OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/frame_host/render_frame_message_filter.h" | 5 #include "content/browser/frame_host/render_frame_message_filter.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/macros.h" | 8 #include "base/macros.h" |
9 #include "base/metrics/field_trial.h" | 9 #include "base/metrics/field_trial.h" |
10 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
(...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
226 | 226 |
227 RenderFrameMessageFilter::~RenderFrameMessageFilter() { | 227 RenderFrameMessageFilter::~RenderFrameMessageFilter() { |
228 // This function should be called on the IO thread. | 228 // This function should be called on the IO thread. |
229 DCHECK_CURRENTLY_ON(BrowserThread::IO); | 229 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
230 } | 230 } |
231 | 231 |
232 bool RenderFrameMessageFilter::OnMessageReceived(const IPC::Message& message) { | 232 bool RenderFrameMessageFilter::OnMessageReceived(const IPC::Message& message) { |
233 bool handled = true; | 233 bool handled = true; |
234 IPC_BEGIN_MESSAGE_MAP(RenderFrameMessageFilter, message) | 234 IPC_BEGIN_MESSAGE_MAP(RenderFrameMessageFilter, message) |
235 IPC_MESSAGE_HANDLER(FrameHostMsg_CreateChildFrame, OnCreateChildFrame) | 235 IPC_MESSAGE_HANDLER(FrameHostMsg_CreateChildFrame, OnCreateChildFrame) |
236 IPC_MESSAGE_HANDLER_DELAY_REPLY(FrameHostMsg_GetCookies, OnGetCookies) | |
237 IPC_MESSAGE_HANDLER(FrameHostMsg_CookiesEnabled, OnCookiesEnabled) | 236 IPC_MESSAGE_HANDLER(FrameHostMsg_CookiesEnabled, OnCookiesEnabled) |
238 IPC_MESSAGE_HANDLER(FrameHostMsg_DownloadUrl, OnDownloadUrl) | 237 IPC_MESSAGE_HANDLER(FrameHostMsg_DownloadUrl, OnDownloadUrl) |
239 IPC_MESSAGE_HANDLER(FrameHostMsg_SaveImageFromDataURL, | 238 IPC_MESSAGE_HANDLER(FrameHostMsg_SaveImageFromDataURL, |
240 OnSaveImageFromDataURL) | 239 OnSaveImageFromDataURL) |
241 IPC_MESSAGE_HANDLER(FrameHostMsg_Are3DAPIsBlocked, OnAre3DAPIsBlocked) | 240 IPC_MESSAGE_HANDLER(FrameHostMsg_Are3DAPIsBlocked, OnAre3DAPIsBlocked) |
242 IPC_MESSAGE_HANDLER_GENERIC(FrameHostMsg_RenderProcessGone, | 241 IPC_MESSAGE_HANDLER_GENERIC(FrameHostMsg_RenderProcessGone, |
243 OnRenderProcessGone()) | 242 OnRenderProcessGone()) |
244 #if defined(ENABLE_PLUGINS) | 243 #if defined(ENABLE_PLUGINS) |
245 IPC_MESSAGE_HANDLER_DELAY_REPLY(FrameHostMsg_GetPlugins, OnGetPlugins) | 244 IPC_MESSAGE_HANDLER_DELAY_REPLY(FrameHostMsg_GetPlugins, OnGetPlugins) |
246 IPC_MESSAGE_HANDLER(FrameHostMsg_GetPluginInfo, OnGetPluginInfo) | 245 IPC_MESSAGE_HANDLER(FrameHostMsg_GetPluginInfo, OnGetPluginInfo) |
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
301 int* new_routing_id) { | 300 int* new_routing_id) { |
302 *new_routing_id = render_widget_helper_->GetNextRoutingID(); | 301 *new_routing_id = render_widget_helper_->GetNextRoutingID(); |
303 BrowserThread::PostTask( | 302 BrowserThread::PostTask( |
304 BrowserThread::UI, FROM_HERE, | 303 BrowserThread::UI, FROM_HERE, |
305 base::Bind(&CreateChildFrameOnUI, render_process_id_, | 304 base::Bind(&CreateChildFrameOnUI, render_process_id_, |
306 params.parent_routing_id, params.scope, params.frame_name, | 305 params.parent_routing_id, params.scope, params.frame_name, |
307 params.frame_unique_name, params.sandbox_flags, | 306 params.frame_unique_name, params.sandbox_flags, |
308 params.frame_owner_properties, *new_routing_id)); | 307 params.frame_owner_properties, *new_routing_id)); |
309 } | 308 } |
310 | 309 |
311 void RenderFrameMessageFilter::OnGetCookies(int render_frame_id, | |
312 const GURL& url, | |
313 const GURL& first_party_for_cookies, | |
314 IPC::Message* reply_msg) { | |
315 ChildProcessSecurityPolicyImpl* policy = | |
316 ChildProcessSecurityPolicyImpl::GetInstance(); | |
317 if (!policy->CanAccessDataForOrigin(render_process_id_, url)) { | |
318 bad_message::ReceivedBadMessage(this, | |
319 bad_message::RFMF_GET_COOKIES_BAD_ORIGIN); | |
320 delete reply_msg; | |
321 return; | |
322 } | |
323 | |
324 // If we crash here, figure out what URL the renderer was requesting. | |
325 // http://crbug.com/99242 | |
Ken Rockot(use gerrit already)
2016/08/02 20:42:37
Note: I removed this chunk of code because the bug
| |
326 char url_buf[128]; | |
327 base::strlcpy(url_buf, url.spec().c_str(), arraysize(url_buf)); | |
328 base::debug::Alias(url_buf); | |
329 | |
