content/browser/service_worker/service_worker_provider_host.h - Issue 2009453002: service worker: Don't control a subframe of an insecure context

Unified Diff: content/browser/service_worker/service_worker_provider_host.h

Issue 2009453002: service worker: Don't control a subframe of an insecure context (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: review comments Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« content/browser/service_worker/service_worker_context_core.cc ('K') | « content/browser/service_worker/service_worker_job_unittest.cc ('k') | content/browser/service_worker/service_worker_provider_host.cc » ('j') | content/public/browser/content_browser_client.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: content/browser/service_worker/service_worker_provider_host.h

diff --git a/content/browser/service_worker/service_worker_provider_host.h b/content/browser/service_worker/service_worker_provider_host.h

index 0372b11dded2c624f8e78d0a17c2be358d9d0911..d04c7bd835453cc04db241b51d4bcb8ca7ce1ce3 100644

--- a/content/browser/service_worker/service_worker_provider_host.h

+++ b/content/browser/service_worker/service_worker_provider_host.h

@@ -72,6 +72,7 @@ class CONTENT_EXPORT ServiceWorkerProviderHost

int route_id,

int provider_id,

ServiceWorkerProviderType provider_type,

+ bool is_parent_frame_secure,

base::WeakPtr<ServiceWorkerContextCore> context,

ServiceWorkerDispatcherHost* dispatcher_host);

virtual ~ServiceWorkerProviderHost();

@@ -82,6 +83,21 @@ class CONTENT_EXPORT ServiceWorkerProviderHost

int frame_id() const;

int route_id() const { return route_id_; }

+ bool is_parent_frame_secure() const { return is_parent_frame_secure_; }

+ void set_parent_frame_secure(bool is_parent_frame_secure) {

+ is_parent_frame_secure_ = is_parent_frame_secure;

horo 2016/06/03 09:54:45 Please add DCHECK() to ensure that set_parent_fram

falken 2016/06/03 12:10:45 Done. I ended up making the bool an enum, which is

+ }

+ // Returns whether this provider host is secure enough to have a service

+ // worker controller.

+ // Analogous to Blink's Document::isSecureContext. Because of how service

+ // worker intercepts main resource requests, this check must be done

+ // browser-side once the URL is known (see comments in

+ // ServiceWorkerNetworkProvider::CreateForNavigation). This function uses

+ // |document_url_| and |is_parent_frame_secure_| to determine context

+ // security, so they must be set properly before calling this function.

+ bool IsContextSecureForServiceWorker() const;

bool IsHostToRunningServiceWorker() {

return running_hosted_version_.get() != NULL;

}

@@ -307,6 +323,7 @@ class CONTENT_EXPORT ServiceWorkerProviderHost

int render_thread_id_;

int provider_id_;

ServiceWorkerProviderType provider_type_;

+ bool is_parent_frame_secure_;

GURL document_url_;

GURL topmost_frame_url_;