrameProxy::SetReplicatedState(const FrameReplicationState& state) { 218 void RenderFrameProxy::SetReplicatedState(const FrameReplicationState& state) {
218 DCHECK(web_frame_); 219 DCHECK(web_frame_);
219 web_frame_->setReplicatedOrigin(state.origin); 220 web_frame_->setReplicatedOrigin(state.origin);
220 web_frame_->setReplicatedSandboxFlags(state.sandbox_flags); 221 web_frame_->setReplicatedSandboxFlags(state.sandbox_flags);
221 web_frame_->setReplicatedName(blink::WebString::fromUTF8(state.name), 222 web_frame_->setReplicatedName(blink::WebString::fromUTF8(state.name),
222 blink::WebString::fromUTF8(state.unique_name)); 223 blink::WebString::fromUTF8(state.unique_name));
223 web_frame_->setReplicatedShouldEnforceStrictMixedContentChecking( 224 web_frame_->setReplicatedShouldEnforceStrictMixedContentChecking(
224 state.should_enforce_strict_mixed_content_checking); 225 state.should_enforce_strict_mixed_content_checking);
225 web_frame_->setReplicatedPotentiallyTrustworthyUniqueOrigin( 226 web_frame_->setReplicatedPotentiallyTrustworthyUniqueOrigin(
226 state.has_potentially_trustworthy_unique_origin); 227 state.has_potentially_trustworthy_unique_origin);
228
229 web_frame_->resetReplicatedContentSecurityPolicy();
230 for (const auto& header : state.accumulated_csp_headers)
231 OnAddContentSecurityPolicy(header);
227 } 232 }
228 233
229 // Update the proxy's SecurityContext and FrameOwner with new sandbox flags 234 // Update the proxy's SecurityContext and FrameOwner with new sandbox flags
230 // that were set by its parent in another process. 235 // that were set by its parent in another process.
231 // 236 //
232 // Normally, when a frame's sandbox attribute is changed dynamically, the 237 // Normally, when a frame's sandbox attribute is changed dynamically, the
233 // frame's FrameOwner is updated with the new sandbox flags right away, while 238 // frame's FrameOwner is updated with the new sandbox flags right away, while
234 // the frame's SecurityContext is updated when the frame is navigated and the 239 // the frame's SecurityContext is updated when the frame is navigated and the
235 // new sandbox flags take effect. 240 // new sandbox flags take effect.
236 // 241 //
(...skipping 23 matching lines...) Expand all
260 IPC_BEGIN_MESSAGE_MAP(RenderFrameProxy, msg) 265 IPC_BEGIN_MESSAGE_MAP(RenderFrameProxy, msg)
261 IPC_MESSAGE_HANDLER(FrameMsg_DeleteProxy, OnDeleteProxy) 266 IPC_MESSAGE_HANDLER(FrameMsg_DeleteProxy, OnDeleteProxy)
262 IPC_MESSAGE_HANDLER(FrameMsg_ChildFrameProcessGone, OnChildFrameProcessGone) 267 IPC_MESSAGE_HANDLER(FrameMsg_ChildFrameProcessGone, OnChildFrameProcessGone)
263 IPC_MESSAGE_HANDLER(FrameMsg_SetChildFrameSurface, OnSetChildFrameSurface) 268 IPC_MESSAGE_HANDLER(FrameMsg_SetChildFrameSurface, OnSetChildFrameSurface)
264 IPC_MESSAGE_HANDLER(FrameMsg_UpdateOpener, OnUpdateOpener) 269 IPC_MESSAGE_HANDLER(FrameMsg_UpdateOpener, OnUpdateOpener)
265 IPC_MESSAGE_HANDLER(FrameMsg_DidStartLoading, OnDidStartLoading) 270 IPC_MESSAGE_HANDLER(FrameMsg_DidStartLoading, OnDidStartLoading)
266 IPC_MESSAGE_HANDLER(FrameMsg_DidStopLoading, OnDidStopLoading) 271 IPC_MESSAGE_HANDLER(FrameMsg_DidStopLoading, OnDidStopLoading)
267 IPC_MESSAGE_HANDLER(FrameMsg_DidUpdateSandboxFlags, OnDidUpdateSandboxFlags) 272 IPC_MESSAGE_HANDLER(FrameMsg_DidUpdateSandboxFlags, OnDidUpdateSandboxFlags)
268 IPC_MESSAGE_HANDLER(FrameMsg_DispatchLoad, OnDispatchLoad) 273 IPC_MESSAGE_HANDLER(FrameMsg_DispatchLoad, OnDispatchLoad)
269 IPC_MESSAGE_HANDLER(FrameMsg_DidUpdateName, OnDidUpdateName) 274 IPC_MESSAGE_HANDLER(FrameMsg_DidUpdateName, OnDidUpdateName)
275 IPC_MESSAGE_HANDLER(FrameMsg_AddContentSecurityPolicy,
