OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/frame_host/render_frame_proxy_host.h" | 5 #include "content/browser/frame_host/render_frame_proxy_host.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/lazy_instance.h" | 9 #include "base/lazy_instance.h" |
10 #include "content/browser/bad_message.h" | 10 #include "content/browser/bad_message.h" |
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
128 | 128 |
129 bool RenderFrameProxyHost::OnMessageReceived(const IPC::Message& msg) { | 129 bool RenderFrameProxyHost::OnMessageReceived(const IPC::Message& msg) { |
130 if (cross_process_frame_connector_.get() && | 130 if (cross_process_frame_connector_.get() && |
131 cross_process_frame_connector_->OnMessageReceived(msg)) | 131 cross_process_frame_connector_->OnMessageReceived(msg)) |
132 return true; | 132 return true; |
133 | 133 |
134 bool handled = true; | 134 bool handled = true; |
135 IPC_BEGIN_MESSAGE_MAP(RenderFrameProxyHost, msg) | 135 IPC_BEGIN_MESSAGE_MAP(RenderFrameProxyHost, msg) |
136 IPC_MESSAGE_HANDLER(FrameHostMsg_Detach, OnDetach) | 136 IPC_MESSAGE_HANDLER(FrameHostMsg_Detach, OnDetach) |
137 IPC_MESSAGE_HANDLER(FrameHostMsg_OpenURL, OnOpenURL) | 137 IPC_MESSAGE_HANDLER(FrameHostMsg_OpenURL, OnOpenURL) |
138 IPC_MESSAGE_HANDLER(FrameHostMsg_ForwardContentSecurityPolicyViolation, | |
139 OnForwardContentSecurityPolicyViolation) | |
138 IPC_MESSAGE_HANDLER(FrameHostMsg_RouteMessageEvent, OnRouteMessageEvent) | 140 IPC_MESSAGE_HANDLER(FrameHostMsg_RouteMessageEvent, OnRouteMessageEvent) |
139 IPC_MESSAGE_HANDLER(FrameHostMsg_DidChangeOpener, OnDidChangeOpener) | 141 IPC_MESSAGE_HANDLER(FrameHostMsg_DidChangeOpener, OnDidChangeOpener) |
140 IPC_MESSAGE_HANDLER(FrameHostMsg_AdvanceFocus, OnAdvanceFocus) | 142 IPC_MESSAGE_HANDLER(FrameHostMsg_AdvanceFocus, OnAdvanceFocus) |
141 IPC_MESSAGE_HANDLER(FrameHostMsg_FrameFocused, OnFrameFocused) | 143 IPC_MESSAGE_HANDLER(FrameHostMsg_FrameFocused, OnFrameFocused) |
142 IPC_MESSAGE_UNHANDLED(handled = false) | 144 IPC_MESSAGE_UNHANDLED(handled = false) |
143 IPC_END_MESSAGE_MAP() | 145 IPC_END_MESSAGE_MAP() |
144 return handled; | 146 return handled; |
145 } | 147 } |
146 | 148 |
147 bool RenderFrameProxyHost::InitRenderFrameProxy() { | 149 bool RenderFrameProxyHost::InitRenderFrameProxy() { |
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
261 | 263 |
262 // TODO(alexmos, creis): Figure out whether |params.user_gesture| needs to be | 264 // TODO(alexmos, creis): Figure out whether |params.user_gesture| needs to be |
263 // passed in as well. | 265 // passed in as well. |
264 frame_tree_node_->navigator()->RequestTransferURL( | 266 frame_tree_node_->navigator()->RequestTransferURL( |
265 current_rfh, validated_url, site_instance_.get(), std::vector<GURL>(), | 267 current_rfh, validated_url, site_instance_.get(), std::vector<GURL>(), |
266 params.referrer, ui::PAGE_TRANSITION_LINK, GlobalRequestID(), | 268 params.referrer, ui::PAGE_TRANSITION_LINK, GlobalRequestID(), |
267 params.should_replace_current_entry, params.uses_post ? "POST" : "GET", | 269 params.should_replace_current_entry, params.uses_post ? "POST" : "GET", |
268 params.resource_request_body); | 270 params.resource_request_body); |
269 } | 271 } |
270 | 272 |
273 bool RenderFrameProxyHost::CanForwardViolationToCurrentDocument( | |
274 const url::Origin& origin_declaring_violated_csp, | |
275 const std::string& violated_csp_header) { | |
276 RenderFrameHostImpl* current_rfh = frame_tree_node_->current_frame_host(); | |
277 if (!origin_declaring_violated_csp.IsSameOriginWith( | |
Charlie Reis
2016/08/12 20:47:30
This might be a problem if the origin of the page
| |
278 current_rfh->GetLastCommittedOrigin())) { | |
Łukasz Anforowicz
2016/08/12 18:55:04
creis@ said in another comment:
Charlie Reis
2016/08/12 20:47:30
Here's some of the navigation state gotchas I was
| |
279 return false; | |
280 } | |
281 | |
282 if (!current_rfh->frame_tree_node()->ContainsContentSecurityPolicyHeader( | |
283 violated_csp_header)) { | |
284 return false; | |
285 } | |
286 | |
287 return true; | |
288 } | |
289 | |
290 // TODO(lukasza): http://crbug.com/376522: Forwarding should not be needed once | |
