[HBD] Remove PluginCache and reload plugin list when origin changes

content/browser/frame_host/render_frame_message_filter.cc

Index: content/browser/frame_host/render_frame_message_filter.cc
diff --git a/content/browser/frame_host/render_frame_message_filter.cc b/content/browser/frame_host/render_frame_message_filter.cc
index 07dc9d561d4bb0e4a574b6d3bf4f142e9392980f..aafc479347563ba003f2cc264376de6ba359f99c 100644
--- a/content/browser/frame_host/render_frame_message_filter.cc
+++ b/content/browser/frame_host/render_frame_message_filter.cc
@@ -452,6 +452,7 @@ void RenderFrameMessageFilter::GetCookies(int render_frame_id,
 
 void RenderFrameMessageFilter::OnGetPlugins(
     bool refresh,
+    const url::Origin& main_frame_origin,

[piman, 2016/08/19 21:59:22]

This origin comes from an untrusted source. Do we need to validate that this is
a valid one for the calling renderer?

[trizzofo, 2016/08/20 00:00:41]

Since OnGetPluginInfo() (that effectively determine if Flash should run or not)
doesn't validate the URLs, I believe that it should be fine if we don't validate
it here as well. The only thing we are determining here is if Flash is
advertised or not and I think that it isn't that critical. Let me know if you
have any additional thoughts.

     IPC::Message* reply_msg) {
   // Don't refresh if the specified threshold has not been passed.  Note that
   // this check is performed before off-loading to the file thread.  The reason
@@ -470,12 +471,14 @@ void RenderFrameMessageFilter::OnGetPlugins(
     }
   }
 
-  PluginServiceImpl::GetInstance()->GetPlugins(base::Bind(
-      &RenderFrameMessageFilter::GetPluginsCallback, this, reply_msg));
+  PluginServiceImpl::GetInstance()->GetPlugins(
+      base::Bind(&RenderFrameMessageFilter::GetPluginsCallback, this, reply_msg,
+                 main_frame_origin));
 }
 
 void RenderFrameMessageFilter::GetPluginsCallback(
     IPC::Message* reply_msg,
+    const url::Origin& main_frame_origin,
     const std::vector<WebPluginInfo>& all_plugins) {
   // Filter the plugin list.
   PluginServiceFilter* filter = PluginServiceImpl::GetInstance()->GetFilter();
@@ -483,15 +486,16 @@ void RenderFrameMessageFilter::GetPluginsCallback(
 
   int child_process_id = -1;
   int routing_id = MSG_ROUTING_NONE;
+  GURL policy_url =
+      main_frame_origin.unique() ? GURL() : GURL(main_frame_origin.Serialize());
   // In this loop, copy the WebPluginInfo (and do not use a reference) because
   // the filter might mutate it.
   for (WebPluginInfo plugin : all_plugins) {
-    if (!filter || filter->IsPluginAvailable(child_process_id,
-                                             routing_id,
-                                             resource_context_,
-                                             GURL(),
-                                             GURL(),
-                                             &plugin)) {
+    // TODO(crbug.com/621724): Pass an url::Origin instead of a GURL.
+    if (!filter ||
+        filter->IsPluginAvailable(child_process_id, routing_id,
+                                  resource_context_, GURL(), policy_url,
+                                  &plugin)) {
       plugins.push_back(plugin);
     }
   }