| Index: content/child/service_worker/service_worker_network_provider.cc
|
| diff --git a/content/child/service_worker/service_worker_network_provider.cc b/content/child/service_worker/service_worker_network_provider.cc
|
| index 0632e81e09b3cbaa83e0fbb0e0e0267c160bd782..ab7597cda148c2f0b60b8336ffcbd97e86981cb3 100644
|
| --- a/content/child/service_worker/service_worker_network_provider.cc
|
| +++ b/content/child/service_worker/service_worker_network_provider.cc
|
| @@ -11,6 +11,8 @@
|
| #include "content/common/service_worker/service_worker_messages.h"
|
| #include "content/common/service_worker/service_worker_utils.h"
|
| #include "content/public/common/browser_side_navigation_policy.h"
|
| +#include "third_party/WebKit/public/web/WebLocalFrame.h"
|
| +#include "third_party/WebKit/public/web/WebSandboxFlags.h"
|
|
|
| namespace content {
|
|
|
| @@ -43,7 +45,7 @@ std::unique_ptr<ServiceWorkerNetworkProvider>
|
| ServiceWorkerNetworkProvider::CreateForNavigation(
|
| int route_id,
|
| const RequestNavigationParams& request_params,
|
| - blink::WebSandboxFlags sandbox_flags,
|
| + blink::WebLocalFrame* frame,
|
| bool content_initiated) {
|
| bool browser_side_navigation = IsBrowserSideNavigationEnabled();
|
| bool should_create_provider_for_window = false;
|
| @@ -65,24 +67,33 @@ ServiceWorkerNetworkProvider::CreateForNavigation(
|
| service_worker_provider_id == kInvalidServiceWorkerProviderId);
|
| } else {
|
| should_create_provider_for_window =
|
| - (sandbox_flags & blink::WebSandboxFlags::Origin) !=
|
| - blink::WebSandboxFlags::Origin;
|
| + ((frame->effectiveSandboxFlags() & blink::WebSandboxFlags::Origin) !=
|
| + blink::WebSandboxFlags::Origin);
|
| }
|
|
|
| // Now create the ServiceWorkerNetworkProvider (with invalid id if needed).
|
| if (should_create_provider_for_window) {
|
| + // Ideally Document::isSecureContext would be called here, but the document
|
| + // is not created yet, and due to redirects the URL may change. So pass
|
| + // is_parent_frame_secure to the browser process, so it can determine the
|
| + // context security when deciding whether to allow a service worker to
|
| + // control the document.
|
| + bool is_parent_frame_secure =
|
| + !frame->parent() || frame->parent()->canHaveSecureChild();
|
| +
|
| if (service_worker_provider_id == kInvalidServiceWorkerProviderId) {
|
| network_provider = std::unique_ptr<ServiceWorkerNetworkProvider>(
|
| new ServiceWorkerNetworkProvider(route_id,
|
| - SERVICE_WORKER_PROVIDER_FOR_WINDOW));
|
| + SERVICE_WORKER_PROVIDER_FOR_WINDOW,
|
| + is_parent_frame_secure));
|
| } else {
|
| CHECK(browser_side_navigation);
|
| DCHECK(ServiceWorkerUtils::IsBrowserAssignedProviderId(
|
| service_worker_provider_id));
|
| network_provider = std::unique_ptr<ServiceWorkerNetworkProvider>(
|
| - new ServiceWorkerNetworkProvider(route_id,
|
| - SERVICE_WORKER_PROVIDER_FOR_WINDOW,
|
| - service_worker_provider_id));
|
| + new ServiceWorkerNetworkProvider(
|
| + route_id, SERVICE_WORKER_PROVIDER_FOR_WINDOW,
|
| + service_worker_provider_id, is_parent_frame_secure));
|
| }
|
| } else {
|
| network_provider = std::unique_ptr<ServiceWorkerNetworkProvider>(
|
| @@ -94,7 +105,8 @@ ServiceWorkerNetworkProvider::CreateForNavigation(
|
| ServiceWorkerNetworkProvider::ServiceWorkerNetworkProvider(
|
| int route_id,
|
| ServiceWorkerProviderType provider_type,
|
| - int browser_provider_id)
|
| + int browser_provider_id,
|
| + bool is_parent_frame_secure)
|
| : provider_id_(browser_provider_id) {
|
| if (provider_id_ == kInvalidServiceWorkerProviderId)
|
| return;
|
| @@ -104,15 +116,17 @@ ServiceWorkerNetworkProvider::ServiceWorkerNetworkProvider(
|
| provider_id_, provider_type,
|
| ChildThreadImpl::current()->thread_safe_sender());
|
| ChildThreadImpl::current()->Send(new ServiceWorkerHostMsg_ProviderCreated(
|
| - provider_id_, route_id, provider_type));
|
| + provider_id_, route_id, provider_type, is_parent_frame_secure));
|
| }
|
|
|
| ServiceWorkerNetworkProvider::ServiceWorkerNetworkProvider(
|
| int route_id,
|
| - ServiceWorkerProviderType provider_type)
|
| + ServiceWorkerProviderType provider_type,
|
| + bool is_parent_frame_secure)
|
| : ServiceWorkerNetworkProvider(route_id,
|
| provider_type,
|
| - GetNextProviderId()) {}
|
| + GetNextProviderId(),
|
| + is_parent_frame_secure) {}
|
|
|
| ServiceWorkerNetworkProvider::ServiceWorkerNetworkProvider()
|
| : provider_id_(kInvalidServiceWorkerProviderId) {}
|
|
|
Chromium Code Reviews
Issue 2009453002:
service worker: Don't control a subframe of an insecure context (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master