Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(674)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/frame_host/render_frame_host_impl.cc

Issue 2080223002: Revert of Fixing renderer's access to a file from HTTP POST (after a xsite transfer). (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/browser/frame_host/render_frame_host_impl.h ('k') | content/browser/frame_host/render_frame_host_manager_browsertest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/frame_host/render_frame_host_impl.h" 5 #include "content/browser/frame_host/render_frame_host_impl.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/bind.h" 9 #include "base/bind.h"
10 #include "base/command_line.h" 10 #include "base/command_line.h"
(...skipping 2739 matching lines...) Expand 10 before | Expand all | Expand 10 after
2750 if (!permission_manager) 2750 if (!permission_manager)
2751 return; 2751 return;
2752 2752
2753 permission_manager->RegisterPermissionUsage( 2753 permission_manager->RegisterPermissionUsage(
2754 PermissionType::GEOLOCATION, 2754 PermissionType::GEOLOCATION,
2755 last_committed_url().GetOrigin(), 2755 last_committed_url().GetOrigin(),
2756 frame_tree_node()->frame_tree()->GetMainFrame() 2756 frame_tree_node()->frame_tree()->GetMainFrame()
2757 ->last_committed_url().GetOrigin()); 2757 ->last_committed_url().GetOrigin());
2758 } 2758 }
2759 2759
2760 void RenderFrameHostImpl::GrantFileAccessFromResourceRequestBody(
2761 const ResourceRequestBodyImpl& body) {
2762 ChildProcessSecurityPolicyImpl* policy =
2763 ChildProcessSecurityPolicyImpl::GetInstance();
2764
2765 std::vector<base::FilePath> file_paths = body.GetReferencedFiles();
2766 for (const auto& file : file_paths) {
2767 if (!policy->CanReadFile(GetProcess()->GetID(), file))
2768 policy->GrantReadFile(GetProcess()->GetID(), file);
2769 }
2770 }
2771
2772 void RenderFrameHostImpl::UpdatePermissionsForNavigation( 2760 void RenderFrameHostImpl::UpdatePermissionsForNavigation(
2773 const CommonNavigationParams& common_params, 2761 const CommonNavigationParams& common_params,
2774 const RequestNavigationParams& request_params) { 2762 const RequestNavigationParams& request_params) {
2775 // Browser plugin guests are not allowed to navigate outside web-safe schemes, 2763 // Browser plugin guests are not allowed to navigate outside web-safe schemes,
2776 // so do not grant them the ability to request additional URLs. 2764 // so do not grant them the ability to request additional URLs.
2777 if (!GetProcess()->IsForGuestsOnly()) { 2765 if (!GetProcess()->IsForGuestsOnly()) {
2778 ChildProcessSecurityPolicyImpl::GetInstance()->GrantRequestURL( 2766 ChildProcessSecurityPolicyImpl::GetInstance()->GrantRequestURL(
2779 GetProcess()->GetID(), common_params.url); 2767 GetProcess()->GetID(), common_params.url);
2780 if (common_params.url.SchemeIs(url::kDataScheme) && 2768 if (common_params.url.SchemeIs(url::kDataScheme) &&
2781 common_params.base_url_for_data_url.SchemeIs(url::kFileScheme)) { 2769 common_params.base_url_for_data_url.SchemeIs(url::kFileScheme)) {
2782 // If 'data:' is used, and we have a 'file:' base url, grant access to 2770 // If 'data:' is used, and we have a 'file:' base url, grant access to
2783 // local files. 2771 // local files.
2784 ChildProcessSecurityPolicyImpl::GetInstance()->GrantRequestURL( 2772 ChildProcessSecurityPolicyImpl::GetInstance()->GrantRequestURL(
2785 GetProcess()->GetID(), common_params.base_url_for_data_url); 2773 GetProcess()->GetID(), common_params.base_url_for_data_url);
2786 } 2774 }
2787 } 2775 }
2788 2776
2789 // We may be returning to an existing NavigationEntry that had been granted 2777 // We may be returning to an existing NavigationEntry that had been granted
2790 // file access. If this is a different process, we will need to grant the 2778 // file access. If this is a different process, we will need to grant the
2791 // access again. Abuse is prevented, because the files listed in the page 2779 // access again. The files listed in the page state are validated when they
2792 // state are validated earlier, when they are received from the renderer (in 2780 // are received from the renderer to prevent abuse.
2793 // RenderFrameHostImpl::CanAccessFilesOfPageState). 2781 if (request_params.page_state.IsValid()) {
2794 if (request_params.page_state.IsValid())
2795 render_view_host_->GrantFileAccessFromPageState(request_params.page_state); 2782 render_view_host_->GrantFileAccessFromPageState(request_params.page_state);
2796 2783 }
2797 // We may be here after transferring navigation to a different renderer
2798 // process. In this case, we need to ensure that the new renderer retains
2799 // ability to access files that the old renderer could access. Abuse is
2800 // prevented, because the files listed in ResourceRequestBody are validated
2801 // earlier, when they are recieved from the renderer (in ShouldServiceRequest
2802 // called from ResourceDispatcherHostImpl::BeginRequest).
2803 if (common_params.post_data)
2804 GrantFileAccessFromResourceRequestBody(*common_params.post_data);
2805 } 2784 }
2806 2785
2807 bool RenderFrameHostImpl::CanExecuteJavaScript() { 2786 bool RenderFrameHostImpl::CanExecuteJavaScript() {
2808 return g_allow_injecting_javascript || 2787 return g_allow_injecting_javascript ||
2809 !frame_tree_node_->current_url().is_valid() || 2788 !frame_tree_node_->current_url().is_valid() ||
2810 frame_tree_node_->current_url().SchemeIs(kChromeDevToolsScheme) || 2789 frame_tree_node_->current_url().SchemeIs(kChromeDevToolsScheme) ||
2811 ChildProcessSecurityPolicyImpl::GetInstance()->HasWebUIBindings( 2790 ChildProcessSecurityPolicyImpl::GetInstance()->HasWebUIBindings(
2812 GetProcess()->GetID()) || 2791 GetProcess()->GetID()) ||
2813 // It's possible to load about:blank in a Web UI renderer. 2792 // It's possible to load about:blank in a Web UI renderer.
2814 // See http://crbug.com/42547 2793 // See http://crbug.com/42547
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after
2927 // handler after it's destroyed so it can't run after the RFHI is destroyed. 2906 // handler after it's destroyed so it can't run after the RFHI is destroyed.
2928 web_bluetooth_service_->SetClientConnectionErrorHandler(base::Bind( 2907 web_bluetooth_service_->SetClientConnectionErrorHandler(base::Bind(
2929 &RenderFrameHostImpl::DeleteWebBluetoothService, base::Unretained(this))); 2908 &RenderFrameHostImpl::DeleteWebBluetoothService, base::Unretained(this)));
2930 } 2909 }
2931 2910
2932 void RenderFrameHostImpl::DeleteWebBluetoothService() { 2911 void RenderFrameHostImpl::DeleteWebBluetoothService() {
2933 web_bluetooth_service_.reset(); 2912 web_bluetooth_service_.reset();
2934 } 2913 }
2935 2914
2936 } // namespace content 2915 } // namespace content
OLDNEW
« no previous file with comments | « content/browser/frame_host/render_frame_host_impl.h ('k') | content/browser/frame_host/render_frame_host_manager_browsertest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698