OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/dom/RemoteSecurityContext.h" | 5 #include "core/dom/RemoteSecurityContext.h" |
6 | 6 |
7 #include "core/frame/csp/ContentSecurityPolicy.h" | 7 #include "core/frame/RemoteFrameClient.h" |
| 8 #include "core/frame/csp/RemoteContentSecurityPolicy.h" |
8 #include "platform/weborigin/SecurityOrigin.h" | 9 #include "platform/weborigin/SecurityOrigin.h" |
9 #include "wtf/Assertions.h" | 10 #include "wtf/Assertions.h" |
10 | 11 |
11 namespace blink { | 12 namespace blink { |
12 | 13 |
13 RemoteSecurityContext::RemoteSecurityContext() | 14 RemoteSecurityContext::RemoteSecurityContext(RemoteFrameClient* remoteFrameClien
t) |
14 : SecurityContext() | 15 : SecurityContext() |
| 16 , m_remoteFrameClient(remoteFrameClient) |
15 { | 17 { |
16 // RemoteSecurityContext's origin is expected to stay uninitialized until | 18 // RemoteSecurityContext's origin is expected to stay uninitialized until |
17 // we set it using replicated origin data from the browser process. | 19 // we set it using replicated origin data from the browser process. |
18 DCHECK(!getSecurityOrigin()); | 20 DCHECK(!getSecurityOrigin()); |
19 | 21 |
| 22 // Caller needs to pass a non-null |remoteFrameClient|. |
| 23 DCHECK(remoteFrameClient); |
| 24 |
20 // Start with a clean slate. | 25 // Start with a clean slate. |
21 setContentSecurityPolicy(ContentSecurityPolicy::create()); | 26 setContentSecurityPolicy(RemoteContentSecurityPolicy::create(m_remoteFrameCl
ient)); |
22 | 27 |
23 // FIXME: Document::initSecurityContext has a few other things we may | 28 // FIXME: Document::initSecurityContext has a few other things we may |
24 // eventually want here, such as enforcing a setting to | 29 // eventually want here, such as enforcing a setting to |
25 // grantUniversalAccess(). | 30 // grantUniversalAccess(). |
26 } | 31 } |
27 | 32 |
28 RemoteSecurityContext* RemoteSecurityContext::create() | 33 RemoteSecurityContext* RemoteSecurityContext::create(RemoteFrameClient* remoteFr
ameClient) |
29 { | 34 { |
30 return new RemoteSecurityContext(); | 35 return new RemoteSecurityContext(remoteFrameClient); |
31 } | 36 } |
32 | 37 |
33 DEFINE_TRACE(RemoteSecurityContext) | 38 DEFINE_TRACE(RemoteSecurityContext) |
34 { | 39 { |
| 40 visitor->trace(m_remoteFrameClient); |
35 SecurityContext::trace(visitor); | 41 SecurityContext::trace(visitor); |
36 } | 42 } |
37 | 43 |
38 void RemoteSecurityContext::setReplicatedOrigin(PassRefPtr<SecurityOrigin> origi
n) | 44 void RemoteSecurityContext::setReplicatedOrigin(PassRefPtr<SecurityOrigin> origi
n) |
39 { | 45 { |
40 DCHECK(origin); | 46 DCHECK(origin); |
41 setSecurityOrigin(origin); | 47 setSecurityOrigin(origin); |
42 contentSecurityPolicy()->setupSelf(*getSecurityOrigin()); | 48 contentSecurityPolicy()->setupSelf(*getSecurityOrigin()); |
43 } | 49 } |
44 | 50 |
45 void RemoteSecurityContext::resetReplicatedContentSecurityPolicy() | 51 void RemoteSecurityContext::resetReplicatedContentSecurityPolicy() |
46 { | 52 { |
47 DCHECK(getSecurityOrigin()); | 53 DCHECK(getSecurityOrigin()); |
48 setContentSecurityPolicy(ContentSecurityPolicy::create()); | 54 setContentSecurityPolicy(RemoteContentSecurityPolicy::create(m_remoteFrameCl
ient)); |
49 contentSecurityPolicy()->setupSelf(*getSecurityOrigin()); | 55 contentSecurityPolicy()->setupSelf(*getSecurityOrigin()); |
50 } | 56 } |
51 | 57 |
52 } // namespace blink | 58 } // namespace blink |
OLD | NEW |