Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(311)

Side by Side Diff: content/browser/service_worker/service_worker_provider_host.cc

Issue 2061203002: WIP Reland: service worker: Don't control a subframe of an insecure context Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: maybe fix drmemory Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/service_worker/service_worker_provider_host.h" 5 #include "content/browser/service_worker/service_worker_provider_host.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/guid.h" 9 #include "base/guid.h"
10 #include "base/stl_util.h" 10 #include "base/stl_util.h"
11 #include "base/time/time.h" 11 #include "base/time/time.h"
12 #include "content/browser/message_port_message_filter.h" 12 #include "content/browser/message_port_message_filter.h"
13 #include "content/browser/service_worker/embedded_worker_status.h" 13 #include "content/browser/service_worker/embedded_worker_status.h"
14 #include "content/browser/service_worker/service_worker_context_core.h" 14 #include "content/browser/service_worker/service_worker_context_core.h"
15 #include "content/browser/service_worker/service_worker_context_request_handler. h" 15 #include "content/browser/service_worker/service_worker_context_request_handler. h"
16 #include "content/browser/service_worker/service_worker_controllee_request_handl er.h" 16 #include "content/browser/service_worker/service_worker_controllee_request_handl er.h"
17 #include "content/browser/service_worker/service_worker_dispatcher_host.h" 17 #include "content/browser/service_worker/service_worker_dispatcher_host.h"
18 #include "content/browser/service_worker/service_worker_handle.h" 18 #include "content/browser/service_worker/service_worker_handle.h"
19 #include "content/browser/service_worker/service_worker_registration_handle.h" 19 #include "content/browser/service_worker/service_worker_registration_handle.h"
20 #include "content/browser/service_worker/service_worker_version.h" 20 #include "content/browser/service_worker/service_worker_version.h"
21 #include "content/common/resource_request_body.h" 21 #include "content/common/resource_request_body.h"
22 #include "content/common/service_worker/service_worker_messages.h" 22 #include "content/common/service_worker/service_worker_messages.h"
23 #include "content/common/service_worker/service_worker_types.h" 23 #include "content/common/service_worker/service_worker_types.h"
24 #include "content/common/service_worker/service_worker_utils.h" 24 #include "content/common/service_worker/service_worker_utils.h"
25 #include "content/public/browser/content_browser_client.h"
25 #include "content/public/common/browser_side_navigation_policy.h" 26 #include "content/public/common/browser_side_navigation_policy.h"
26 #include "content/public/common/child_process_host.h" 27 #include "content/public/common/child_process_host.h"
28 #include "content/public/common/content_client.h"
29 #include "content/public/common/origin_util.h"
27 30
28 namespace content { 31 namespace content {
29 32
30 namespace { 33 namespace {
31 34
32 // PlzNavigate 35 // PlzNavigate
33 // Next ServiceWorkerProviderHost ID for navigations, starts at -2 and keeps 36 // Next ServiceWorkerProviderHost ID for navigations, starts at -2 and keeps
34 // going down. 37 // going down.
35 int g_next_navigation_provider_id = -2; 38 int g_next_navigation_provider_id = -2;
36 39
(...skipping 11 matching lines...) Expand all
48 // static 51 // static
49 std::unique_ptr<ServiceWorkerProviderHost> 52 std::unique_ptr<ServiceWorkerProviderHost>
50 ServiceWorkerProviderHost::PreCreateNavigationHost( 53 ServiceWorkerProviderHost::PreCreateNavigationHost(
51 base::WeakPtr<ServiceWorkerContextCore> context) { 54 base::WeakPtr<ServiceWorkerContextCore> context) {
52 CHECK(IsBrowserSideNavigationEnabled()); 55 CHECK(IsBrowserSideNavigationEnabled());
53 // Generate a new browser-assigned id for the host. 56 // Generate a new browser-assigned id for the host.
