OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/webui/url_data_manager_backend.h" | 5 #include "content/browser/webui/url_data_manager_backend.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
50 | 50 |
51 namespace content { | 51 namespace content { |
52 | 52 |
53 namespace { | 53 namespace { |
54 | 54 |
55 const char kChromeURLContentSecurityPolicyHeaderBase[] = | 55 const char kChromeURLContentSecurityPolicyHeaderBase[] = |
56 "Content-Security-Policy: script-src chrome://resources 'self'"; | 56 "Content-Security-Policy: script-src chrome://resources 'self'"; |
57 | 57 |
58 const char kChromeURLXFrameOptionsHeader[] = "X-Frame-Options: DENY"; | 58 const char kChromeURLXFrameOptionsHeader[] = "X-Frame-Options: DENY"; |
59 static const char kNetworkErrorKey[] = "netError"; | 59 static const char kNetworkErrorKey[] = "netError"; |
60 const int kNoRenderProcessId = -1; | |
61 | 60 |
62 bool SchemeIsInSchemes(const std::string& scheme, | 61 bool SchemeIsInSchemes(const std::string& scheme, |
63 const std::vector<std::string>& schemes) { | 62 const std::vector<std::string>& schemes) { |
64 return std::find(schemes.begin(), schemes.end(), scheme) != schemes.end(); | 63 return std::find(schemes.begin(), schemes.end(), scheme) != schemes.end(); |
65 } | 64 } |
66 | 65 |
67 // Returns whether |url| passes some sanity checks and is a valid GURL. | 66 // Returns whether |url| passes some sanity checks and is a valid GURL. |
68 bool CheckURLIsValid(const GURL& url) { | 67 bool CheckURLIsValid(const GURL& url) { |
69 std::vector<std::string> additional_schemes; | 68 std::vector<std::string> additional_schemes; |
70 DCHECK(url.SchemeIs(kChromeDevToolsScheme) || url.SchemeIs(kChromeUIScheme) || | 69 DCHECK(url.SchemeIs(kChromeDevToolsScheme) || url.SchemeIs(kChromeUIScheme) || |
(...skipping 189 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
260 } | 259 } |
261 | 260 |
262 URLRequestChromeJob::~URLRequestChromeJob() { | 261 URLRequestChromeJob::~URLRequestChromeJob() { |
263 CHECK(!backend_->HasPendingJob(this)); | 262 CHECK(!backend_->HasPendingJob(this)); |
264 } | 263 } |
265 | 264 |
266 void URLRequestChromeJob::Start() { | 265 void URLRequestChromeJob::Start() { |
267 int render_process_id, unused; | 266 int render_process_id, unused; |
268 bool is_renderer_request = ResourceRequestInfo::GetRenderFrameForRequest( | 267 bool is_renderer_request = ResourceRequestInfo::GetRenderFrameForRequest( |
269 request_, &render_process_id, &unused); | 268 request_, &render_process_id, &unused); |
270 if (!is_renderer_request) | 269 |
271 render_process_id = kNoRenderProcessId; | 270 if (!is_renderer_request) { |
271 StartAsync(true); | |
272 return; | |
273 } | |
274 | |
275 const GURL url = request_->url(); | |
276 | |
277 if (url.SchemeIs(kChromeUIScheme)) { | |
278 std::vector<std::string> hosts; | |
279 hosts.push_back(content::kChromeUIResourcesHost); | |
Dan Beam
2016/05/19 03:57:43
fixes this issue: https://codereview.chromium.org/
| |
280 GetContentClient()-> | |
281 browser()->GetAdditionalWebUIHostsToIgnoreParititionCheck(&hosts); | |
282 if (std::find(hosts.begin(), hosts.end(), url.host()) != hosts.end()) { | |
283 StartAsync(true); | |
284 return; | |
285 } | |
286 } | |
287 | |
272 BrowserThread::PostTask( | 288 BrowserThread::PostTask( |
273 BrowserThread::UI, | 289 BrowserThread::UI, |
274 FROM_HERE, | 290 FROM_HERE, |
275 base::Bind(&URLRequestChromeJob::CheckStoragePartitionMatches, | 291 base::Bind(&URLRequestChromeJob::CheckStoragePartitionMatches, |
276 render_process_id, request_->url(), | 292 render_process_id, url, |
277 weak_factory_.GetWeakPtr())); | 293 weak_factory_.GetWeakPtr())); |
294 | |
278 TRACE_EVENT_ASYNC_BEGIN1("browser", "DataManager:Request", this, "URL", | 295 TRACE_EVENT_ASYNC_BEGIN1("browser", "DataManager:Request", this, "URL", |
Dan Beam
2016/05/19 06:46:26
btw, I'll move this to the top of the method tomor
| |
279 request_->url().possibly_invalid_spec()); | 296 url.possibly_invalid_spec()); |
