chrome/browser/budget_service/budget_manager.cc - Issue 2366533002: Budget API calls should only succeed on secure origins

Side by Side Diff: chrome/browser/budget_service/budget_manager.cc

Issue 2366533002: Budget API calls should only succeed on secure origins (Closed)

Patch Set: Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright 2016 The Chromium Authors. All rights reserved.	1 // Copyright 2016 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/budget_service/budget_manager.h"	5 #include "chrome/browser/budget_service/budget_manager.h"

6	6

7 #include <stdint.h>	7 #include <stdint.h>

8	8

9 #include "base/callback.h"	9 #include "base/callback.h"

10 #include "base/memory/ptr_util.h"	10 #include "base/memory/ptr_util.h"

11 #include "base/metrics/histogram_macros.h"	11 #include "base/metrics/histogram_macros.h"

12 #include "base/threading/thread_task_runner_handle.h"	12 #include "base/threading/thread_task_runner_handle.h"

13 #include "base/time/time.h"	13 #include "base/time/time.h"

14 #include "chrome/browser/engagement/site_engagement_score.h"	14 #include "chrome/browser/engagement/site_engagement_score.h"

15 #include "chrome/browser/profiles/profile.h"	15 #include "chrome/browser/profiles/profile.h"

16 #include "chrome/common/pref_names.h"	16 #include "chrome/common/pref_names.h"

17 #include "components/pref_registry/pref_registry_syncable.h"	17 #include "components/pref_registry/pref_registry_syncable.h"

18 #include "components/prefs/pref_service.h"	18 #include "components/prefs/pref_service.h"

19 #include "content/public/browser/browser_thread.h"	19 #include "content/public/browser/browser_thread.h"

	20 #include "content/public/common/origin_util.h"

20 #include "third_party/WebKit/public/platform/modules/budget_service/budget_servi ce.mojom.h"	21 #include "third_party/WebKit/public/platform/modules/budget_service/budget_servi ce.mojom.h"

21 #include "url/origin.h"	22 #include "url/origin.h"

22	23

23 using content::BrowserThread;	24 using content::BrowserThread;

24	25

25 namespace {	26 namespace {

26	27

27 // Previously, budget information was stored in the prefs. If there is any old	28 // Previously, budget information was stored in the prefs. If there is any old

28 // information still there, clear it.	29 // information still there, clear it.

29 // TODO(harkness): Remove once Chrome 56 has branched.	30 // TODO(harkness): Remove once Chrome 56 has branched.

(...skipping 31 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
61 case blink::mojom::BudgetOperationType::INVALID_OPERATION:	62 case blink::mojom::BudgetOperationType::INVALID_OPERATION:

62 return SiteEngagementScore::kMaxPoints + 1;	63 return SiteEngagementScore::kMaxPoints + 1;

63 // No default case.	64 // No default case.

64 }	65 }

65 NOTREACHED();	66 NOTREACHED();

66 return SiteEngagementScore::kMaxPoints + 1.0;	67 return SiteEngagementScore::kMaxPoints + 1.0;

67 }	68 }

68	69

69 void BudgetManager::GetBudget(const url::Origin& origin,	70 void BudgetManager::GetBudget(const url::Origin& origin,

70 const GetBudgetCallback& callback) {	71 const GetBudgetCallback& callback) {

	72 const GURL url(origin.Serialize());

	73 if (!url.SchemeIsHTTPOrHTTPS() \|\| !content::IsOriginSecure(url)) {
	Peter Beverloo 2016/09/22 14:27:29 What's the added value of checking SchemeIsHTTPOrH What's the added value of checking SchemeIsHTTPOrHTTPS()? I think we can just rely on IsOriginSecure(). Elsewhere too. harkness 2016/09/22 15:35:46 By my reading of IsOriginSecure, it looks like it Show quoted text On 2016/09/22 14:27:29, Peter Beverloo wrote: > What's the added value of checking SchemeIsHTTPOrHTTPS()? I think we can just > rely on IsOriginSecure(). Elsewhere too. By my reading of IsOriginSecure, it looks like it will allow file schemes, which are not allowed by ServiceWorkers. I suppose it's really up to us what we want to allow in the spec, but my plan was to mirror the service worker limits, and OriginCanAccessServiceWorkers has botht he IsOriginSecure and the SchemeIsHTTPOrHTTPS check.
	74 callback.Run(blink::mojom::BudgetServiceErrorType::NOT_SUPPORTED,

