OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/webui/url_data_manager_backend.h" | 5 #include "content/browser/webui/url_data_manager_backend.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
50 | 50 |
51 namespace content { | 51 namespace content { |
52 | 52 |
53 namespace { | 53 namespace { |
54 | 54 |
55 const char kChromeURLContentSecurityPolicyHeaderBase[] = | 55 const char kChromeURLContentSecurityPolicyHeaderBase[] = |
56 "Content-Security-Policy: script-src chrome://resources 'self'"; | 56 "Content-Security-Policy: script-src chrome://resources 'self'"; |
57 | 57 |
58 const char kChromeURLXFrameOptionsHeader[] = "X-Frame-Options: DENY"; | 58 const char kChromeURLXFrameOptionsHeader[] = "X-Frame-Options: DENY"; |
59 static const char kNetworkErrorKey[] = "netError"; | 59 static const char kNetworkErrorKey[] = "netError"; |
60 const int kNoRenderProcessId = -1; | |
61 | 60 |
62 bool SchemeIsInSchemes(const std::string& scheme, | 61 bool SchemeIsInSchemes(const std::string& scheme, |
63 const std::vector<std::string>& schemes) { | 62 const std::vector<std::string>& schemes) { |
64 return std::find(schemes.begin(), schemes.end(), scheme) != schemes.end(); | 63 return std::find(schemes.begin(), schemes.end(), scheme) != schemes.end(); |
65 } | 64 } |
66 | 65 |
67 // Returns whether |url| passes some sanity checks and is a valid GURL. | 66 // Returns whether |url| passes some sanity checks and is a valid GURL. |
68 bool CheckURLIsValid(const GURL& url) { | 67 bool CheckURLIsValid(const GURL& url) { |
69 std::vector<std::string> additional_schemes; | 68 std::vector<std::string> additional_schemes; |
70 DCHECK(url.SchemeIs(kChromeDevToolsScheme) || url.SchemeIs(kChromeUIScheme) || | 69 DCHECK(url.SchemeIs(kChromeDevToolsScheme) || url.SchemeIs(kChromeUIScheme) || |
(...skipping 186 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
257 backend_(backend), | 256 backend_(backend), |
258 weak_factory_(this) { | 257 weak_factory_(this) { |
259 DCHECK(backend); | 258 DCHECK(backend); |
260 } | 259 } |
261 | 260 |
262 URLRequestChromeJob::~URLRequestChromeJob() { | 261 URLRequestChromeJob::~URLRequestChromeJob() { |
263 CHECK(!backend_->HasPendingJob(this)); | 262 CHECK(!backend_->HasPendingJob(this)); |
264 } | 263 } |
265 | 264 |
266 void URLRequestChromeJob::Start() { | 265 void URLRequestChromeJob::Start() { |
| 266 const GURL url = request_->url(); |
| 267 |
| 268 TRACE_EVENT_ASYNC_BEGIN1("browser", "DataManager:Request", this, "URL", |
| 269 url.possibly_invalid_spec()); |
| 270 |
267 int render_process_id, unused; | 271 int render_process_id, unused; |
268 bool is_renderer_request = ResourceRequestInfo::GetRenderFrameForRequest( | 272 bool is_renderer_request = ResourceRequestInfo::GetRenderFrameForRequest( |
269 request_, &render_process_id, &unused); | 273 request_, &render_process_id, &unused); |
270 if (!is_renderer_request) | 274 |
271 render_process_id = kNoRenderProcessId; | 275 if (!is_renderer_request) { |
| 276 StartAsync(true); |
| 277 return; |
| 278 } |
| 279 |
| 280 if (url.SchemeIs(kChromeUIScheme)) { |
| 281 // TODO(dbeam): it's not clear that partition checking is needed or used. It |
| 282 // was added for iframe-based signin (http://crbug.com/338127), which has |
| 283 // since changed. We should remove if no longer necessary. |
| 284 std::vector<std::string> hosts; |
| 285 hosts.push_back(content::kChromeUIResourcesHost); |
| 286 GetContentClient()-> |
| 287 browser()->GetAdditionalWebUIHostsToIgnoreParititionCheck(&hosts); |
| 288 if (std::find(hosts.begin(), hosts.end(), url.host()) != hosts.end()) { |
| 289 StartAsync(true); |
| 290 return; |
| 291 } |
| 292 } |
| 293 |
272 BrowserThread::PostTask( | 294 BrowserThread::PostTask( |
273 BrowserThread::UI, | 295 BrowserThread::UI, |
274 FROM_HERE, | 296 FROM_HERE, |
275 base::Bind(&URLRequestChromeJob::CheckStoragePartitionMatches, | 297 base::Bind(&URLRequestChromeJob::CheckStoragePartitionMatches, |
276 render_process_id, request_->url(), | 298 render_process_id, url, |
277 weak_factory_.GetWeakPtr())); | 299 weak_factory_.GetWeakPtr())); |
