Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(170)

Unified Diff: third_party/WebKit/Source/core/dom/Document.cpp

Issue 2071433003: Reland: service worker: Don't control a subframe of an insecure context (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: revised Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/WebKit/Source/core/dom/Document.h ('k') | third_party/WebKit/Source/core/frame/Frame.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/core/dom/Document.cpp
diff --git a/third_party/WebKit/Source/core/dom/Document.cpp b/third_party/WebKit/Source/core/dom/Document.cpp
index bcd02abab122b64a87a992643bf714e4d260b0c7..5e6bf70126b6a4d6db9d8d95a434410abec9d11a 100644
--- a/third_party/WebKit/Source/core/dom/Document.cpp
+++ b/third_party/WebKit/Source/core/dom/Document.cpp
@@ -359,15 +359,6 @@ static bool acceptsEditingFocus(const Element& element)
return element.document().frame() && element.rootEditableElement();
}
-static bool isOriginPotentiallyTrustworthy(SecurityOrigin* origin, String* errorMessage)
-{
- if (origin->isPotentiallyTrustworthy())
- return true;
- if (errorMessage)
- *errorMessage = origin->isPotentiallyTrustworthyErrorMessage();
- return false;
-}
-
uint64_t Document::s_globalTreeVersion = 0;
static bool s_threadedParsingEnabledForTesting = true;
@@ -3326,7 +3317,7 @@ void Document::cloneDataFromDocument(const Document& other)
setMimeType(other.contentType());
}
-bool Document::isSecureContextImpl(String* errorMessage, const SecureContextCheck privilegeContextCheck) const
+bool Document::isSecureContextImpl(const SecureContextCheck privilegeContextCheck) const
{
// There may be exceptions for the secure context check defined for certain
// schemes. The exceptions are applied only to the special scheme and to
@@ -3356,21 +3347,16 @@ bool Document::isSecureContextImpl(String* errorMessage, const SecureContextChec
//
// In all cases, a frame must be potentially trustworthy in addition to
// having an exception listed in order for the exception to be granted.
- if (!isOriginPotentiallyTrustworthy(getSecurityOrigin(), errorMessage))
+ if (!getSecurityOrigin()->isPotentiallyTrustworthy())
return false;
if (SchemeRegistry::schemeShouldBypassSecureContextCheck(getSecurityOrigin()->protocol()))
return true;
if (privilegeContextCheck == StandardSecureContextCheck) {
- if (!m_frame)
- return true;
- Frame* parent = m_frame->tree().parent();
- while (parent) {
- if (!isOriginPotentiallyTrustworthy(parent->securityContext()->getSecurityOrigin(), errorMessage))
- return false;
- parent = parent->tree().parent();
- }
+ Frame* parent = m_frame ? m_frame->tree().parent() : nullptr;
+ if (parent && !parent->canHaveSecureChild())
+ return false;
}
return true;
}
@@ -5848,12 +5834,15 @@ v8::Local<v8::Object> Document::associateWithWrapper(v8::Isolate* isolate, const
bool Document::isSecureContext(String& errorMessage, const SecureContextCheck privilegeContextCheck) const
{
- return isSecureContextImpl(&errorMessage, privilegeContextCheck);
+ if (isSecureContextImpl(privilegeContextCheck))
+ return true;
+ errorMessage = SecurityOrigin::isPotentiallyTrustworthyErrorMessage();
+ return false;
}
bool Document::isSecureContext(const SecureContextCheck privilegeContextCheck) const
{
- return isSecureContextImpl(nullptr, privilegeContextCheck);
+ return isSecureContextImpl(privilegeContextCheck);
}
WebTaskRunner* Document::loadingTaskRunner() const
« no previous file with comments | « third_party/WebKit/Source/core/dom/Document.h ('k') | third_party/WebKit/Source/core/frame/Frame.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698