OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/blob_storage/blob_dispatcher_host.h" | 5 #include "content/browser/blob_storage/blob_dispatcher_host.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/metrics/histogram_macros.h" | 10 #include "base/metrics/histogram_macros.h" |
(...skipping 286 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
297 context); | 297 context); |
298 Send(new BlobStorageMsg_CancelBuildingBlob( | 298 Send(new BlobStorageMsg_CancelBuildingBlob( |
299 uuid, IPCBlobCreationCancelCode::BLOB_DEREFERENCED_WHILE_BUILDING)); | 299 uuid, IPCBlobCreationCancelCode::BLOB_DEREFERENCED_WHILE_BUILDING)); |
300 } | 300 } |
301 } | 301 } |
302 } | 302 } |
303 | 303 |
304 void BlobDispatcherHost::OnRegisterPublicBlobURL(const GURL& public_url, | 304 void BlobDispatcherHost::OnRegisterPublicBlobURL(const GURL& public_url, |
305 const std::string& uuid) { | 305 const std::string& uuid) { |
306 DCHECK_CURRENTLY_ON(BrowserThread::IO); | 306 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
307 BlobStorageContext* context = this->context(); | 307 ChildProcessSecurityPolicyImpl* security_policy = |
| 308 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 309 |
| 310 // Blob urls have embedded origins. A frame should only be creating blob URLs |
| 311 // in the origin of its current document. Make sure that the origin advertised |
| 312 // on the URL is allowed to be rendered in this process. |
| 313 if (!public_url.SchemeIsBlob() || |
| 314 !security_policy->CanCommitURL(process_id_, public_url)) { |
| 315 bad_message::ReceivedBadMessage(this, bad_message::BDH_DISALLOWED_ORIGIN); |
| 316 return; |
| 317 } |
308 if (uuid.empty()) { | 318 if (uuid.empty()) { |
309 bad_message::ReceivedBadMessage(this, | 319 bad_message::ReceivedBadMessage(this, |
310 bad_message::BDH_INVALID_URL_OPERATION); | 320 bad_message::BDH_INVALID_URL_OPERATION); |
311 return; | 321 return; |
312 } | 322 } |
| 323 BlobStorageContext* context = this->context(); |
313 if (!IsInUseInHost(uuid) || context->registry().IsURLMapped(public_url)) { | 324 if (!IsInUseInHost(uuid) || context->registry().IsURLMapped(public_url)) { |
314 UMA_HISTOGRAM_ENUMERATION("Storage.Blob.InvalidURLRegister", BDH_INCREMENT, | 325 UMA_HISTOGRAM_ENUMERATION("Storage.Blob.InvalidURLRegister", BDH_INCREMENT, |
315 BDH_TRACING_ENUM_LAST); | 326 BDH_TRACING_ENUM_LAST); |
316 return; | 327 return; |
317 } | 328 } |
318 context->RegisterPublicBlobURL(public_url, uuid); | 329 context->RegisterPublicBlobURL(public_url, uuid); |
319 public_blob_urls_.insert(public_url); | 330 public_blob_urls_.insert(public_url); |
320 } | 331 } |
321 | 332 |
322 void BlobDispatcherHost::OnRevokePublicBlobURL(const GURL& public_url) { | 333 void BlobDispatcherHost::OnRevokePublicBlobURL(const GURL& public_url) { |
(...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
398 context->RevokePublicBlobURL(url); | 409 context->RevokePublicBlobURL(url); |
399 } | 410 } |
400 for (const auto& uuid_refnum_pair : blobs_inuse_map_) { | 411 for (const auto& uuid_refnum_pair : blobs_inuse_map_) { |
401 for (int i = 0; i < uuid_refnum_pair.second; ++i) | 412 for (int i = 0; i < uuid_refnum_pair.second; ++i) |
402 context->DecrementBlobRefCount(uuid_refnum_pair.first); | 413 context->DecrementBlobRefCount(uuid_refnum_pair.first); |
403 } | 414 } |
404 async_builder_.CancelAll(context); | 415 async_builder_.CancelAll(context); |
405 } | 416 } |
406 | 417 |
407 } // namespace content | 418 } // namespace content |
OLD | NEW |