Chromium Code Reviews Chromium Code Reviews
Issue 2528813002:
Fix Self-Referencing OOPIF Infinite Loop (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/frame_host/navigation_handle_impl.h" | 5 #include "content/browser/frame_host/navigation_handle_impl.h" |
| 6 | 6 |
| 7 #include "base/debug/dump_without_crashing.h" | 7 #include "base/debug/dump_without_crashing.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "content/browser/appcache/appcache_navigation_handle.h" | 9 #include "content/browser/appcache/appcache_navigation_handle.h" |
| 10 #include "content/browser/appcache/appcache_service_impl.h" | 10 #include "content/browser/appcache/appcache_service_impl.h" |
| (...skipping 420 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 431 if (method_ == "POST") | 431 if (method_ == "POST") |
| 432 resource_request_body_ = resource_request_body; | 432 resource_request_body_ = resource_request_body; |
| 433 sanitized_referrer_ = sanitized_referrer; | 433 sanitized_referrer_ = sanitized_referrer; |
| 434 has_user_gesture_ = has_user_gesture; | 434 has_user_gesture_ = has_user_gesture; |
| 435 transition_ = transition; | 435 transition_ = transition; |
| 436 is_external_protocol_ = is_external_protocol; | 436 is_external_protocol_ = is_external_protocol; |
| 437 request_context_type_ = request_context_type; | 437 request_context_type_ = request_context_type; |
| 438 state_ = WILL_SEND_REQUEST; | 438 state_ = WILL_SEND_REQUEST; |
| 439 complete_callback_ = callback; | 439 complete_callback_ = callback; |
| 440 | 440 |
| 441 if (IsSelfReferentialURL()) { | |
| 442 state_ = CANCELING; | |
| 443 RunCompleteCallback(NavigationThrottle::CANCEL); | |
| 444 return; | |
| 445 } | |
| 446 | |
| 441 RegisterNavigationThrottles(); | 447 RegisterNavigationThrottles(); |
| 442 | 448 |
| 443 if (IsBrowserSideNavigationEnabled()) | 449 if (IsBrowserSideNavigationEnabled()) |
| 444 navigation_ui_data_ = GetDelegate()->GetNavigationUIData(this); | 450 navigation_ui_data_ = GetDelegate()->GetNavigationUIData(this); |
| 445 | 451 |
| 446 // Notify each throttle of the request. | 452 // Notify each throttle of the request. |
| 447 NavigationThrottle::ThrottleCheckResult result = CheckWillStartRequest(); | 453 NavigationThrottle::ThrottleCheckResult result = CheckWillStartRequest(); |
| 448 | 454 |
| 449 // If the navigation is not deferred, run the callback. | 455 // If the navigation is not deferred, run the callback. |
| 450 if (result != NavigationThrottle::DEFER) | 456 if (result != NavigationThrottle::DEFER) |
| (...skipping 17 matching lines...) Expand all Loading... | |
| 468 response_headers_ = response_headers; | 474 response_headers_ = response_headers; |
| 469 connection_info_ = connection_info; | 475 connection_info_ = connection_info; |
| 470 was_redirected_ = true; | 476 was_redirected_ = true; |
| 471 redirect_chain_.push_back(new_url); | 477 redirect_chain_.push_back(new_url); |
| 472 if (new_method != "POST") | 478 if (new_method != "POST") |
| 473 resource_request_body_ = nullptr; | 479 resource_request_body_ = nullptr; |
| 474 | 480 |
| 475 state_ = WILL_REDIRECT_REQUEST; | 481 state_ = WILL_REDIRECT_REQUEST; |
| 476 complete_callback_ = callback; | 482 complete_callback_ = callback; |
| 477 | 483 |
| 484 if (IsSelfReferentialURL()) { | |
| 485 state_ = CANCELING; | |
| 486 RunCompleteCallback(NavigationThrottle::CANCEL); | |
