Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(224)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/renderer/render_frame_proxy.cc

Issue 1957783002: Replicate Content-Security-Policy into remote frame proxies. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addressed CR feedback from dcheng@. Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/renderer/render_frame_proxy.h ('k') | content/test/data/frame-src-self-and-b.html » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/renderer/render_frame_proxy.cc
diff --git a/content/renderer/render_frame_proxy.cc b/content/renderer/render_frame_proxy.cc
index 0b550b90874b74b6cd89dccea9a1fd1ca36a5890..5d3ec1de97c41e6e226cc347c4f420fe764859c7 100644
--- a/content/renderer/render_frame_proxy.cc
+++ b/content/renderer/render_frame_proxy.cc
@@ -11,6 +11,7 @@
#include "base/command_line.h"
#include "base/lazy_instance.h"
#include "content/child/webmessageportchannel_impl.h"
+#include "content/common/content_security_policy_header.h"
#include "content/common/frame_messages.h"
#include "content/common/frame_replication_state.h"
#include "content/common/input_messages.h"
@@ -224,6 +225,10 @@ void RenderFrameProxy::SetReplicatedState(const FrameReplicationState& state) {
state.should_enforce_strict_mixed_content_checking);
web_frame_->setReplicatedPotentiallyTrustworthyUniqueOrigin(
state.has_potentially_trustworthy_unique_origin);
+
+ web_frame_->resetReplicatedContentSecurityPolicy();
+ for (const auto& header : state.accumulated_csp_headers)
+ OnAddContentSecurityPolicy(header);
}
// Update the proxy's SecurityContext and FrameOwner with new sandbox flags
@@ -267,6 +272,10 @@ bool RenderFrameProxy::OnMessageReceived(const IPC::Message& msg) {
IPC_MESSAGE_HANDLER(FrameMsg_DidUpdateSandboxFlags, OnDidUpdateSandboxFlags)
IPC_MESSAGE_HANDLER(FrameMsg_DispatchLoad, OnDispatchLoad)
IPC_MESSAGE_HANDLER(FrameMsg_DidUpdateName, OnDidUpdateName)
+ IPC_MESSAGE_HANDLER(FrameMsg_AddContentSecurityPolicy,
+ OnAddContentSecurityPolicy)
+ IPC_MESSAGE_HANDLER(FrameMsg_ResetContentSecurityPolicy,
+ OnResetContentSecurityPolicy)
IPC_MESSAGE_HANDLER(FrameMsg_EnforceStrictMixedContentChecking,
OnEnforceStrictMixedContentChecking)
IPC_MESSAGE_HANDLER(FrameMsg_DidUpdateOrigin, OnDidUpdateOrigin)
@@ -337,6 +346,17 @@ void RenderFrameProxy::OnDidUpdateName(const std::string& name,
blink::WebString::fromUTF8(unique_name));
}
+void RenderFrameProxy::OnAddContentSecurityPolicy(
+ const ContentSecurityPolicyHeader& header) {
+ web_frame_->addReplicatedContentSecurityPolicyHeader(
+ blink::WebString::fromUTF8(header.header_value), header.type,
+ header.source);
+}
+
+void RenderFrameProxy::OnResetContentSecurityPolicy() {
+ web_frame_->resetReplicatedContentSecurityPolicy();
+}
+
void RenderFrameProxy::OnEnforceStrictMixedContentChecking(
bool should_enforce) {
web_frame_->setReplicatedShouldEnforceStrictMixedContentChecking(
« no previous file with comments | « content/renderer/render_frame_proxy.h ('k') | content/test/data/frame-src-self-and-b.html » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698