third_party/WebKit/Source/core/loader/FrameLoader.cpp - Issue 1957783002: Replicate Content-Security-Policy into remote frame proxies.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/WebKit/Source/core/loader/FrameLoader.cpp

Issue 1957783002: Replicate Content-Security-Policy into remote frame proxies. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Addressed most CR feedback from mkwst@, alexmos@ and dcheng@. Created 4 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp ('K') | « third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp ('k') | third_party/WebKit/Source/core/loader/FrameLoaderClient.h » ('j') | third_party/WebKit/public/web/WebFrameClient.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/Source/core/loader/FrameLoader.cpp

diff --git a/third_party/WebKit/Source/core/loader/FrameLoader.cpp b/third_party/WebKit/Source/core/loader/FrameLoader.cpp

index 9477c3ba4bbfa71438314cf301c5e5baa40c27d5..465bcac54165b85e7a008b417c29e5fb137c3e68 100644

--- a/third_party/WebKit/Source/core/loader/FrameLoader.cpp

+++ b/third_party/WebKit/Source/core/loader/FrameLoader.cpp

@@ -1346,14 +1346,22 @@ bool FrameLoader::shouldContinueForNavigationPolicy(const ResourceRequest& reque

// If we're loading content into a subframe, check against the parent's Content Security Policy

// and kill the load if that check fails, unless we should bypass the main world's CSP.

- // FIXME: CSP checks are broken for OOPI. For now, this policy always allows frames with a remote parent...

- if ((shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy) && (m_frame->deprecatedLocalOwner() && !m_frame->deprecatedLocalOwner()->document().contentSecurityPolicy()->allowChildFrameFromSource(request.url(), request.followedRedirect() ? ContentSecurityPolicy::DidRedirect : ContentSecurityPolicy::DidNotRedirect))) {

- // Fire a load event, as timing attacks would otherwise reveal that the

- // frame was blocked. This way, it looks like every other cross-origin

- // page load.

- m_frame->document()->enforceSandboxFlags(SandboxOrigin);

- m_frame->owner()->dispatchLoad();

- return false;

+ if (shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy) {

+ Frame* parentFrame = m_frame->tree().parent();

+ if (parentFrame) {

+ ContentSecurityPolicy* parentPolicy = parentFrame->securityContext()->contentSecurityPolicy();

+ ContentSecurityPolicy::RedirectStatus redirectStatus = request.followedRedirect()

+ ? ContentSecurityPolicy::DidRedirect

+ : ContentSecurityPolicy::DidNotRedirect;

+ if (!parentPolicy->allowChildFrameFromSource(request.url(), redirectStatus)) {

+ // Fire a load event, as timing attacks would otherwise reveal that the

+ // frame was blocked. This way, it looks like every other cross-origin

+ // page load.

+ m_frame->document()->enforceSandboxFlags(SandboxOrigin);

+ m_frame->owner()->dispatchLoad();

+ return false;

+ }

}

bool isFormSubmission = type == NavigationTypeFormSubmitted || type == NavigationTypeFormResubmitted;