Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(802)

Unified Diff: content/browser/service_worker/service_worker_controllee_request_handler.cc

Issue 2009453002: service worker: Don't control a subframe of an insecure context (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: refactor errorMessage Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: content/browser/service_worker/service_worker_controllee_request_handler.cc
diff --git a/content/browser/service_worker/service_worker_controllee_request_handler.cc b/content/browser/service_worker/service_worker_controllee_request_handler.cc
index 74b8e80d8a86d5f4cf1aef2c98310a4d5af25cba..c6652dc92b1d01688564cd432b1ed9287b137c1d 100644
--- a/content/browser/service_worker/service_worker_controllee_request_handler.cc
+++ b/content/browser/service_worker/service_worker_controllee_request_handler.cc
@@ -5,6 +5,7 @@
#include "content/browser/service_worker/service_worker_controllee_request_handler.h"
#include <memory>
+#include <set>
#include <string>
#include "base/trace_event/trace_event.h"
@@ -213,6 +214,17 @@ ServiceWorkerControlleeRequestHandler::DidLookupRegistrationForMainResource(
return;
}
+ if (!provider_host_->IsContextSecureForServiceWorker()) {
+ // TODO(falken): Figure out a way to surface in the page's DevTools
+ // console that the service worker was blocked for security.
+ job_->FallbackToNetwork();
+ TRACE_EVENT_ASYNC_END1(
+ "ServiceWorker",
+ "ServiceWorkerControlleeRequestHandler::PrepareForMainResource",
+ job_.get(), "Info", "Insecure context");
+ return;
+ }
+
if (need_to_update) {
force_update_started_ = true;
context_->UpdateServiceWorker(

Powered by Google App Engine
This is Rietveld 408576698