278 TRACE_EVENT_ASYNC_BEGIN1("browser", "DataManager:Request", this, "URL", | |
279 request_->url().possibly_invalid_spec()); | |
280 } | 300 } |
281 | 301 |
282 void URLRequestChromeJob::Kill() { | 302 void URLRequestChromeJob::Kill() { |
283 weak_factory_.InvalidateWeakPtrs(); | 303 weak_factory_.InvalidateWeakPtrs(); |
284 backend_->RemoveRequest(this); | 304 backend_->RemoveRequest(this); |
285 URLRequestJob::Kill(); | 305 URLRequestJob::Kill(); |
286 } | 306 } |
287 | 307 |
288 bool URLRequestChromeJob::GetMimeType(std::string* mime_type) const { | 308 bool URLRequestChromeJob::GetMimeType(std::string* mime_type) const { |
289 *mime_type = mime_type_; | 309 *mime_type = mime_type_; |
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
389 void URLRequestChromeJob::CheckStoragePartitionMatches( | 409 void URLRequestChromeJob::CheckStoragePartitionMatches( |
390 int render_process_id, | 410 int render_process_id, |
391 const GURL& url, | 411 const GURL& url, |
392 const base::WeakPtr<URLRequestChromeJob>& job) { | 412 const base::WeakPtr<URLRequestChromeJob>& job) { |
393 // The embedder could put some webui pages in separate storage partition. | 413 // The embedder could put some webui pages in separate storage partition. |
394 // RenderProcessHostImpl::IsSuitableHost would guard against top level pages | 414 // RenderProcessHostImpl::IsSuitableHost would guard against top level pages |
395 // being in the same process. We do an extra check to guard against an | 415 // being in the same process. We do an extra check to guard against an |
396 // exploited renderer pretending to add them as a subframe. We skip this check | 416 // exploited renderer pretending to add them as a subframe. We skip this check |
397 // for resources. | 417 // for resources. |
398 bool allowed = false; | 418 bool allowed = false; |
399 std::vector<std::string> hosts; | 419 RenderProcessHost* process = RenderProcessHost::FromID(render_process_id); |
400 GetContentClient()-> | 420 if (process) { |
401 browser()->GetAdditionalWebUIHostsToIgnoreParititionCheck(&hosts); | 421 StoragePartition* partition = BrowserContext::GetStoragePartitionForSite( |
402 if (url.SchemeIs(kChromeUIScheme) && | 422 process->GetBrowserContext(), url); |
403 (url.SchemeIs(kChromeUIScheme) || | 423 allowed = partition == process->GetStoragePartition(); |
404 std::find(hosts.begin(), hosts.end(), url.host()) != hosts.end())) { | |
405 allowed = true; | |
406 } else if (render_process_id == kNoRenderProcessId) { | |
407 // Request was not issued by renderer. | |
408 allowed = true; | |
409 } else { | |
410 RenderProcessHost* process = RenderProcessHost::FromID(render_process_id); | |
411 if (process) { | |
412 StoragePartition* partition = BrowserContext::GetStoragePartitionForSite( | |
413 process->GetBrowserContext(), url); | |
414 allowed = partition == process->GetStoragePartition(); | |
415 } | |
416 } | 424 } |
417 | |
418 BrowserThread::PostTask( | 425 BrowserThread::PostTask( |
419 BrowserThread::IO, | 426 BrowserThread::IO, |
420 FROM_HERE, | 427 FROM_HERE, |
421 base::Bind(&URLRequestChromeJob::StartAsync, job, allowed)); | 428 base::Bind(&URLRequestChromeJob::StartAsync, job, allowed)); |
422 } | 429 } |
423 | 430 |
424 void URLRequestChromeJob::StartAsync(bool allowed) { | 431 void URLRequestChromeJob::StartAsync(bool allowed) { |
425 if (!request_) | 432 if (!request_) |
426 return; | 433 return; |
427 | 434 |
(...skipping 368 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
796 | 803 |
797 } // namespace | 804 } // namespace |
798 | 805 |
799 net::URLRequestJobFactory::ProtocolHandler* | 806 net::URLRequestJobFactory::ProtocolHandler* |
800 CreateDevToolsProtocolHandler(content::ResourceContext* resource_context, | 807 CreateDevToolsProtocolHandler(content::ResourceContext* resource_context, |
801 bool is_incognito) { | 808 bool is_incognito) { |
802 return new DevToolsJobFactory(resource_context, is_incognito); | 809 return new DevToolsJobFactory(resource_context, is_incognito); |
803 } | 810 } |
804 | 811 |
805 } // namespace content | 812 } // namespace content |
OLD | NEW |