Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(131)

Side by Side Diff: content/browser/frame_host/navigator_impl.cc

Issue 1957783002: Replicate Content-Security-Policy into remote frame proxies. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addressed CR feedback from dcheng@. Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/frame_host/navigator_impl.h" 5 #include "content/browser/frame_host/navigator_impl.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/metrics/histogram.h" 9 #include "base/metrics/histogram.h"
10 #include "base/time/time.h" 10 #include "base/time/time.h"
(...skipping 497 matching lines...) Expand 10 before | Expand all | Expand 10 after
508 // message, which is sent inside DidNavigateFrame(). SwapOut needs the 508 // message, which is sent inside DidNavigateFrame(). SwapOut needs the
509 // origin because it creates a RenderFrameProxy that needs this to initialize 509 // origin because it creates a RenderFrameProxy that needs this to initialize
510 // its security context. This origin will also be sent to RenderFrameProxies 510 // its security context. This origin will also be sent to RenderFrameProxies
511 // created via ViewMsg_New and FrameMsg_NewFrameProxy. 511 // created via ViewMsg_New and FrameMsg_NewFrameProxy.
512 render_frame_host->frame_tree_node()->SetCurrentOrigin( 512 render_frame_host->frame_tree_node()->SetCurrentOrigin(
513 params.origin, params.has_potentially_trustworthy_unique_origin); 513 params.origin, params.has_potentially_trustworthy_unique_origin);
514 514
515 render_frame_host->frame_tree_node()->SetEnforceStrictMixedContentChecking( 515 render_frame_host->frame_tree_node()->SetEnforceStrictMixedContentChecking(
516 params.should_enforce_strict_mixed_content_checking); 516 params.should_enforce_strict_mixed_content_checking);
517 517
518 // Navigating to a new location means a new, fresh set of http headers and/or
519 // <meta> elements - we need to reset CSP policy to an empty set.
520 if (!is_navigation_within_page)
521 render_frame_host->frame_tree_node()->ResetContentSecurityPolicy();
522
518 // When using --site-per-process, we notify the RFHM for all navigations, 523 // When using --site-per-process, we notify the RFHM for all navigations,
519 // not just main frame navigations. 524 // not just main frame navigations.
520 if (oopifs_possible) { 525 if (oopifs_possible) {
521 FrameTreeNode* frame = render_frame_host->frame_tree_node(); 526 FrameTreeNode* frame = render_frame_host->frame_tree_node();
522 frame->render_manager()->DidNavigateFrame( 527 frame->render_manager()->DidNavigateFrame(
523 render_frame_host, params.gesture == NavigationGestureUser); 528 render_frame_host, params.gesture == NavigationGestureUser);
524 } 529 }
525 530
526 // Update the site of the SiteInstance if it doesn't have one yet, unless 531 // Update the site of the SiteInstance if it doesn't have one yet, unless
527 // assigning a site is not necessary for this URL. In that case, the 532 // assigning a site is not necessary for this URL. In that case, the
(...skipping 619 matching lines...) Expand 10 before | Expand all | Expand 10 after
1147 if (pending_entry != controller_->GetVisibleEntry() || 1152 if (pending_entry != controller_->GetVisibleEntry() ||
1148 !should_preserve_entry) { 1153 !should_preserve_entry) {
1149 controller_->DiscardPendingEntry(true); 1154 controller_->DiscardPendingEntry(true);
1150 1155
1151 // Also force the UI to refresh. 1156 // Also force the UI to refresh.
1152 controller_->delegate()->NotifyNavigationStateChanged(INVALIDATE_TYPE_URL); 1157 controller_->delegate()->NotifyNavigationStateChanged(INVALIDATE_TYPE_URL);
1153 } 1158 }
1154 } 1159 }
1155 1160
1156 } // namespace content 1161 } // namespace content
OLDNEW
« no previous file with comments | « content/browser/frame_host/frame_tree_node.cc ('k') | content/browser/frame_host/render_frame_host_impl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698