OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc
e-loading | 5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc
e-loading |
6 | 6 |
7 #include "content/browser/loader/resource_dispatcher_host_impl.h" | 7 #include "content/browser/loader/resource_dispatcher_host_impl.h" |
8 | 8 |
9 #include <stddef.h> | 9 #include <stddef.h> |
10 | 10 |
(...skipping 1867 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1878 // So far, for saving page, we need fetch content from cache, in the | 1878 // So far, for saving page, we need fetch content from cache, in the |
1879 // future, maybe we can use a configuration to configure this behavior. | 1879 // future, maybe we can use a configuration to configure this behavior. |
1880 request->SetLoadFlags(net::LOAD_PREFERRING_CACHE); | 1880 request->SetLoadFlags(net::LOAD_PREFERRING_CACHE); |
1881 | 1881 |
1882 // Since we're just saving some resources we need, disallow downloading. | 1882 // Since we're just saving some resources we need, disallow downloading. |
1883 ResourceRequestInfoImpl* extra_info = | 1883 ResourceRequestInfoImpl* extra_info = |
1884 CreateRequestInfo(child_id, render_view_route_id, | 1884 CreateRequestInfo(child_id, render_view_route_id, |
1885 render_frame_route_id, false, context); | 1885 render_frame_route_id, false, context); |
1886 extra_info->AssociateWithRequest(request.get()); // Request takes ownership. | 1886 extra_info->AssociateWithRequest(request.get()); // Request takes ownership. |
1887 | 1887 |
1888 std::unique_ptr<ResourceHandler> handler(new SaveFileResourceHandler( | 1888 // Check if the renderer is permitted to request the requested URL. |
| 1889 using AuthorizationState = SaveFileResourceHandler::AuthorizationState; |
| 1890 AuthorizationState authorization_state = AuthorizationState::AUTHORIZED; |
| 1891 if (!ChildProcessSecurityPolicyImpl::GetInstance()->CanRequestURL(child_id, |
| 1892 url)) { |
| 1893 DVLOG(1) << "Denying unauthorized save of " << url.possibly_invalid_spec(); |
| 1894 authorization_state = AuthorizationState::NOT_AUTHORIZED; |
| 1895 // No need to return here (i.e. okay to begin processing the request below), |
| 1896 // because NOT_AUTHORIZED will cause the request to be cancelled. See also |
| 1897 // doc comments for AuthorizationState enum. |
| 1898 } |
| 1899 |
| 1900 std::unique_ptr<SaveFileResourceHandler> handler(new SaveFileResourceHandler( |
1889 request.get(), save_item_id, save_package_id, child_id, | 1901 request.get(), save_item_id, save_package_id, child_id, |
1890 render_frame_route_id, url, save_file_manager_.get())); | 1902 render_frame_route_id, url, save_file_manager_.get(), |
| 1903 authorization_state)); |
1891 | 1904 |
1892 BeginRequestInternal(std::move(request), std::move(handler)); | 1905 BeginRequestInternal(std::move(request), std::move(handler)); |
1893 } | 1906 } |
1894 | 1907 |
1895 void ResourceDispatcherHostImpl::MarkAsTransferredNavigation( | 1908 void ResourceDispatcherHostImpl::MarkAsTransferredNavigation( |
1896 const GlobalRequestID& id, | 1909 const GlobalRequestID& id, |
1897 const scoped_refptr<ResourceResponse>& response) { | 1910 const scoped_refptr<ResourceResponse>& response) { |
1898 GetLoader(id)->MarkAsTransferring(response); | 1911 GetLoader(id)->MarkAsTransferring(response); |
1899 } | 1912 } |
1900 | 1913 |
(...skipping 699 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2600 ssl.cert_id = GetCertStore()->StoreCert(ssl_info.cert.get(), child_id); | 2613 ssl.cert_id = GetCertStore()->StoreCert(ssl_info.cert.get(), child_id); |
2601 response->head.security_info = SerializeSecurityInfo(ssl); | 2614 response->head.security_info = SerializeSecurityInfo(ssl); |
2602 } | 2615 } |
2603 | 2616 |
2604 CertStore* ResourceDispatcherHostImpl::GetCertStore() { | 2617 CertStore* ResourceDispatcherHostImpl::GetCertStore() { |
2605 return cert_store_for_testing_ ? cert_store_for_testing_ | 2618 return cert_store_for_testing_ ? cert_store_for_testing_ |
2606 : CertStore::GetInstance(); | 2619 : CertStore::GetInstance(); |
2607 } | 2620 } |
2608 | 2621 |
2609 } // namespace content | 2622 } // namespace content |
OLD | NEW |