54 int provider_id = g_next_navigation_provider_id--; 57 int provider_id = g_next_navigation_provider_id--;
55 return std::unique_ptr<ServiceWorkerProviderHost>( 58 return std::unique_ptr<ServiceWorkerProviderHost>(
56 new ServiceWorkerProviderHost( 59 new ServiceWorkerProviderHost(
57 ChildProcessHost::kInvalidUniqueID, MSG_ROUTING_NONE, provider_id, 60 ChildProcessHost::kInvalidUniqueID, MSG_ROUTING_NONE, provider_id,
58 SERVICE_WORKER_PROVIDER_FOR_WINDOW, context, nullptr)); 61 SERVICE_WORKER_PROVIDER_FOR_WINDOW, FrameSecurityLevel::UNINITIALIZED,
62 context, nullptr));
59 } 63 }
60 64
61 ServiceWorkerProviderHost::ServiceWorkerProviderHost( 65 ServiceWorkerProviderHost::ServiceWorkerProviderHost(
62 int render_process_id, 66 int render_process_id,
63 int route_id, 67 int route_id,
64 int provider_id, 68 int provider_id,
65 ServiceWorkerProviderType provider_type, 69 ServiceWorkerProviderType provider_type,
70 FrameSecurityLevel parent_frame_security_level,
66 base::WeakPtr<ServiceWorkerContextCore> context, 71 base::WeakPtr<ServiceWorkerContextCore> context,
67 ServiceWorkerDispatcherHost* dispatcher_host) 72 ServiceWorkerDispatcherHost* dispatcher_host)
68 : client_uuid_(base::GenerateGUID()), 73 : client_uuid_(base::GenerateGUID()),
69 render_process_id_(render_process_id), 74 render_process_id_(render_process_id),
70 route_id_(route_id), 75 route_id_(route_id),
71 render_thread_id_(kDocumentMainThreadId), 76 render_thread_id_(kDocumentMainThreadId),
72 provider_id_(provider_id), 77 provider_id_(provider_id),
73 provider_type_(provider_type), 78 provider_type_(provider_type),
79 parent_frame_security_level_(parent_frame_security_level),
74 context_(context), 80 context_(context),
75 dispatcher_host_(dispatcher_host), 81 dispatcher_host_(dispatcher_host),
76 allow_association_(true) { 82 allow_association_(true) {
77 DCHECK_NE(SERVICE_WORKER_PROVIDER_UNKNOWN, provider_type_); 83 DCHECK_NE(SERVICE_WORKER_PROVIDER_UNKNOWN, provider_type_);
78 84
79 // PlzNavigate 85 // PlzNavigate
80 CHECK(render_process_id != ChildProcessHost::kInvalidUniqueID || 86 CHECK(render_process_id != ChildProcessHost::kInvalidUniqueID ||
81 IsBrowserSideNavigationEnabled()); 87 IsBrowserSideNavigationEnabled());
82 88
83 if (provider_type_ == SERVICE_WORKER_PROVIDER_FOR_CONTROLLER) { 89 if (provider_type_ == SERVICE_WORKER_PROVIDER_FOR_CONTROLLER) {
(...skipping 21 matching lines...) Expand all
105 for (const GURL& pattern : associated_patterns_) 111 for (const GURL& pattern : associated_patterns_)
106 DecreaseProcessReference(pattern); 112 DecreaseProcessReference(pattern);
107 } 113 }
108 114
109 int ServiceWorkerProviderHost::frame_id() const { 115 int ServiceWorkerProviderHost::frame_id() const {
110 if (provider_type_ == SERVICE_WORKER_PROVIDER_FOR_WINDOW) 116 if (provider_type_ == SERVICE_WORKER_PROVIDER_FOR_WINDOW)
111 return route_id_; 117 return route_id_;
112 return MSG_ROUTING_NONE; 118 return MSG_ROUTING_NONE;
113 } 119 }
114 120
121 bool ServiceWorkerProviderHost::IsContextSecureForServiceWorker() const {
122 DCHECK(document_url_.is_valid());
123 if (!OriginCanAccessServiceWorkers(document_url_))
124 return false;
125
126 if (is_parent_frame_secure())
127 return true;
128
129 std::set<std::string> schemes;
130 GetContentClient()->browser()->GetSchemesBypassingSecureContextCheckWhitelist(
131 &schemes);
132 return schemes.find(document_url().scheme()) != schemes.end();
133 }
134
115 void ServiceWorkerProviderHost::OnVersionAttributesChanged( 135 void ServiceWorkerProviderHost::OnVersionAttributesChanged(
116 ServiceWorkerRegistration* registration, 136 ServiceWorkerRegistration* registration,
117 ChangedVersionAttributesMask changed_mask, 137 ChangedVersionAttributesMask changed_mask,
118 const ServiceWorkerRegistrationInfo& info) { 138 const ServiceWorkerRegistrationInfo& info) {
119 if (!get_ready_callback_ || get_ready_callback_->called) 139 if (!get_ready_callback_ || get_ready_callback_->called)
120 return; 140 return;
121 if (changed_mask.active_changed() && registration->active_version()) { 141 if (changed_mask.active_changed() && registration->active_version()) {
122 // Wait until the state change so we don't send the get for ready 142 // Wait until the state change so we don't send the get for ready
123 // registration complete message before set version attributes message. 143 // registration complete message before set version attributes message.
