| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/frame_host/ancestor_throttle.h" | 5 #include "content/browser/frame_host/ancestor_throttle.h" |
| 6 | 6 |
| 7 #include "base/strings/string_split.h" | 7 #include "base/strings/string_split.h" |
| 8 #include "base/strings/string_util.h" | 8 #include "base/strings/string_util.h" |
| 9 #include "base/strings/stringprintf.h" | 9 #include "base/strings/stringprintf.h" |
| 10 #include "content/browser/frame_host/frame_tree.h" | 10 #include "content/browser/frame_host/frame_tree.h" |
| 11 #include "content/browser/frame_host/frame_tree_node.h" | 11 #include "content/browser/frame_host/frame_tree_node.h" |
| 12 #include "content/browser/frame_host/navigation_handle_impl.h" | 12 #include "content/browser/frame_host/navigation_handle_impl.h" |
| 13 #include "content/public/browser/browser_thread.h" | 13 #include "content/public/browser/browser_thread.h" |
| 14 #include "content/public/browser/navigation_handle.h" | 14 #include "content/public/browser/navigation_handle.h" |
| 15 #include "content/public/browser/navigation_throttle.h" | 15 #include "content/public/browser/navigation_throttle.h" |
| 16 #include "content/public/common/console_message_level.h" | 16 #include "content/public/common/console_message_level.h" |
| 17 #include "net/http/http_content_disposition.h" |
| 17 #include "net/http/http_response_headers.h" | 18 #include "net/http/http_response_headers.h" |
| 18 #include "url/origin.h" | 19 #include "url/origin.h" |
| 19 | 20 |
| 20 namespace content { | 21 namespace content { |
| 21 | 22 |
| 22 // static | 23 // static |
| 23 std::unique_ptr<NavigationThrottle> AncestorThrottle::MaybeCreateThrottleFor( | 24 std::unique_ptr<NavigationThrottle> AncestorThrottle::MaybeCreateThrottleFor( |
| 24 NavigationHandle* handle) { | 25 NavigationHandle* handle) { |
| 25 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 26 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
| 26 | 27 |
| (...skipping 125 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 152 current = HeaderDisposition::INVALID; | 153 current = HeaderDisposition::INVALID; |
| 153 | 154 |
| 154 if (result == HeaderDisposition::NONE) | 155 if (result == HeaderDisposition::NONE) |
| 155 result = current; | 156 result = current; |
| 156 else if (result != current) | 157 else if (result != current) |
| 157 result = HeaderDisposition::CONFLICT; | 158 result = HeaderDisposition::CONFLICT; |
| 158 } | 159 } |
| 159 | 160 |
| 160 // If 'X-Frame-Options' would potentially block the response, check whether | 161 // If 'X-Frame-Options' would potentially block the response, check whether |
| 161 // the 'frame-ancestors' CSP directive should take effect instead. See | 162 // the 'frame-ancestors' CSP directive should take effect instead. See |
| 162 // https://www.w3.org/TR/CSP/#frame-ancestors-and-frame-options | 163 // https://www.w3.org/TR/CSP/#frame-ancestors-and-frame-options. Also, check |
| 164 // whether the response should be treated as a download. |
| 163 if (result != HeaderDisposition::NONE && | 165 if (result != HeaderDisposition::NONE && |
| 164 result != HeaderDisposition::ALLOWALL) { | 166 result != HeaderDisposition::ALLOWALL) { |
| 165 iter = 0; | 167 iter = 0; |
| 166 value = std::string(); | 168 value = std::string(); |
| 167 while (headers->EnumerateHeader(&iter, "content-security-policy", &value)) { | 169 while (headers->EnumerateHeader(&iter, "content-security-policy", &value)) { |
| 168 // TODO(mkwst): 'frame-ancestors' is currently handled in Blink. We should | 170 // TODO(mkwst): 'frame-ancestors' is currently handled in Blink. We should |
| 169 // handle it here instead. Until then, don't block the request, and let | 171 // handle it here instead. Until then, don't block the request, and let |
| 170 // Blink handle it. https://crbug.com/555418 | 172 // Blink handle it. https://crbug.com/555418 |
| 171 std::vector<std::string> tokens = base::SplitString( | 173 std::vector<std::string> tokens = base::SplitString( |
| 172 value, ";", base::TRIM_WHITESPACE, base::SPLIT_WANT_NONEMPTY); | 174 value, ";", base::TRIM_WHITESPACE, base::SPLIT_WANT_NONEMPTY); |
| 173 if (std::count_if(tokens.begin(), tokens.end(), [](std::string token) { | 175 if (std::count_if(tokens.begin(), tokens.end(), [](std::string token) { |
| 174 // The trailing " " is intentional; we'd otherwise match | 176 // The trailing " " is intentional; we'd otherwise match |
| 175 // "frame-ancestors-is-not-this-directive". | 177 // "frame-ancestors-is-not-this-directive". |
| 176 return base::StartsWith(token, "frame-ancestors ", | 178 return base::StartsWith(token, "frame-ancestors ", |
| 177 base::CompareCase::INSENSITIVE_ASCII); | 179 base::CompareCase::INSENSITIVE_ASCII); |
| 178 })) { | 180 })) { |
| 179 return HeaderDisposition::BYPASS; | 181 return HeaderDisposition::BYPASS; |
| 180 } | 182 } |
| 181 } | 183 } |
| 184 |
| 185 iter = 0; |
| 186 value = std::string(); |
| 187 while (headers->EnumerateHeader(&iter, "content-disposition", &value)) { |
| 188 if (net::HttpContentDisposition(value, std::string()).is_attachment()) |
| 189 return HeaderDisposition::BYPASS; |
| 190 } |
| 182 } | 191 } |
| 183 return result; | 192 return result; |
| 184 } | 193 } |
| 185 | 194 |
| 186 } // namespace content | 195 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1969743002:
XFO: Bypass ancestor checks for 'Content-Disposition: attachment; ...' (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master