| 487 return; | |
| 488 } | |
| 489 | |
| 478 // Notify each throttle of the request. | 490 // Notify each throttle of the request. |
| 479 NavigationThrottle::ThrottleCheckResult result = CheckWillRedirectRequest(); | 491 NavigationThrottle::ThrottleCheckResult result = CheckWillRedirectRequest(); |
| 480 | 492 |
| 481 // If the navigation is not deferred, run the callback. | 493 // If the navigation is not deferred, run the callback. |
| 482 if (result != NavigationThrottle::DEFER) | 494 if (result != NavigationThrottle::DEFER) |
| 483 RunCompleteCallback(result); | 495 RunCompleteCallback(result); |
| 484 } | 496 } |
| 485 | 497 |
| 486 void NavigationHandleImpl::WillProcessResponse( | 498 void NavigationHandleImpl::WillProcessResponse( |
| 487 RenderFrameHostImpl* render_frame_host, | 499 RenderFrameHostImpl* render_frame_host, |
| (...skipping 312 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 800 if (ancestor_throttle) | 812 if (ancestor_throttle) |
| 801 throttles_.push_back(std::move(ancestor_throttle)); | 813 throttles_.push_back(std::move(ancestor_throttle)); |
| 802 | 814 |
| 803 if (throttles_to_register.size() > 0) { | 815 if (throttles_to_register.size() > 0) { |
| 804 throttles_.insert(throttles_.begin(), throttles_to_register.begin(), | 816 throttles_.insert(throttles_.begin(), throttles_to_register.begin(), |
| 805 throttles_to_register.end()); | 817 throttles_to_register.end()); |
| 806 throttles_to_register.weak_clear(); | 818 throttles_to_register.weak_clear(); |
| 807 } | 819 } |
| 808 } | 820 } |
| 809 | 821 |
| 822 bool NavigationHandleImpl::IsSelfReferentialURL() { | |
| 823 // about: URLs should be exempted since they are reserved for other purposes | |
| 824 // and cannot be the source of infinite recursion. BUG=341858 | |
|
alexmos
2017/01/06 02:27:29
nit: For referencing bug numbers, it's more common
davidsac (gone - try alexmos)
2017/01/19 18:26:23
Done.
| |
| 825 if (url_.SchemeIs("about")) | |
| 826 return false; | |
| 827 | |
| 828 // Browser-triggered navigations should be exempted. | |
| 829 if (!is_renderer_initiated_) | |
| 830 return false; | |
| 831 | |
| 832 // We allow one level of self-reference because some sites depend on that, | |
| 833 // but we don't allow more than one. | |
| 834 bool found_self_reference = false; | |
| 835 for (const FrameTreeNode* node = frame_tree_node_->parent(); node; | |
| 836 node = node->parent()) { | |
| 837 url::Replacements<char> replacements; | |
|
alexmos
2017/01/06 02:27:29
I think this might become more readable if you dec
davidsac (gone - try alexmos)
2017/01/19 18:26:23
Done.
| |
| 838 replacements.ClearRef(); | |
| 839 replacements.ClearUsername(); | |
|
alexmos
2017/01/06 02:27:29
Why do you clear out username and password as well
davidsac (gone - try alexmos)
2017/01/19 18:26:23
Done.
| |
| 840 replacements.ClearPassword(); | |
| 841 if (node->current_url().ReplaceComponents(replacements) == | |
| 842 url_.ReplaceComponents(replacements)) { | |
| 843 if (found_self_reference) { | |
|
alexmos
2017/01/06 02:27:29
nit: { not necessary
davidsac (gone - try alexmos)
2017/01/19 18:26:23
Done.
| |
| 844 return true; | |
| 845 } | |
| 846 found_self_reference = true; | |
| 847 } | |
| 848 } | |
| 849 return false; | |
| 850 } | |
| 851 | |
| 810 } // namespace content | 852 } // namespace content |
| OLD | NEW |
