content/renderer/render_frame_impl.cc - Issue 2442793002: Extra browser-side validation of transferred_request_child_id / request_id.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/renderer/render_frame_impl.cc

Issue 2442793002: Extra browser-side validation of transferred_request_child_id / request_id. (Closed)

Patch Set: Rebasing... (renumbering bad_message.h) Created 4 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: content/renderer/render_frame_impl.cc

diff --git a/content/renderer/render_frame_impl.cc b/content/renderer/render_frame_impl.cc

index 3a26bb55bf5c717fe77f9e30ebd92979c8be6e6f..caca60abeee5f7cd713fec1ad4545be33a7ed7c3 100644

--- a/content/renderer/render_frame_impl.cc

+++ b/content/renderer/render_frame_impl.cc

@@ -4227,12 +4227,6 @@ void RenderFrameImpl::willSendRequest(blink::WebLocalFrame* frame,

navigation_state->common_params().allow_download);

extra_data->set_transition_type(transition_type);

extra_data->set_should_replace_current_entry(should_replace_current_entry);

- // TODO(lukasza): https://crbug.com/656179: Navigational things (e.g.

- // StartNavigationParams) should not apply to subresource requests.

- extra_data->set_transferred_request_child_id(

- navigation_state->start_params().transferred_request_child_id);

- extra_data->set_transferred_request_request_id(

- navigation_state->start_params().transferred_request_request_id);

extra_data->set_service_worker_provider_id(provider_id);

extra_data->set_stream_override(std::move(stream_override));

bool is_prefetch =

@@ -4244,6 +4238,17 @@ void RenderFrameImpl::willSendRequest(blink::WebLocalFrame* frame,

WebString error;

extra_data->set_initiated_in_secure_context(

frame->document().isSecureContext(error));

+ // Renderer process transfers apply only to navigational requests.

+ bool is_navigational_request =

+ request.getFrameType() != WebURLRequest::FrameTypeNone;

+ if (is_navigational_request) {

+ extra_data->set_transferred_request_child_id(

+ navigation_state->start_params().transferred_request_child_id);

+ extra_data->set_transferred_request_request_id(

+ navigation_state->start_params().transferred_request_request_id);

+ }

request.setExtraData(extra_data);

if (request.getLoFiState() == WebURLRequest::LoFiUnspecified) {

@@ -4267,8 +4272,8 @@ void RenderFrameImpl::willSendRequest(blink::WebLocalFrame* frame,

// to subresource requests). For example - Content-Type header provided via

// OpenURLParams::extra_headers should only be applied to the original POST

// navigation request (and not to subresource requests).

- if (!navigation_state->start_params().extra_headers.empty() &&

- request.getFrameType() != WebURLRequest::FrameTypeNone) {

+ if (is_navigational_request &&

+ !navigation_state->start_params().extra_headers.empty()) {

for (net::HttpUtil::HeadersIterator i(

navigation_state->start_params().extra_headers.begin(),

navigation_state->start_params().extra_headers.end(), "\n");

« no previous file with comments | « content/browser/loader/resource_dispatcher_host_impl.cc ('k') | no next file » | no next file with comments »