	75 mojo::Array<blink::mojom::BudgetStatePtr>());

	76 return;

	77 }

71 db_.GetBudgetDetails(origin, callback);	78 db_.GetBudgetDetails(origin, callback);

72 }	79 }

73	80

74 void BudgetManager::Reserve(const url::Origin& origin,	81 void BudgetManager::Reserve(const url::Origin& origin,

75 blink::mojom::BudgetOperationType type,	82 blink::mojom::BudgetOperationType type,

76 const ReserveCallback& callback) {	83 const ReserveCallback& callback) {

	84 const GURL url(origin.Serialize());

	85 if (!url.SchemeIsHTTPOrHTTPS() \|\| !content::IsOriginSecure(url)) {

	86 callback.Run(blink::mojom::BudgetServiceErrorType::NOT_SUPPORTED,

	87 false /* success */);

	88 return;

	89 }

77 db_.SpendBudget(origin, GetCost(type),	90 db_.SpendBudget(origin, GetCost(type),

78 base::Bind(&BudgetManager::DidReserve,	91 base::Bind(&BudgetManager::DidReserve,

79 weak_ptr_factory_.GetWeakPtr(), origin, callback));	92 weak_ptr_factory_.GetWeakPtr(), origin, callback));

80 }	93 }

81	94

82 void BudgetManager::Consume(const url::Origin& origin,	95 void BudgetManager::Consume(const url::Origin& origin,

83 blink::mojom::BudgetOperationType type,	96 blink::mojom::BudgetOperationType type,

84 const ConsumeCallback& callback) {	97 const ConsumeCallback& callback) {

	98 const GURL url(origin.Serialize());

	99 if (!url.SchemeIsHTTPOrHTTPS() \|\| !content::IsOriginSecure(url)) {

	100 callback.Run(false /* success */);

	101 return;

	102 }

	103

85 bool found_reservation = false;	104 bool found_reservation = false;

86	105

87 // First, see if there is a reservation already.	106 // First, see if there is a reservation already.

88 auto count = reservation_map_.find(origin);	107 auto count = reservation_map_.find(origin);

89 if (count != reservation_map_.end()) {	108 if (count != reservation_map_.end()) {

90 if (count->second == 1)	109 if (count->second == 1)

91 reservation_map_.erase(origin);	110 reservation_map_.erase(origin);

92 else	111 else

93 reservation_map_[origin]--;	112 reservation_map_[origin]--;

94 found_reservation = true;	113 found_reservation = true;

(...skipping 26 matching lines...) Expand all Loading...
121 void BudgetManager::DidReserve(const url::Origin& origin,	140 void BudgetManager::DidReserve(const url::Origin& origin,

122 const ReserveCallback& callback,	141 const ReserveCallback& callback,

123 blink::mojom::BudgetServiceErrorType error,	142 blink::mojom::BudgetServiceErrorType error,

124 bool success) {	143 bool success) {

125 // If the call succeeded, write the new reservation into the map.	144 // If the call succeeded, write the new reservation into the map.

126 if (success && error == blink::mojom::BudgetServiceErrorType::NONE)	145 if (success && error == blink::mojom::BudgetServiceErrorType::NONE)

127 reservation_map_[origin]++;	146 reservation_map_[origin]++;

128	147

129 callback.Run(error, success);	148 callback.Run(error, success);

130 }	149 }

OLD	NEW

« no previous file with comments | « no previous file | chrome/browser/budget_service/budget_manager_unittest.cc » ('j') | no next file with comments »