276 OnAddContentSecurityPolicy)
277 IPC_MESSAGE_HANDLER(FrameMsg_ResetContentSecurityPolicy,
278 OnResetContentSecurityPolicy)
270 IPC_MESSAGE_HANDLER(FrameMsg_EnforceStrictMixedContentChecking, 279 IPC_MESSAGE_HANDLER(FrameMsg_EnforceStrictMixedContentChecking,
271 OnEnforceStrictMixedContentChecking) 280 OnEnforceStrictMixedContentChecking)
272 IPC_MESSAGE_HANDLER(FrameMsg_DidUpdateOrigin, OnDidUpdateOrigin) 281 IPC_MESSAGE_HANDLER(FrameMsg_DidUpdateOrigin, OnDidUpdateOrigin)
273 IPC_MESSAGE_HANDLER(InputMsg_SetFocus, OnSetPageFocus) 282 IPC_MESSAGE_HANDLER(InputMsg_SetFocus, OnSetPageFocus)
274 IPC_MESSAGE_HANDLER(FrameMsg_SetFocusedFrame, OnSetFocusedFrame) 283 IPC_MESSAGE_HANDLER(FrameMsg_SetFocusedFrame, OnSetFocusedFrame)
275 IPC_MESSAGE_UNHANDLED(handled = false) 284 IPC_MESSAGE_UNHANDLED(handled = false)
276 IPC_END_MESSAGE_MAP() 285 IPC_END_MESSAGE_MAP()
277 286
278 // Note: If |handled| is true, |this| may have been deleted. 287 // Note: If |handled| is true, |this| may have been deleted.
279 return handled; 288 return handled;
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after
330 void RenderFrameProxy::OnDispatchLoad() { 339 void RenderFrameProxy::OnDispatchLoad() {
331 web_frame_->DispatchLoadEventForFrameOwner(); 340 web_frame_->DispatchLoadEventForFrameOwner();
332 } 341 }
333 342
334 void RenderFrameProxy::OnDidUpdateName(const std::string& name, 343 void RenderFrameProxy::OnDidUpdateName(const std::string& name,
335 const std::string& unique_name) { 344 const std::string& unique_name) {
336 web_frame_->setReplicatedName(blink::WebString::fromUTF8(name), 345 web_frame_->setReplicatedName(blink::WebString::fromUTF8(name),
337 blink::WebString::fromUTF8(unique_name)); 346 blink::WebString::fromUTF8(unique_name));
338 } 347 }
339 348
349 void RenderFrameProxy::OnAddContentSecurityPolicy(
350 const ContentSecurityPolicyHeader& header) {
351 web_frame_->addReplicatedContentSecurityPolicyHeader(
352 blink::WebString::fromUTF8(header.header_value), header.type,
353 header.source);
354 }
355
356 void RenderFrameProxy::OnResetContentSecurityPolicy() {
357 web_frame_->resetReplicatedContentSecurityPolicy();
358 }
359
340 void RenderFrameProxy::OnEnforceStrictMixedContentChecking( 360 void RenderFrameProxy::OnEnforceStrictMixedContentChecking(
341 bool should_enforce) { 361 bool should_enforce) {
342 web_frame_->setReplicatedShouldEnforceStrictMixedContentChecking( 362 web_frame_->setReplicatedShouldEnforceStrictMixedContentChecking(
343 should_enforce); 363 should_enforce);
344 } 364 }
345 365
346 void RenderFrameProxy::OnDidUpdateOrigin( 366 void RenderFrameProxy::OnDidUpdateOrigin(
347 const url::Origin& origin, 367 const url::Origin& origin,
348 bool is_potentially_trustworthy_unique_origin) { 368 bool is_potentially_trustworthy_unique_origin) {
349 web_frame_->setReplicatedOrigin(origin); 369 web_frame_->setReplicatedOrigin(origin);
(...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after
469 blink::WebLocalFrame* source) { 489 blink::WebLocalFrame* source) {
470 int source_routing_id = RenderFrameImpl::FromWebFrame(source)->GetRoutingID(); 490 int source_routing_id = RenderFrameImpl::FromWebFrame(source)->GetRoutingID();
471 Send(new FrameHostMsg_AdvanceFocus(routing_id_, type, source_routing_id)); 491 Send(new FrameHostMsg_AdvanceFocus(routing_id_, type, source_routing_id));
472 } 492 }
473 493
474 void RenderFrameProxy::frameFocused() { 494 void RenderFrameProxy::frameFocused() {
475 Send(new FrameHostMsg_FrameFocused(routing_id_)); 495 Send(new FrameHostMsg_FrameFocused(routing_id_));
476 } 496 }
477 497
478 } // namespace 498 } // namespace
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698