330 net::URLRequestContext* context = GetRequestContextForURL(url); | |
331 | |
332 net::CookieOptions options; | |
333 if (net::registry_controlled_domains::SameDomainOrHost( | |
334 url, first_party_for_cookies, | |
335 net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES)) { | |
336 // TODO(mkwst): This check ought to further distinguish between frames | |
337 // initiated in a strict or lax same-site context. | |
338 options.set_same_site_cookie_mode( | |
339 net::CookieOptions::SameSiteCookieMode::INCLUDE_STRICT_AND_LAX); | |
340 } else { | |
341 options.set_same_site_cookie_mode( | |
342 net::CookieOptions::SameSiteCookieMode::DO_NOT_INCLUDE); | |
343 } | |
344 | |
345 context->cookie_store()->GetCookieListWithOptionsAsync( | |
346 url, options, | |
347 base::Bind(&RenderFrameMessageFilter::CheckPolicyForCookies, this, | |
348 render_frame_id, url, first_party_for_cookies, reply_msg)); | |
349 } | |
350 | |
351 void RenderFrameMessageFilter::OnCookiesEnabled( | 310 void RenderFrameMessageFilter::OnCookiesEnabled( |
352 int render_frame_id, | 311 int render_frame_id, |
353 const GURL& url, | 312 const GURL& url, |
354 const GURL& first_party_for_cookies, | 313 const GURL& first_party_for_cookies, |
355 bool* cookies_enabled) { | 314 bool* cookies_enabled) { |
356 // TODO(ananta): If this render frame is associated with an automation | 315 // TODO(ananta): If this render frame is associated with an automation |
357 // channel, aka ChromeFrame then we need to retrieve cookie settings from the | 316 // channel, aka ChromeFrame then we need to retrieve cookie settings from the |
358 // external host. | 317 // external host. |
359 *cookies_enabled = GetContentClient()->browser()->AllowGetCookie( | 318 *cookies_enabled = GetContentClient()->browser()->AllowGetCookie( |
360 url, first_party_for_cookies, net::CookieList(), resource_context_, | 319 url, first_party_for_cookies, net::CookieList(), resource_context_, |
361 render_process_id_, render_frame_id); | 320 render_process_id_, render_frame_id); |
362 } | 321 } |
363 | 322 |
364 void RenderFrameMessageFilter::CheckPolicyForCookies( | 323 void RenderFrameMessageFilter::CheckPolicyForCookies( |
365 int render_frame_id, | 324 int render_frame_id, |
366 const GURL& url, | 325 const GURL& url, |
367 const GURL& first_party_for_cookies, | 326 const GURL& first_party_for_cookies, |
368 IPC::Message* reply_msg, | 327 const GetCookiesCallback& callback, |
369 const net::CookieList& cookie_list) { | 328 const net::CookieList& cookie_list) { |
370 net::URLRequestContext* context = GetRequestContextForURL(url); | 329 net::URLRequestContext* context = GetRequestContextForURL(url); |
371 // Check the policy for get cookies, and pass cookie_list to the | 330 // Check the policy for get cookies, and pass cookie_list to the |
372 // TabSpecificContentSetting for logging purpose. | 331 // TabSpecificContentSetting for logging purpose. |
373 if (context && | 332 if (context && |
374 GetContentClient()->browser()->AllowGetCookie( | 333 GetContentClient()->browser()->AllowGetCookie( |
375 url, first_party_for_cookies, cookie_list, resource_context_, | 334 url, first_party_for_cookies, cookie_list, resource_context_, |
376 render_process_id_, render_frame_id)) { | 335 render_process_id_, render_frame_id)) { |
377 SendGetCookiesResponse(reply_msg, | 336 callback.Run(net::CookieStore::BuildCookieLine(cookie_list)); |
378 net::CookieStore::BuildCookieLine(cookie_list)); | |
379 } else { | 337 } else { |
380 SendGetCookiesResponse(reply_msg, std::string()); | 338 callback.Run(std::string()); |
381 } | 339 } |
382 } | 340 } |
383 | 341 |
384 void RenderFrameMessageFilter::SendGetCookiesResponse( | |
385 IPC::Message* reply_msg, | |
386 const std::string& cookies) { | |
387 FrameHostMsg_GetCookies::WriteReplyParams(reply_msg, cookies); | |
388 Send(reply_msg); | |
389 } | |
390 | |
391 void RenderFrameMessageFilter::OnDownloadUrl( | 342 void RenderFrameMessageFilter::OnDownloadUrl( |
392 int render_view_id, | 343 int render_view_id, |
393 int render_frame_id, | 344 int render_frame_id, |
394 const GURL& url, | 345 const GURL& url, |
395 const Referrer& referrer, | 346 const Referrer& referrer, |
396 const base::string16& suggested_name) { | 347 const base::string16& suggested_name) { |
