content/browser/browser_plugin/browser_plugin_guest_manager.cc - Issue 23530029: Support webview tag when the container extension is embedded in a webUI

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/browser/browser_plugin/browser_plugin_guest_manager.cc

Issue 23530029: Support webview tag when the container extension is embedded in a webUI (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: merged Created 7 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « content/browser/browser_plugin/browser_plugin_embedder.cc ('k') | content/common/browser_plugin/browser_plugin_messages.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: content/browser/browser_plugin/browser_plugin_guest_manager.cc

diff --git a/content/browser/browser_plugin/browser_plugin_guest_manager.cc b/content/browser/browser_plugin/browser_plugin_guest_manager.cc

index 6c86331b0fe8d3af126df27f75c579ed432d34d4..3dceb63cfc8376fa49bb480b820b77bdd49e2839 100644

--- a/content/browser/browser_plugin/browser_plugin_guest_manager.cc

+++ b/content/browser/browser_plugin/browser_plugin_guest_manager.cc

@@ -16,6 +16,7 @@

#include "content/public/common/content_switches.h"

#include "content/public/common/result_codes.h"

#include "content/public/common/url_constants.h"

+#include "content/public/common/url_utils.h"

#include "net/base/escape.h"

#include "ui/events/keycodes/keyboard_codes.h"

@@ -44,6 +45,8 @@ BrowserPluginGuest* BrowserPluginGuestManager::CreateGuest(

const BrowserPluginHostMsg_Attach_Params& params,

scoped_ptr<base::DictionaryValue> extra_params) {

SiteInstance* guest_site_instance = NULL;

+ RenderProcessHost* embedder_process_host =

+ embedder_site_instance->GetProcess();

// Validate that the partition id coming from the renderer is valid UTF-8,

// since we depend on this in other parts of the code, such as FilePath

// creation. If the validation fails, treat it as a bad message and kill the

@@ -51,7 +54,7 @@ BrowserPluginGuest* BrowserPluginGuestManager::CreateGuest(

if (!IsStringUTF8(params.storage_partition_id)) {

content::RecordAction(UserMetricsAction("BadMessageTerminate_BPGM"));

base::KillProcess(

- embedder_site_instance->GetProcess()->GetHandle(),

+ embedder_process_host->GetHandle(),

content::RESULT_CODE_KILLED_BAD_MESSAGE, false);

return NULL;

}

@@ -70,7 +73,13 @@ BrowserPluginGuest* BrowserPluginGuestManager::CreateGuest(

guest_site_instance =

embedder_site_instance->GetRelatedSiteInstance(GURL(params.src));

} else {

- const std::string& host = embedder_site_instance->GetSiteURL().host();

+ // Only trust |embedder_frame_url| reported by a WebUI renderer.

+ const GURL& embedder_site_url = embedder_site_instance->GetSiteURL();

+ GURL validated_frame_url(params.embedder_frame_url);

+ RenderViewHost::FilterURL(

+ embedder_process_host, false, &validated_frame_url);

+ const std::string& host = content::HasWebUIScheme(embedder_site_url) ?

+ validated_frame_url.host() : embedder_site_url.host();

std::string url_encoded_partition = net::EscapeQueryParamValue(

params.storage_partition_id, false);