124 registration->active_version()->RegisterStatusChangeCallback(base::Bind( 144 registration->active_version()->RegisterStatusChangeCallback(base::Bind(
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after
159 document_url_ = url; 179 document_url_ = url;
160 } 180 }
161 181
162 void ServiceWorkerProviderHost::SetTopmostFrameUrl(const GURL& url) { 182 void ServiceWorkerProviderHost::SetTopmostFrameUrl(const GURL& url) {
163 topmost_frame_url_ = url; 183 topmost_frame_url_ = url;
164 } 184 }
165 185
166 void ServiceWorkerProviderHost::SetControllerVersionAttribute( 186 void ServiceWorkerProviderHost::SetControllerVersionAttribute(
167 ServiceWorkerVersion* version, 187 ServiceWorkerVersion* version,
168 bool notify_controllerchange) { 188 bool notify_controllerchange) {
189 CHECK(!version || IsContextSecureForServiceWorker());
169 if (version == controlling_version_.get()) 190 if (version == controlling_version_.get())
170 return; 191 return;
171 192
172 scoped_refptr<ServiceWorkerVersion> previous_version = controlling_version_; 193 scoped_refptr<ServiceWorkerVersion> previous_version = controlling_version_;
173 controlling_version_ = version; 194 controlling_version_ = version;
174 if (version) 195 if (version)
175 version->AddControllee(this); 196 version->AddControllee(this);
176 if (previous_version.get()) 197 if (previous_version.get())
177 previous_version->RemoveControllee(this); 198 previous_version->RemoveControllee(this);
178 199
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
232 case SERVICE_WORKER_PROVIDER_UNKNOWN: 253 case SERVICE_WORKER_PROVIDER_UNKNOWN:
233 NOTREACHED() << provider_type_; 254 NOTREACHED() << provider_type_;
234 } 255 }
235 NOTREACHED() << provider_type_; 256 NOTREACHED() << provider_type_;
236 return blink::WebServiceWorkerClientTypeWindow; 257 return blink::WebServiceWorkerClientTypeWindow;
237 } 258 }
238 259
239 void ServiceWorkerProviderHost::AssociateRegistration( 260 void ServiceWorkerProviderHost::AssociateRegistration(
240 ServiceWorkerRegistration* registration, 261 ServiceWorkerRegistration* registration,
241 bool notify_controllerchange) { 262 bool notify_controllerchange) {
263 CHECK(IsContextSecureForServiceWorker());
242 DCHECK(CanAssociateRegistration(registration)); 264 DCHECK(CanAssociateRegistration(registration));
243 associated_registration_ = registration; 265 associated_registration_ = registration;
244 AddMatchingRegistration(registration); 266 AddMatchingRegistration(registration);
245 SendAssociateRegistrationMessage(); 267 SendAssociateRegistrationMessage();
246 SetControllerVersionAttribute(registration->active_version(), 268 SetControllerVersionAttribute(registration->active_version(),
247 notify_controllerchange); 269 notify_controllerchange);
248 } 270 }
249 271
250 void ServiceWorkerProviderHost::DisassociateRegistration() { 272 void ServiceWorkerProviderHost::DisassociateRegistration() {
251 queued_events_.clear(); 273 queued_events_.clear();
252 if (!associated_registration_.get()) 274 if (!associated_registration_.get())
253 return; 275 return;
254 associated_registration_ = NULL; 276 associated_registration_ = NULL;
255 SetControllerVersionAttribute(NULL, false /* notify_controllerchange */); 277 SetControllerVersionAttribute(NULL, false /* notify_controllerchange */);
256 278
257 if (!dispatcher_host_) 279 if (!dispatcher_host_)
258 return; 280 return;
259 281
260 // Disassociation message should be sent only for controllees. 282 // Disassociation message should be sent only for controllees.
261 DCHECK(IsProviderForClient()); 283 DCHECK(IsProviderForClient());
262 Send(new ServiceWorkerMsg_DisassociateRegistration( 284 Send(new ServiceWorkerMsg_DisassociateRegistration(
263 render_thread_id_, provider_id())); 285 render_thread_id_, provider_id()));
264 } 286 }
265 287
266 void ServiceWorkerProviderHost::AddMatchingRegistration( 288 void ServiceWorkerProviderHost::AddMatchingRegistration(
267 ServiceWorkerRegistration* registration) { 289 ServiceWorkerRegistration* registration) {
268 DCHECK(ServiceWorkerUtils::ScopeMatches( 290 DCHECK(ServiceWorkerUtils::ScopeMatches(
269 registration->pattern(), document_url_)); 291 registration->pattern(), document_url_));
292 if (!IsContextSecureForServiceWorker())
293 return;
270 size_t key = registration->pattern().spec().size(); 294 size_t key = registration->pattern().spec().size();
271 if (ContainsKey(matching_registrations_, key)) 295 if (ContainsKey(matching_registrations_, key))
272 return; 296 return;
273 IncreaseProcessReference(registration->pattern()); 297 IncreaseProcessReference(registration->pattern());
274 registration->AddListener(this); 298 registration->AddListener(this);
275 matching_registrations_[key] = registration; 299 matching_registrations_[key] = registration;
276 ReturnRegistrationForReadyIfNeeded(); 300 ReturnRegistrationForReadyIfNeeded();
277 } 301 }
278 302
279 void ServiceWorkerProviderHost::RemoveMatchingRegistration( 303 void ServiceWorkerProviderHost::RemoveMatchingRegistration(
(...skipping 364 matching lines...) Expand 10 before | Expand all | Expand 10 after
644 Send(new ServiceWorkerMsg_SetControllerServiceWorker( 668 Send(new ServiceWorkerMsg_SetControllerServiceWorker(
645 render_thread_id_, provider_id(), 669 render_thread_id_, provider_id(),
646 GetOrCreateServiceWorkerHandle( 670 GetOrCreateServiceWorkerHandle(
647 associated_registration_->active_version()), 671 associated_registration_->active_version()),
648 false /* shouldNotifyControllerChange */)); 672 false /* shouldNotifyControllerChange */));
649 } 673 }
650 } 674 }
651 } 675 }
652 676
653 } // namespace content 677 } // namespace content
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698