OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc
e-loading | 5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc
e-loading |
6 | 6 |
7 #include "content/browser/loader/resource_dispatcher_host_impl.h" | 7 #include "content/browser/loader/resource_dispatcher_host_impl.h" |
8 | 8 |
9 #include <stddef.h> | 9 #include <stddef.h> |
10 | 10 |
(...skipping 2673 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2684 << request_data.url.possibly_invalid_spec(); | 2684 << request_data.url.possibly_invalid_spec(); |
2685 return false; | 2685 return false; |
2686 } | 2686 } |
2687 | 2687 |
2688 // Check if the renderer is using an illegal Origin header. If so, kill it. | 2688 // Check if the renderer is using an illegal Origin header. If so, kill it. |
2689 std::string origin_string; | 2689 std::string origin_string; |
2690 bool has_origin = | 2690 bool has_origin = |
2691 headers.GetHeader("Origin", &origin_string) && origin_string != "null"; | 2691 headers.GetHeader("Origin", &origin_string) && origin_string != "null"; |
2692 if (has_origin) { | 2692 if (has_origin) { |
2693 GURL origin(origin_string); | 2693 GURL origin(origin_string); |
2694 if (!policy->CanCommitURL(child_id, origin)) { | 2694 if (!policy->CanSetAsOriginHeader(child_id, origin)) { |
2695 VLOG(1) << "Killed renderer for illegal origin: " << origin_string; | 2695 VLOG(1) << "Killed renderer for illegal origin: " << origin_string; |
2696 bad_message::ReceivedBadMessage(filter, bad_message::RDH_ILLEGAL_ORIGIN); | 2696 bad_message::ReceivedBadMessage(filter, bad_message::RDH_ILLEGAL_ORIGIN); |
2697 return false; | 2697 return false; |
2698 } | 2698 } |
2699 } | 2699 } |
2700 | 2700 |
2701 // Check if the renderer is permitted to upload the requested files. | 2701 // Check if the renderer is permitted to upload the requested files. |
2702 if (request_data.request_body.get()) { | 2702 if (request_data.request_body.get()) { |
2703 const std::vector<ResourceRequestBodyImpl::Element>* uploads = | 2703 const std::vector<ResourceRequestBodyImpl::Element>* uploads = |
2704 request_data.request_body->elements(); | 2704 request_data.request_body->elements(); |
(...skipping 14 matching lines...) Expand all Loading... |
2719 << iter->filesystem_url().spec(); | 2719 << iter->filesystem_url().spec(); |
2720 return false; | 2720 return false; |
2721 } | 2721 } |
2722 } | 2722 } |
2723 } | 2723 } |
2724 } | 2724 } |
2725 return true; | 2725 return true; |
2726 } | 2726 } |
2727 | 2727 |
2728 } // namespace content | 2728 } // namespace content |
OLD | NEW |