Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(516)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/frame_host/render_frame_host_manager.cc

Issue 2399853003: [M54 merge] Lock down creation of blob:chrome-extension URLs from non-extension processes. (Closed)
Patch Set: Rebase Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/browser/frame_host/frame_tree_browsertest.cc ('k') | content/browser/loader/resource_dispatcher_host_impl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/frame_host/render_frame_host_manager.h" 5 #include "content/browser/frame_host/render_frame_host_manager.h"
6 6
7 #include <stddef.h> 7 #include <stddef.h>
8 8
9 #include <algorithm> 9 #include <algorithm>
10 #include <utility> 10 #include <utility>
(...skipping 1447 matching lines...) Expand 10 before | Expand all | Expand 10 after
1458 1458
1459 // Don't swap processes for extensions embedded in DevTools. See 1459 // Don't swap processes for extensions embedded in DevTools. See
1460 // https://crbug.com/564216. 1460 // https://crbug.com/564216.
1461 if (rfh->GetSiteInstance()->GetSiteURL().SchemeIs(kChromeDevToolsScheme)) { 1461 if (rfh->GetSiteInstance()->GetSiteURL().SchemeIs(kChromeDevToolsScheme)) {
1462 // TODO(nick): https://crbug.com/570483 Check to see if |dest_url| is a 1462 // TODO(nick): https://crbug.com/570483 Check to see if |dest_url| is a
1463 // devtools extension, and swap processes if not. 1463 // devtools extension, and swap processes if not.
1464 return false; 1464 return false;
1465 } 1465 }
1466 1466
1467 BrowserContext* context = rfh->GetSiteInstance()->GetBrowserContext(); 1467 BrowserContext* context = rfh->GetSiteInstance()->GetBrowserContext();
1468 GURL effective_url = SiteInstanceImpl::GetEffectiveURL(context, dest_url);
1469
1470 // TODO(nasko, nick): These following --site-per-process checks are 1468 // TODO(nasko, nick): These following --site-per-process checks are
1471 // overly simplistic. Update them to match all the cases 1469 // overly simplistic. Update them to match all the cases
1472 // considered by DetermineSiteInstanceForURL. 1470 // considered by DetermineSiteInstanceForURL.
1473 if (IsCurrentlySameSite(rfh, dest_url)) { 1471 if (IsCurrentlySameSite(rfh, dest_url)) {
1474 // The same site, no transition needed for security purposes, and we must 1472 // The same site, no transition needed for security purposes, and we must
1475 // keep the same SiteInstance for correctness of synchronous scripting. 1473 // keep the same SiteInstance for correctness of synchronous scripting.
1476 return false; 1474 return false;
1477 } 1475 }
1478 1476
1479 // The sites differ. If either one requires a dedicated process, 1477 // The sites differ. If either one requires a dedicated process,
1480 // then a transfer is needed. 1478 // then a transfer is needed.
1481 if (rfh->GetSiteInstance()->RequiresDedicatedProcess() || 1479 if (rfh->GetSiteInstance()->RequiresDedicatedProcess() ||
1482 SiteInstanceImpl::DoesSiteRequireDedicatedProcess(context, 1480 SiteInstanceImpl::DoesSiteRequireDedicatedProcess(context,
1483 effective_url)) { 1481 dest_url)) {
1484 return true; 1482 return true;
1485 } 1483 }
1486 1484
1487 if (SiteIsolationPolicy::IsTopDocumentIsolationEnabled() && 1485 if (SiteIsolationPolicy::IsTopDocumentIsolationEnabled() &&
1488 (!frame_tree_node_->IsMainFrame() || 1486 (!frame_tree_node_->IsMainFrame() ||
1489 rfh->GetSiteInstance()->is_default_subframe_site_instance())) { 1487 rfh->GetSiteInstance()->is_default_subframe_site_instance())) {
1490 // Always attempt a transfer in these cases. 1488 // Always attempt a transfer in these cases.
1491 return true; 1489 return true;
1492 } 1490 }
1493 1491
(...skipping 1204 matching lines...) Expand 10 before | Expand all | Expand 10 after
2698 resolved_url)) { 2696 resolved_url)) {
2699 DCHECK(!dest_instance || 2697 DCHECK(!dest_instance ||
2700 dest_instance == render_frame_host_->GetSiteInstance()); 2698 dest_instance == render_frame_host_->GetSiteInstance());
2701 return false; 2699 return false;
2702 } 2700 }
2703 2701
2704 return true; 2702 return true;
2705 } 2703 }
2706 2704
2707 } // namespace content 2705 } // namespace content
OLDNEW
« no previous file with comments | « content/browser/frame_host/frame_tree_browsertest.cc ('k') | content/browser/loader/resource_dispatcher_host_impl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698