397 DownloadUrl(render_view_id, render_frame_id, url, referrer, suggested_name, | 348 DownloadUrl(render_view_id, render_frame_id, url, referrer, suggested_name, |
398 false); | 349 false); |
399 } | 350 } |
400 | 351 |
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
457 if (GetContentClient()->browser()->AllowSetCookie( | 408 if (GetContentClient()->browser()->AllowSetCookie( |
458 url, first_party_for_cookies, cookie, resource_context_, | 409 url, first_party_for_cookies, cookie, resource_context_, |
459 render_process_id_, render_frame_id, options)) { | 410 render_process_id_, render_frame_id, options)) { |
460 net::URLRequestContext* context = GetRequestContextForURL(url); | 411 net::URLRequestContext* context = GetRequestContextForURL(url); |
461 // Pass a null callback since we don't care about when the 'set' completes. | 412 // Pass a null callback since we don't care about when the 'set' completes. |
462 context->cookie_store()->SetCookieWithOptionsAsync( | 413 context->cookie_store()->SetCookieWithOptionsAsync( |
463 url, cookie, options, net::CookieStore::SetCookiesCallback()); | 414 url, cookie, options, net::CookieStore::SetCookiesCallback()); |
464 } | 415 } |
465 } | 416 } |
466 | 417 |
418 void RenderFrameMessageFilter::GetCookies(int render_frame_id, | |
419 const GURL& url, | |
420 const GURL& first_party_for_cookies, | |
421 const GetCookiesCallback& callback) { | |
422 ChildProcessSecurityPolicyImpl* policy = | |
423 ChildProcessSecurityPolicyImpl::GetInstance(); | |
424 if (!policy->CanAccessDataForOrigin(render_process_id_, url)) { | |
425 bad_message::ReceivedBadMessage(this, | |
426 bad_message::RFMF_GET_COOKIES_BAD_ORIGIN); | |
427 callback.Run(std::string()); | |
428 return; | |
429 } | |
430 | |
431 net::CookieOptions options; | |
432 if (net::registry_controlled_domains::SameDomainOrHost( | |
433 url, first_party_for_cookies, | |
434 net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES)) { | |
435 // TODO(mkwst): This check ought to further distinguish between frames | |
436 // initiated in a strict or lax same-site context. | |
437 options.set_same_site_cookie_mode( | |
438 net::CookieOptions::SameSiteCookieMode::INCLUDE_STRICT_AND_LAX); | |
439 } else { | |
440 options.set_same_site_cookie_mode( | |
441 net::CookieOptions::SameSiteCookieMode::DO_NOT_INCLUDE); | |
442 } | |
443 | |
444 net::URLRequestContext* context = GetRequestContextForURL(url); | |
445 context->cookie_store()->GetCookieListWithOptionsAsync( | |
446 url, options, | |
447 base::Bind(&RenderFrameMessageFilter::CheckPolicyForCookies, this, | |
448 render_frame_id, url, first_party_for_cookies, callback)); | |
449 } | |
450 | |
467 #if defined(ENABLE_PLUGINS) | 451 #if defined(ENABLE_PLUGINS) |
468 | 452 |
469 void RenderFrameMessageFilter::OnGetPlugins( | 453 void RenderFrameMessageFilter::OnGetPlugins( |
470 bool refresh, | 454 bool refresh, |
471 IPC::Message* reply_msg) { | 455 IPC::Message* reply_msg) { |
472 // Don't refresh if the specified threshold has not been passed. Note that | 456 // Don't refresh if the specified threshold has not been passed. Note that |
473 // this check is performed before off-loading to the file thread. The reason | 457 // this check is performed before off-loading to the file thread. The reason |
474 // we do this is that some pages tend to request that the list of plugins be | 458 // we do this is that some pages tend to request that the list of plugins be |
475 // refreshed at an excessive rate. This instigates disk scanning, as the list | 459 // refreshed at an excessive rate. This instigates disk scanning, as the list |
476 // is accumulated by doing multiple reads from disk. This effect is | 460 // is accumulated by doing multiple reads from disk. This effect is |
(...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
611 net::URLRequestContext* context = | 595 net::URLRequestContext* context = |
612 GetContentClient()->browser()->OverrideRequestContextForURL( | 596 GetContentClient()->browser()->OverrideRequestContextForURL( |
613 url, resource_context_); | 597 url, resource_context_); |
614 if (!context) | 598 if (!context) |
615 context = request_context_->GetURLRequestContext(); | 599 context = request_context_->GetURLRequestContext(); |
616 | 600 |
617 return context; | 601 return context; |
618 } | 602 } |
619 | 603 |
620 } // namespace content | 604 } // namespace content |
OLD | NEW |