[ServiceWorker] Don't check the origin equality when disable-web-security flag is set.

content/browser/service_worker/service_worker_dispatcher_host.cc

Index: content/browser/service_worker/service_worker_dispatcher_host.cc
diff --git a/content/browser/service_worker/service_worker_dispatcher_host.cc b/content/browser/service_worker/service_worker_dispatcher_host.cc
index 7355acc9a7b1f8ebfca03c71eb8ab67235c443be..c1c57d75a55e09a65c08db5b38bb5d6c1f893786 100644
--- a/content/browser/service_worker/service_worker_dispatcher_host.cc
+++ b/content/browser/service_worker/service_worker_dispatcher_host.cc
@@ -6,6 +6,7 @@
 
 #include <utility>
 
+#include "base/command_line.h"
 #include "base/debug/crash_logging.h"
 #include "base/logging.h"
 #include "base/macros.h"
@@ -32,6 +33,7 @@
 #include "content/public/browser/content_browser_client.h"
 #include "content/public/common/browser_side_navigation_policy.h"
 #include "content/public/common/content_client.h"
+#include "content/public/common/content_switches.h"
 #include "content/public/common/origin_util.h"
 #include "ipc/ipc_message_macros.h"
 #include "third_party/WebKit/public/platform/modules/serviceworker/WebServiceWorkerError.h"
@@ -64,7 +66,9 @@ bool CanUnregisterServiceWorker(const GURL& document_url,
                                 const GURL& pattern) {
   DCHECK(document_url.is_valid());
   DCHECK(pattern.is_valid());
-  return document_url.GetOrigin() == pattern.GetOrigin() &&
+  return (document_url.GetOrigin() == pattern.GetOrigin() ||
+          base::CommandLine::ForCurrentProcess()->HasSwitch(
+              switches::kDisableWebSecurity)) &&

[nhiroki, 2016/08/01 04:32:45]

Checking the flag whenever matching origins could be error-prone. How about
making AllOriginsMatch() to accept variable length arguments and also checking
the flag in the function like this?

/* In class ServiceWorkerUtils */

// Returns true if all given urls have the same origin or
// '--disable-web-security' flag is specified.
template <typename... Args>
static bool AllOriginsMatch(const GURL& url, const Args&... urls) {
  if (base::CommandLine::ForCurrentProcess()->HasSwitch(
          switches::kDisableWebSecurity))
    return true;
  for (const GURL& u : { urls... }) {
    if (url.GetOrigin() != u.GetOrigin())
      return false;
  }
  return true;
}

Then,

/* In CanUnregisterServiceWorker() etc */
return ServiceWorkerUtils::AllOriginsMatch<GURL>(document_url, pattern) &&
       OriginCanAccessServiceWorkers(document_url) &&
       OriginCanAccessServiceWorkers(pattern);

[horo, 2016/08/01 07:40:55]

Done.
I introduced PassOriginEqualitySecurityCheck().

          OriginCanAccessServiceWorkers(document_url) &&
          OriginCanAccessServiceWorkers(pattern);
 }
@@ -74,14 +78,18 @@ bool CanUpdateServiceWorker(const GURL& document_url, const GURL& pattern) {
   DCHECK(pattern.is_valid());
   DCHECK(OriginCanAccessServiceWorkers(document_url));
   DCHECK(OriginCanAccessServiceWorkers(pattern));
-  return document_url.GetOrigin() == pattern.GetOrigin();
+  return document_url.GetOrigin() == pattern.GetOrigin() ||
+         base::CommandLine::ForCurrentProcess()->HasSwitch(
+             switches::kDisableWebSecurity);

[nhiroki, 2016/08/01 04:32:45]

Just to confirm: This flag has an effect only when --user-data-dir flag is also
specified, right?

[horo, 2016/08/01 07:40:55]

If "user-data-dir" flag is not set,  "disable-web-security" flag doesn't disable
the same-origin policy in Blink side.
See ChromeContentBrowserClient::OverrideWebkitPrefs().

 }
 
 bool CanGetRegistration(const GURL& document_url,
                         const GURL& given_document_url) {
   DCHECK(document_url.is_valid());
   DCHECK(given_document_url.is_valid());
-  return document_url.GetOrigin() == given_document_url.GetOrigin() &&
+  return (document_url.GetOrigin() == given_document_url.GetOrigin() ||
+          base::CommandLine::ForCurrentProcess()->HasSwitch(
+              switches::kDisableWebSecurity)) &&
          OriginCanAccessServiceWorkers(document_url) &&
          OriginCanAccessServiceWorkers(given_document_url);
 }