291 // processing of frame-src, plugin-types and similar CSP directives is done in | |
292 // the browser process. | |
293 void RenderFrameProxyHost::OnForwardContentSecurityPolicyViolation( | |
294 const url::Origin& origin_declaring_violated_csp, | |
295 const ContentSecurityPolicyViolation& violation) { | |
296 // Try to verify that the CSP violation will be reported in the same document | |
297 // as the one that declared the violated CSP (i.e. that navigation of | |
298 // |current_rfh| didn't win a race with ForwardContentSecurityPolicyViolation | |
299 // IPC message). | |
300 // | |
301 // The checks made by CanForwardViolationToCurrentDocument are not 100% | |
302 // accurate, but a mistake should be safe to make until we can get rid of | |
303 // forwarding as part of moving CSP processing to the browser process | |
304 // (http://crbug.com/376522). The mistake should be safe, because: | |
305 // 1. We check that we don't disclose information cross-origin. | |
306 // 2. |violation.report_endpoints| works from any document of the right origin | |
307 // 3. It should be fine to write a console message as long as it reaches the | |
308 // console associated with the frame that used to host the document | |
309 // declaring the violated CSP. | |
310 // 4. In case of a race, an incorrect "securitypolicyviolation" event can be | |
311 // raised but this should be mitigated by: | |
312 // - low likelyhood of this happening (repro requires 1) different document | |
313 // from the same origin, 2) with the same csp header present, 3) | |
314 // navigated in a racey way with the csp check [e.g. navigating parent | |
315 // frame while checking child frame doesn't have the race - the child | |
316 // RFPH will be torn down before the violation-forwarding-ipc reaches | |
317 // it]). | |
318 // - low likelyhood of adverse effects (a page is unlikely to change its | |
319 // core behavior in response to a csp violation event) | |
320 if (!CanForwardViolationToCurrentDocument(origin_declaring_violated_csp, | |
321 violation.header)) { | |
322 return; | |
323 } | |
324 | |
325 // Forward CSP violation report to the frame that declared the CSP. | |
326 RenderFrameHostImpl* current_rfh = frame_tree_node_->current_frame_host(); | |
327 current_rfh->Send(new FrameMsg_ReportContentSecurityPolicyViolation( | |
328 current_rfh->GetRoutingID(), violation)); | |
329 } | |
330 | |
271 void RenderFrameProxyHost::OnRouteMessageEvent( | 331 void RenderFrameProxyHost::OnRouteMessageEvent( |
272 const FrameMsg_PostMessage_Params& params) { | 332 const FrameMsg_PostMessage_Params& params) { |
273 RenderFrameHostImpl* target_rfh = frame_tree_node()->current_frame_host(); | 333 RenderFrameHostImpl* target_rfh = frame_tree_node()->current_frame_host(); |
274 | 334 |
275 // Only deliver the message if the request came from a RenderFrameHost in the | 335 // Only deliver the message if the request came from a RenderFrameHost in the |
276 // same BrowsingInstance or if this WebContents is dedicated to a browser | 336 // same BrowsingInstance or if this WebContents is dedicated to a browser |
277 // plugin guest. | 337 // plugin guest. |
278 // | 338 // |
279 // TODO(alexmos, lazyboy): The check for browser plugin guest currently | 339 // TODO(alexmos, lazyboy): The check for browser plugin guest currently |
280 // requires going through the delegate. It should be refactored and | 340 // requires going through the delegate. It should be refactored and |
(...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
369 target_rfh->Send(new FrameMsg_AdvanceFocus(target_rfh->GetRoutingID(), type, | 429 target_rfh->Send(new FrameMsg_AdvanceFocus(target_rfh->GetRoutingID(), type, |
370 source_proxy_routing_id)); | 430 source_proxy_routing_id)); |
371 } | 431 } |
372 | 432 |
373 void RenderFrameProxyHost::OnFrameFocused() { | 433 void RenderFrameProxyHost::OnFrameFocused() { |
374 frame_tree_node_->current_frame_host()->delegate()->SetFocusedFrame( | 434 frame_tree_node_->current_frame_host()->delegate()->SetFocusedFrame( |
375 frame_tree_node_, GetSiteInstance()); | 435 frame_tree_node_, GetSiteInstance()); |
376 } | 436 } |
377 | 437 |
378 } // namespace content | 438 } // namespace content |
OLD | NEW |