content/browser/service_worker/service_worker_provider_host.cc - Issue 2009453002: service worker: Don't control a subframe of an insecure context

Unified Diff: content/browser/service_worker/service_worker_provider_host.cc

Issue 2009453002: service worker: Don't control a subframe of an insecure context (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: refactor errorMessage Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « content/browser/service_worker/service_worker_provider_host.h ('k') | content/browser/service_worker/service_worker_provider_host_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: content/browser/service_worker/service_worker_provider_host.cc

diff --git a/content/browser/service_worker/service_worker_provider_host.cc b/content/browser/service_worker/service_worker_provider_host.cc

index 21e0ddf6239ab50140f37c2ac4180f613cd2beca..97caabdf1de84e1df7720c87f84724d494123e93 100644

--- a/content/browser/service_worker/service_worker_provider_host.cc

+++ b/content/browser/service_worker/service_worker_provider_host.cc

@@ -21,8 +21,11 @@

#include "content/common/service_worker/service_worker_messages.h"

#include "content/common/service_worker/service_worker_types.h"

#include "content/common/service_worker/service_worker_utils.h"

+#include "content/public/browser/content_browser_client.h"

#include "content/public/common/browser_side_navigation_policy.h"

#include "content/public/common/child_process_host.h"

+#include "content/public/common/content_client.h"

+#include "content/public/common/origin_util.h"

namespace content {

@@ -54,7 +57,8 @@ ServiceWorkerProviderHost::PreCreateNavigationHost(

return std::unique_ptr<ServiceWorkerProviderHost>(

new ServiceWorkerProviderHost(

ChildProcessHost::kInvalidUniqueID, MSG_ROUTING_NONE, provider_id,

- SERVICE_WORKER_PROVIDER_FOR_WINDOW, context, nullptr));

+ SERVICE_WORKER_PROVIDER_FOR_WINDOW, FrameSecurityLevel::UNINITIALIZED,

+ context, nullptr));

}

ServiceWorkerProviderHost::ServiceWorkerProviderHost(

@@ -62,6 +66,7 @@ ServiceWorkerProviderHost::ServiceWorkerProviderHost(

int route_id,

int provider_id,

ServiceWorkerProviderType provider_type,

+ FrameSecurityLevel parent_frame_security_level,

base::WeakPtr<ServiceWorkerContextCore> context,

ServiceWorkerDispatcherHost* dispatcher_host)

: client_uuid_(base::GenerateGUID()),

@@ -70,6 +75,7 @@ ServiceWorkerProviderHost::ServiceWorkerProviderHost(

render_thread_id_(kDocumentMainThreadId),

provider_id_(provider_id),

provider_type_(provider_type),

+ parent_frame_security_level_(parent_frame_security_level),

context_(context),

dispatcher_host_(dispatcher_host),

allow_association_(true) {

@@ -111,6 +117,20 @@ int ServiceWorkerProviderHost::frame_id() const {

return MSG_ROUTING_NONE;

}

+bool ServiceWorkerProviderHost::IsContextSecureForServiceWorker() const {

+ DCHECK(document_url_.is_valid());

+ if (!OriginCanAccessServiceWorkers(document_url_))

+ return false;

+ if (is_parent_frame_secure())

+ return true;

+ std::set<std::string> schemes;

+ GetContentClient()->browser()->GetSchemesBypassingSecureContextCheckWhitelist(

+ &schemes);

+ return schemes.find(document_url().scheme()) != schemes.end();

void ServiceWorkerProviderHost::OnVersionAttributesChanged(

ServiceWorkerRegistration* registration,

ChangedVersionAttributesMask changed_mask,

@@ -165,6 +185,7 @@ void ServiceWorkerProviderHost::SetTopmostFrameUrl(const GURL& url) {

void ServiceWorkerProviderHost::SetControllerVersionAttribute(

ServiceWorkerVersion* version,

bool notify_controllerchange) {

+ CHECK(!version || IsContextSecureForServiceWorker());

if (version == controlling_version_.get())

return;