280 } | 297 } |
281 | 298 |
282 void URLRequestChromeJob::Kill() { | 299 void URLRequestChromeJob::Kill() { |
283 weak_factory_.InvalidateWeakPtrs(); | 300 weak_factory_.InvalidateWeakPtrs(); |
284 backend_->RemoveRequest(this); | 301 backend_->RemoveRequest(this); |
285 URLRequestJob::Kill(); | 302 URLRequestJob::Kill(); |
286 } | 303 } |
287 | 304 |
288 bool URLRequestChromeJob::GetMimeType(std::string* mime_type) const { | 305 bool URLRequestChromeJob::GetMimeType(std::string* mime_type) const { |
289 *mime_type = mime_type_; | 306 *mime_type = mime_type_; |
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
389 void URLRequestChromeJob::CheckStoragePartitionMatches( | 406 void URLRequestChromeJob::CheckStoragePartitionMatches( |
390 int render_process_id, | 407 int render_process_id, |
391 const GURL& url, | 408 const GURL& url, |
392 const base::WeakPtr<URLRequestChromeJob>& job) { | 409 const base::WeakPtr<URLRequestChromeJob>& job) { |
393 // The embedder could put some webui pages in separate storage partition. | 410 // The embedder could put some webui pages in separate storage partition. |
394 // RenderProcessHostImpl::IsSuitableHost would guard against top level pages | 411 // RenderProcessHostImpl::IsSuitableHost would guard against top level pages |
395 // being in the same process. We do an extra check to guard against an | 412 // being in the same process. We do an extra check to guard against an |
396 // exploited renderer pretending to add them as a subframe. We skip this check | 413 // exploited renderer pretending to add them as a subframe. We skip this check |
397 // for resources. | 414 // for resources. |
398 bool allowed = false; | 415 bool allowed = false; |
399 std::vector<std::string> hosts; | 416 RenderProcessHost* process = RenderProcessHost::FromID(render_process_id); |
400 GetContentClient()-> | 417 if (process) { |
401 browser()->GetAdditionalWebUIHostsToIgnoreParititionCheck(&hosts); | 418 StoragePartition* partition = BrowserContext::GetStoragePartitionForSite( |
402 if (url.SchemeIs(kChromeUIScheme) && | 419 process->GetBrowserContext(), url); |
403 (url.SchemeIs(kChromeUIScheme) || | 420 allowed = partition == process->GetStoragePartition(); |
404 std::find(hosts.begin(), hosts.end(), url.host()) != hosts.end())) { | |
405 allowed = true; | |
406 } else if (render_process_id == kNoRenderProcessId) { | |
407 // Request was not issued by renderer. | |
408 allowed = true; | |
409 } else { | |
410 RenderProcessHost* process = RenderProcessHost::FromID(render_process_id); | |
411 if (process) { | |
412 StoragePartition* partition = BrowserContext::GetStoragePartitionForSite( | |
413 process->GetBrowserContext(), url); | |
414 allowed = partition == process->GetStoragePartition(); | |
415 } | |
416 } | 421 } |
417 | |
418 BrowserThread::PostTask( | 422 BrowserThread::PostTask( |
419 BrowserThread::IO, | 423 BrowserThread::IO, |
420 FROM_HERE, | 424 FROM_HERE, |
421 base::Bind(&URLRequestChromeJob::StartAsync, job, allowed)); | 425 base::Bind(&URLRequestChromeJob::StartAsync, job, allowed)); |
422 } | 426 } |
423 | 427 |
424 void URLRequestChromeJob::StartAsync(bool allowed) { | 428 void URLRequestChromeJob::StartAsync(bool allowed) { |
425 if (!request_) | 429 if (!request_) |
426 return; | 430 return; |
427 | 431 |
(...skipping 368 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
796 | 800 |
797 } // namespace | 801 } // namespace |
798 | 802 |
799 net::URLRequestJobFactory::ProtocolHandler* | 803 net::URLRequestJobFactory::ProtocolHandler* |
800 CreateDevToolsProtocolHandler(content::ResourceContext* resource_context, | 804 CreateDevToolsProtocolHandler(content::ResourceContext* resource_context, |
801 bool is_incognito) { | 805 bool is_incognito) { |
802 return new DevToolsJobFactory(resource_context, is_incognito); | 806 return new DevToolsJobFactory(resource_context, is_incognito); |
803 } | 807 } |
804 | 808 |
805 } // namespace content | 809 } // namespace content |
OLD | NEW |