| Index: third_party/WebKit/Source/core/inspector/InspectorWebPerfAgent.cpp
|
| diff --git a/third_party/WebKit/Source/core/inspector/InspectorWebPerfAgent.cpp b/third_party/WebKit/Source/core/inspector/InspectorWebPerfAgent.cpp
|
| index 6fd1f79e11d6e923fdbe4e5a5d817f00004a9f25..feb2fbd72457f614b53f96ed9573a4696ee57339 100644
|
| --- a/third_party/WebKit/Source/core/inspector/InspectorWebPerfAgent.cpp
|
| +++ b/third_party/WebKit/Source/core/inspector/InspectorWebPerfAgent.cpp
|
| @@ -7,6 +7,7 @@
|
| #include "core/InstrumentingAgents.h"
|
| #include "core/dom/Document.h"
|
| #include "core/dom/ExecutionContext.h"
|
| +#include "core/frame/DOMWindow.h"
|
| #include "core/frame/Frame.h"
|
| #include "core/frame/LocalFrame.h"
|
| #include "core/frame/Location.h"
|
| @@ -19,8 +20,12 @@ namespace blink {
|
|
|
| namespace {
|
| static const double kLongTaskThresholdMillis = 50.0;
|
| -static const char* unknownAttribution = "unknown";
|
| -static const char* ambiguousAttribution = "multiple-contexts";
|
| +static const char kUnknownAttribution[] = "unknown";
|
| +static const char kAmbugiousAttribution[] = "multiple-contexts";
|
| +static const char kSameOriginAttribution[] = "same-origin";
|
| +static const char kAncestorAttribution[] = "cross-origin-ancestor";
|
| +static const char kDescendantAttribution[] = "cross-origin-descendant";
|
| +static const char kCrossOriginAttribution[] = "cross-origin-unreachable";
|
|
|
| bool canAccessOrigin(Frame* frame1, Frame* frame2) {
|
| SecurityOrigin* securityOrigin1 =
|
| @@ -87,30 +92,56 @@ void InspectorWebPerfAgent::ReportTaskTime(scheduler::TaskQueue*,
|
| return;
|
| Performance* performance = DOMWindowPerformance::performance(*domWindow);
|
| DCHECK(performance);
|
| - performance->addLongTaskTiming(
|
| - startTime, endTime, sanitizedLongTaskName(m_frameContextLocations,
|
| - m_inspectedFrames->root()));
|
| + std::pair<String, DOMWindow*> attribution =
|
| + sanitizedAttribution(m_frameContextLocations, m_inspectedFrames->root());
|
| + performance->addLongTaskTiming(startTime, endTime, attribution.first,
|
| + attribution.second);
|
| }
|
|
|
| -String InspectorWebPerfAgent::sanitizedLongTaskName(
|
| +/**
|
| + * Report sanitized name based on cross-origin policy.
|
| + * See detailed Security doc here: http://bit.ly/2duD3F7
|
| + */
|
| +std::pair<String, DOMWindow*> InspectorWebPerfAgent::sanitizedAttribution(
|
| const HeapHashSet<Member<Location>>& frameContextLocations,
|
| - Frame* rootFrame) {
|
| + Frame* observerFrame) {
|
| if (frameContextLocations.size() == 0) {
|
| // Unable to attribute as no script was involved.
|
| - return unknownAttribution;
|
| + return std::make_pair(kUnknownAttribution, nullptr);
|
| }
|
| if (frameContextLocations.size() > 1) {
|
| // Unable to attribute, multiple script execution contents were involved.
|
| - return ambiguousAttribution;
|
| + return std::make_pair(kAmbugiousAttribution, nullptr);
|
| }
|
| // Exactly one culprit location, attribute based on origin boundary.
|
| DCHECK_EQ(1u, frameContextLocations.size());
|
| Location* culpritLocation = *frameContextLocations.begin();
|
| - if (canAccessOrigin(rootFrame, culpritLocation->frame())) {
|
| - // For same origin, it's safe to to return culprit location URL.
|
| - return culpritLocation->href();
|
| + if (canAccessOrigin(observerFrame, culpritLocation->frame())) {
|
| + // From accessible frames or same origin, return culprit location URL.
|
| + return std::make_pair(kSameOriginAttribution,
|
| + culpritLocation->frame()->domWindow());
|
| }
|
| - return "cross-origin";
|
| + // For cross-origin, if the culprit is the descendant or ancestor of
|
| + // observer then indicate the *closest* cross-origin frame between
|
| + // the observer and the culprit, in the corresponding direction.
|
| + if (culpritLocation->frame()->tree().isDescendantOf(observerFrame)) {
|
| + // If culprit is a descendant of the observer, then walk up the tree from culprit
|
| + // to observer, and report the *last* cross-origin (from observer) frame.
|
| + // If no intermediate cross-origin frame is found, then report the culprit directly.
|
| + Frame* lastCrossOriginFrame = culpritLocation->frame();
|
| + for (Frame* frame = culpritLocation->frame(); frame != observerFrame;
|
| + frame = frame->tree().parent()) {
|
| + if (!canAccessOrigin(observerFrame, frame)) {
|
| + lastCrossOriginFrame = frame;
|
| + }
|
| + }
|
| + return std::make_pair(kDescendantAttribution,
|
| + lastCrossOriginFrame->domWindow());
|
| + }
|
| + if (observerFrame->tree().isDescendantOf(culpritLocation->frame())) {
|
| + return std::make_pair(kAncestorAttribution, nullptr);
|
| + }
|
| + return std::make_pair(kCrossOriginAttribution, nullptr);
|
| }
|
|
|
| DEFINE_TRACE(InspectorWebPerfAgent) {
|
|
|
Chromium Code Reviews
Issue 2386403002:
Pass DOMWinow to PerformanceLongTaskTiming for attribution (Closed)
